Sophos Anti-Virus for Windows 2000+: how to get additional applications listed in Application Control

  • Artikel-ID: 35330
  • Aktualisiert: 17 Okt 2014

What is Application Control?
Application Control is a Sophos security policy that can be used to control the use of unauthorised applications on your network.

What sorts of Applications can be controlled?
The latest list of applications that can be controlled can be found at

The list includes peer-to-peer networking applications, instant messaging programs and certain games, as well as many more types of applications.

I am trying to control the use of an application that is not listed in the list of applications in Enterprise Console. How can I recommend it to Sophos?

If there is a legitimate application that you would like to control on your network and it is not listed at the Controlled Applications site, you can submit a request using the online Application Control submission form: On the second page, you will be asked to include the application name and relevant details.

Please be advised that there is no guarantee that your request will be implemented. The request will be assessed along with others received, and the decision will be made by the management team.

Are there any applications that are blocked by default?
Sophos cannot create a default list of blocked applications, since there are many legitimate uses for applications that some companies may need. Furthermore, we can't advise you about which applications to block: the control of applications should form part of your IT policy.

Doesn't Windows allow me to control the applications that are used on my network?
Not necessarily. While you can control the Windows games from being installed on a computer, Windows provides no way of blocking installed applications from running.

Do you have any tips for implementing an Application Control policy on my network?
The Policy Setup Guide is an excellent resource for planning and rolling out your policies. Aside from that we can offer a few tips:

  • When you enable scheduled scanning for applications in the Application Control policy, you also have to set up an Anti-Virus and HIPS policy that includes a scheduled scan. You then have to apply both of these policies to the groups of computers that you would like to scan.
  • Similarly, when you enable on-access scanning for applications in the Application Control policy, you must also apply an Anti-Virus and HIPS policy that has on-access scanning enabled to the same group of computers.
  • Before deploying a new Application Control policy, explain to your users which applications will be controlled. This may help to reduce the initial impact on your company's IT support resources, when users find some applications are no longer available.
  • Different groups of users will need different policies. For example, staff who use the telephone a lot may need an instant messaging program, while other staff will not. Take this into account when planning your policies.
  • Deploy the application control policy across your network group by group. To make further policies, duplicate your original policy and edit it before assigning it to a group.

Wenn Sie weitere Informationen oder Unterstützung benötigen, wenden Sie sich bitte an den technischen Support.

Artikel bewerten

Ungenügend Hervorragend