Hi,
Thank you for posting your query on Symantec community.
Actually SEP is by default configured to block all unwanted programs / applications inititated whether it's inhouse application or external application.
Symantec has created a policy that can be import into the Symantec Endpoint Protection Manager (SEPM). This policy is very powerful and offers significant zero day protection against new threats.
Refer the below article: Hardening Symantec Endpoint Protection (SEP) with an Application and Device Control Policy to increase security
http://www.symantec.com/docs/TECH132337