There has to be a way to export a searchable index of all controlled appliactions, along with pertinent details (i.e. category, date added to control, etc.). Within the SEC, if you don't know what category the application is listed under, you can spend a long time clicking and hunting for a specific application. (And let's be honest here, some of the application category assignments are odd.) This makes it extremely time-consuming to build custom, fine-grained policies or to quickly answer questions on what is allowed and not.
- Yes, I know of the list site (http://www.sophos.com/en-us/threat-center/threat-analyses/controlled-applications.aspx), but it has the same problems you run into within SEC.
- Yes, I know there is a thread of the monthly updates, but that is not something that can be handed to an auditor, or senior level executivel.
If this cannot be obtained from the database, why not attach a spreadsheet to the monthly update thread and update the spreadsheet instead of listing the new applciations in a forum post?
Come on, Sophos, get your act together on this. When the COO of a $1B company asks me to block an application, or wants to know if an application is blocked, do you realize how amateurish it looks for me to have to hunt and peck through a console to try to find him an answer? Sure, I can get the information. But most IT departments run very thin (including mine) and I simply do not have the time to dedicate to this level of software management. That's one reason we purchased your products. So help us out. You've got to keep this list somewhere, right? I assume you have some sort of change management, where update requests are tracked. Why not make it public?
This thread was automatically locked due to age.
