Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 1073 views
  • Users 0 members are here
Options
Suggested

Block Log4j as an application in Sophos central

itguy318

As a Sophos central customer is it possible to block Log4j as an blocked application using an application policy. 

I have clients with a firewall policy to block all incoming connections and don't have XDR subscription and cant run scripts to detect Log4j remotely.

Just wondering if Sophos application filter can be used to block it. Thanks 

  • 0

    Hello itguy, 

    Thank you for reaching out to the Sophos Community Forum. 

    Checking the current list present, I do not see "Apache" or "Log4j" listed in the controlled applications list. If you would like to see Apache detected, I recommend sending in an Application Control Request using the following link. 
    - Application Control Request 

    The file you’ll need to submit is the "httpd.exe" file. Matching is done primarily based on the executable name as well as file hash. If you wish for all previous versions of httpd.exe to be detected, I'd recommend sending in the corresponding exe versions for analysis.