Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 11917 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Control List

Andre

Good morning,

I'm reviewing the application control policy in preparation for the Sophos upgrade to the latest version. Instead of having to manually write everything down from the Application Types window, I was wondering if maybe you would already have everything in a list? I've tried searching the website but didn't find anything, then I found out there were also forums :)

Would any list with the Application Controlled applications exist?

Thank you

Andre

:5624


This thread was automatically locked due to age.
Parents
  • 0

    Hello John,

    I never accused you of hiding, btw :smileywink:.

    The proposal is to enable each category to be set to either "block" or "monitor"

    What's the rationale to do it on the category level and not per-application?  For one thing you might want to use a "soft" policy for certain categories like Toolbars where you definitely want to block some, monitor most of the (rarely used) rest and authorize the remaining acceptable ones (for which you don't want to see an alert). Then there's the All added by Sophos catch-all entry which you might want to monitor while generally using block in the category.

    Other changes ... well, the option to use a hyperlink in the custom message has already been mentioned - ideally if it were possible to include the application name in the URL (like http://www.some.com/internal/application%20policies#$AppName$ which will result in http://www.some.com/internal/application%20policies#Another%20Toolbar - I'm using a reference as it is more tolerant). Carrying on this thought - how about an optional "monitoring message" to the user? Right now a message is displayed only when an application is actually blocked (which most of the time makes sense). Of course it should be different from the blocked message.

    An open question is to what extent Application Control also verifies an application. Incidentally I've been asked a few days ago whether Application Control would also identify a "non-genuine" version (actually the question was whether Application Control positively identifies an application like SCF can do).    

    Christian

    :5703
Reply
  • 0

    Hello John,

    I never accused you of hiding, btw :smileywink:.

    The proposal is to enable each category to be set to either "block" or "monitor"

    What's the rationale to do it on the category level and not per-application?  For one thing you might want to use a "soft" policy for certain categories like Toolbars where you definitely want to block some, monitor most of the (rarely used) rest and authorize the remaining acceptable ones (for which you don't want to see an alert). Then there's the All added by Sophos catch-all entry which you might want to monitor while generally using block in the category.

    Other changes ... well, the option to use a hyperlink in the custom message has already been mentioned - ideally if it were possible to include the application name in the URL (like http://www.some.com/internal/application%20policies#$AppName$ which will result in http://www.some.com/internal/application%20policies#Another%20Toolbar - I'm using a reference as it is more tolerant). Carrying on this thought - how about an optional "monitoring message" to the user? Right now a message is displayed only when an application is actually blocked (which most of the time makes sense). Of course it should be different from the blocked message.

    An open question is to what extent Application Control also verifies an application. Incidentally I've been asked a few days ago whether Application Control would also identify a "non-genuine" version (actually the question was whether Application Control positively identifies an application like SCF can do).    

    Christian

    :5703
Children
No Data
Unfiltered HTML