i installed server endpoint protection on our exchange server 2013 and in the end I had to remove it because it crippled it practically crippled the server, I read that sophos had a template to exclude files automatically but I feel that there was more going on, and in the end I had to use the sophos zap tool to remove the application....
is there any more guidance on exclusion and recommendations to put in place before i attempt to put the sophos endpoint protection back on
Is this Sophos Central managed?
It is yea or was before I had to remove the agent
By default auto-exclusions are enabled. They are calculated at the server and then reported back to Central. Did it get as far as reporting them back?
Does the entry for the server still exist in Sophos Central? If you look at the exclusions for the server, are they all there and correct?
The other option I suppose would be to install with many of the features disabled in the linked threat protection policy. If you still have the record in Central for the computer, you could configure the policy now. Then install again, when the server registers, it will get back the same endpoint id, it will get the policy as defined pretty quickly.Does it work ok with the features disabled? You can then slowly enable them.
I have an old Exchange 2013 record in my Central account, the exclusions get reported as the source:"Automatic: Microsoft Exchange Server 2013 Service Pack 1"
Did it get this far?