A computer already encrypted by other product encryption..how do I manage it through sophos.is it possible?
This thread was automatically locked due to age.
A computer already encrypted by other product encryption..how do I manage it through sophos.is it possible?
Hi SUBHASRI D
If you have installed any of the other product then Sophos Central Device Encryption or Sophos Safeguard on your machines, Sophos will not be able to manage it.
Sophos manages Bitlocker (for windows OS) and FileVault (for Mac OS) which are native encryption technologies provided by Microsoft and Apple respectively.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi Jasmin,
Thanks for the reply.And 1 more query can we encrypt a target machine without bit locker?
and Feature Difference between Standalone Bitlocker Encryption & Sophos + Bitlocker Encryption?
Can you explain in brief
Regards,
Subhasri
Hi SUBHASRI D
There are two products from Sophos available for encryption. Sophos Central device Encryption (CDE) and Sophos Safeguard Encryption (Safeguard).
CDE has the only volume-based encryption (or Full Disk Encryption). It is just a module which manages the Bitlocker and FileVault and keeps the recovery key of the volumes which are encrypted on the machines.
Safeguard provides Volume-based encryption and File encryption. Till Safeguard version 8.10, we had support to the Windows 7 systems where Bitlocker is not provided by Microsoft as native encryption. On those machines, we have our Encryption method to encrypt the drives but Windows 10 onwards BitLocker is default native encryption method provided by Microsoft, so Safeguard just manages it. From Safeguard version 8.20, you can only have Windows 10 support for this version.
File Encryption is continued in the version 8.20 which provides encryption for cloud-based files, local files, network mapped folders. File encryption doesn't use Bitlocker. It is done through the safeguard encryption method.
If you want to use simple BitLocker and volume-based encryption, you can go for Sophos central device encryption. If you want to have volume-based and file encryption both implemented in your organization, you can go for Safeguard Encryption which provides Bitlcoker and Sophos Encryption functionality for respective Encryption type.
For more information on Sophos Central Device Encryption, please refer to this article.
For more information on Sophos Safeguard, please refer to this article.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
It is possible to encrypt the drive with Safeguard till Safeguard version 8.10 for Windows 7 except Windows 7 enterprise and ultimate edition where Bitlocker is provided feature by Microsoft.
Could you please elaborate more about your question for endpoint?
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
okay...C if we have a user machine protected by sophos endpoint,the user has forgotten the password or he has left the organisation,in this case how will i recover the endpoint password??
And if a machine doesnt have bitlocker in it then how do i encrypt?
Hi SUBHASRI D
Tamper protection is only for the limited administration for Sophos Endpoint client not for the windows operating system.
If your user set the password on windows credential provider to enter into the OS, tamper protection can't do anything there. To turn off tamper protection password for the client, you can follow this article.
If the Machine without BitLocker is windows 7, it can be encrypted with Safeguard 8.10 version which has safeguard encryption for those machines.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
Tamper protection is only for the limited administration for Sophos Endpoint client not for the windows operating system.
If your user set the password on windows credential provider to enter into the OS, tamper protection can't do anything there. To turn off tamper protection password for the client, you can follow this article.
If the Machine without BitLocker is windows 7, it can be encrypted with Safeguard 8.10 version which has safeguard encryption for those machines.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
Yes, you can have a recovery key through the Sophos management centre.
Please refer to this document which has covered all the types of recovery scenarios.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
For the information regarding the Active Directory synchronization with Safeguard management center, please refer to this article. You can also refer anything regarding the Safeguard Enterprise in this article.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
Safeguard Enterprise doesn't have conventional SSO sign in as it is an enterprise-level tool which can not be accessible to everyone in the organization. Safeguard Management Centre is only accessible to the user which is only under the Security Officer tab.
If you have synchronized your Active Directory to Safeguard management centre, you can promote your AD user as Security Officer to provide access to the Safeguard Management Center. Please refer to this article to know the steps.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Hi SUBHASRI D
Please refer to this article which provides SQL queries for a few of the reports which are not available as reports in the Safeguard management center. Apart from that, you can refer to this article which explains about reports. You can navigate on the document through the panel in the left hand side.
Regards,
Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
You can also easily produce inventory logs from the server, which will show client drive state (encrypted/not) and also encryption type, device last seen etc. No SQL queries are needed for this - it's built into the console.
Hi,
Can you guide me through ,where can i find it in the console.
There is a tab for reports,but i need the logs of the users who are manged by safeguard management center.
Regards,
Subhasri