Hi,
SEP does allow every software internet access by default as per firewall rule nuber 25.
You can change the action from 'Allow' to 'Ask'.
Or else
You can configure the client to detect and monitor any application that runs on the client computer and that is networked. Network applications send and receive traffic. The client detects whether an application's content changes.
An application's content changes for the following reasons:
- A Trojan horse attacked the application.
- The application was updated with a new version or an update.
If you suspect that a Trojan horse has attacked an application, you can use network application monitoring to configure the client to block the application. You can also configure the client to ask users whether to allow or block the application.
You may want to disable network application monitoring if you are confident that the client computers receive adequate protection from Antivirus and Antispyware Protection. You may also want to minimize the number of notifications that ask users to allow or block a network application.