Enterprise Console allows you to set an application control policy for groups of computers so you can block or authorize programs. This article explains how to authorize (from the Enterprise Console policy) an application that has been previously blocked using a central policy and applied to an endpoint computer.
Note: You can only block/unblock an application from the central policy. Locally you can only enable or disable the feature - if you are a 'Sophos Administrator'. See the 'Technical Note' section below for more information.
Applies to the following Sophos product(s) Enterprise Console
Once the policy is received by the endpoint computer the previously blocked application will be allowed.
The only place where you can customize/change which applications are blocked and which are unblocked is from the central console, under the 'Application control' policy section. Locally on an endpoint computer you can only switch the feature off or on - but you must be a 'Sophos Administrator' to do this. You cannot customize the policy nor allow an application locally as the policy is set as per your IT administrator.
If you need to check which applications are blocked for a particular endpoint computer you should move to the Enterprise Console and review the policy. If this cannot be done you can open the machine.xml file in a text editor on the endpoint and search for either an application name which you believe is being blocked by Application Control or the phrase 'blockedAppCList' to find the beginning of the list of blocked applications as received from the central console.
Note: If you want to add an application that is not listed in the policy section you must request SophosLabs add the application.
Tous les commentaires envoyés sont lus par un membre de notre équipe. En revanche, nous ne répondons pas aux questions techniques spécifiques. Si vous avez besoin d'assistance technique, veuillez poser votre question sur notre communauté. Pour tous produits sous licence, veuillez ouvrir un incident support.