1. The purpose of
This article explains how to manage access to applications on a user’s Mac from Sophos Central.
Thegioifirewall prepares a Mac with MacOS Catalina, version 10.15.5, with Sophos Endpoint installed.
3. What should I do?
- Configuration of the application management policy in Sophos Central
4.1 Configuring the application management policy in Sophos Central
To set up application management, we go to the Sophos Central administration page with an administrator account and then to Protection Endpoint> Policies.
Click on Add Policy to add a new policy.
The Add Policy table appears and we select the following information:
- Function : Select Manage Applications from the drop-down menu.
- Type: We may choose to apply this policy to a user or device, in this article I choose device.
The table Creating a new IT policy appears, and we have to fill in the following information:
Name of the policy : Test_App_Control
- We select a computer that uses a Mac, here we select the MacOS15 computer in the Available Computers pane and click the right arrow to move it to the Assigned Computers pane.
Installing the signage:
First we need to click the Add/Remove list button to add the application we want to prohibit to the list.
Next, the Add/Edit nomination list table is displayed, with the left panel showing the nomination categories that Sophos supports and the right panel showing the nomination list under that category.
In this article we will prohibit users from using the Telegram Application. To add this application, we select the Instant Messaging category in the left column, the applications of this category appear in the right column.
We locate the Telegram application, highlight it and click Save in the list to complete the process.
After saving, you will see the Telegram application in the list.
We then click on the Detect controlled applications button when users open them, so that Sophos Central immediately detects the application and rejects it when users use it.
You can also prohibit the use of this application for a certain period of time by clicking on the Controlled Detection button for scheduled and on-demand scans.
Click on Save.
After configuring the policy, we go to the prepared macro and perform the test.
Turn on the Telegram application on your device and we will see the results as shown below.
Enable the Sophos endpoint application on your Mac. A logo is displayed indicating that Sophos Endpoint has blocked access to the telegram.
Then we check the logbook to make sure that Sophos Central is recording.
To view the log, go to Journals and Reports> General Journals> Events.
As a result, we see the log rules that are recorded when the user has violated the policy.
The log also provides very detailed information such as the date of the violation, the blocked path, the identity of the offending user…..
YOU MIGHT ALSO BE INTERESTED IN
sophos allow an application,sophos known applications,sophos keep it clean,data loss prevention on sophos central,application allow,protect against data loss sophos,sophos support,sophos central login,sophos antivirus,sophos xg firewall synchronized security,sophos synchronized security heartbeat,sophos xg disable security heartbeat,how to install sophos vpn client on mac,sophos macos legacy system extension,sophos endpoint mac download,some sophos services are not running mac,sophos uninstall mac,sophos macos big sur,sophos central application winword was blocked by an endpoint firewall,sophos endpoint application whitelisting,which is the function of application control in sophos,sophos central block exe,sophos control sites tagged in website management,sophos central web control,sophos central download