Managed Applications

With security restrictions on Applications, you can prevent unauthorized applications and executables from being used in the user workspace. This prevents potentially harmful applications and executables from causing damage.

Only applications that are made available to the user through Workspace Control are authorized. All other applications are unauthorized, and are prevented from starting.
Users are prevented from running executables that they received through e-mail or Internet. This prevents potentially dangerous executables containing viruses, spyware and malware from contaminating the corporate network.
Users are prevented from using advanced commands in the command box.

You can configure Managed Application Security on a global level at Security > Applications > Managed Application, and on application level at Composition > Applications, on the application's Security > Authorized Files tab.

File types other than executables (for example PDF, DOC or VBS) are accessible by default. You can block these file types (and folders) by configuring security restrictions on Files and Folders. See Files and Folders security.
The Workspace Control Agent for Linux and Apple Mac OS X supports the Managed Applications Security feature, providing the capability to allow or block executables in user sessions based on Authorized Files with MD5, SHA-1, and SHA-256 file hashes.