If you use the Application Control feature in Sophos Anti-Virus for Windows you are recommended to set up a scheduled scan for such applications.
You must enable scheduled scanning for Application Control in the Application Control policies, and configure the actual schedules in the 'Anti-virus and HIPS' policies.
For any group to which you want to apply such a scan, you must apply both of the following policies:
- an Application Control policy with scheduled scanning enabled
- an 'Anti-virus and HIPS' policy with the scheduled scan configured
Applies to the following Sophos product(s) and version(s)
Sophos Endpoint Security and Control
What To Do
Open Enterprise Console, and work through the following steps.
1. Identify the group(s) to which you want to apply the scheduled Application Control scan
- In the 'Groups' list, in the top left pane, right-click the group to which you want to apply the policy.
- From the '<Groupname> group details' dialog box, identify which policies are applied to that group. You will have to check/edit those policies to ensure they are configured to allow scheduled scanning for applications. If you prefer you can create new policies with the required configuration, which you can then assign to the group.
2. Configure the Application Control policy
- In the 'Policies' pane, double-click the Application Control policy which is applied to the group identified above.
- Select 'Enable on-demand and scheduled scanning for applications'.
- Click 'OK'.
3. Configure the 'Anti-virus and HIPS' policy
- In the 'Policies' pane, double-click the 'Anti-virus and HIPS' policy which is applied to the group identified above.
- Check the details of any scheduled scans configured for that policy. Ensure that these reflect the scheduling you require for your Application Control scans. If necessary, edit the policy or create a new one.
4. Apply the policies to the group
- To the group(s) you identified in step 1 above, assign the correct Application Control policy and 'Anti-virus and HIPS' policy.