Endpoint Security and Control provides scanning for a wide range of common adware and potentially unwanted applications (PUAs) on Windows 2000 and more recent operating systems.
Potentially Unwanted Application (PUA) is a term used to describe applications that, while not malicious, are generally considered unsuitable for business networks. The major PUA classifications are:
- non-malicious spyware
- remote administration tools
- hacking tools
However, certain applications that can fall into the PUA category might be considered useful by some users.
How do I obtain up to date protection?
The latest PUA detection is incorporated in the IDE files that provide regular updates to your anti-virus software.
Does PUA scanning automatically remove applications?
PUA scanning will inform you which applications have been found. You can then configure your anti-virus policies to allow or remove applications on this list. This gives you full control over what is available to users, enabling you to retain or remove individual applications as required.
If appropriate, you can configure this on a group by group basis, so that some groups retain access to these applications and others have them removed.
Sophos recommends deploying PUA protection in stages across your network. This will allow you the opportunity to assess the threat posed to your system, decide on appropriate action, and reduce the likelihood of disruption to users.
Refer to the following knowledgebase article for a rollout strategy: