This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Window Updates fail

Windows updates will fail to load and virus protection will stop working when safeguard is installed. We uninstall SGN Client and all returns to normal. Any ideas of what would cause this?



This thread was automatically locked due to age.
Parents Reply
  • Sorry Brian - A busy week and I didn't get back to you. Are you using the full Defender/ATP MEM product or just the "free"/in-built one? Are you saying now that Defender won't run while SafeGuard is installed? Have you set any policies in Defender that may interfere with SafeGuard? Are you running any File encryption policies on the affected workstations - AND are you actively using File Encryption, or are you just managing BitLocker with SafeGuard?

Children
  • Enterprise version of defender. Defender will run for a while then it will stop services and will not update. After safeguard is removed updates work for defender and it will scan. We are using file encryption actively and using file encryption policies.  

  • Thanks for that Brian - If you're using File Encryption then I would add that path to the exclude policies - to be ignored. It would be likely the SafeGuard is trying to interrogate/encrypt that location and this is causing an issue for Defender. I had a similar issue with OneDrive - not AV related but strange anomalies with OneDrive and File Encryption. Missing/deleted files was common. 

    In the console - Go to Polices. Create a test group and then assign the policy to this group to test - Don't apply to everyone yet until you can verify this resolves it.

    My OneDrive exclusion looks like this...You'll need something similar but using the path (s) you found 

    %OSDrive%\ProgramData\Microsoft\Windows Defender\Platform\*

    You can substitute the first bit of the path with <Program Data>

    So your exclude path for your test policy would be 

    <Program Data>\Microsoft\Windows Defender\Platform

  • We are so new to this. Our network admin is gone and we are trying to get this setup. We have add group in policy group and added a policy. How would we add a user and a computer to that group?

  • Hi Brian - It's a little long winded but....

    Right click your domain (or workgroup) and select New.

    Select Create New Group.

    Put a character at the beginning (this will make it appear higher on the tree and easier to find that wading through the whole directory)

    ".Test Defender Group"

    (Note don't use quotes and I used a "." at the beginning)

    Once created - Select the Member tab.

    Find your test machines and drag them into the window to make them members.

    Click SAVE (top left)

    Select the root of your domain (or workgroup) you wish to apply the policy to.

    Select the Policies Tab.

    Drag in your policy (or group of policies) in to the window.

    BEFORE you save - we now modify WHO that policy applies to. 

    REMOVE .Authenticated Computers AND .Authenticated Users. If you miss this step the policy will apply to ALL.

    Drag in the group you created earlier (Test Defender Group)

    Note the NO OVERRIDE means the policy WILL apply/force even it something else conflicts.

    You can then see if the policy has applied by finding your test machine (s) and using the RSOP tab - the resulting policy applied to the machine. A username won't be needed if you applied your policy to a computer object and not a user.

    Hope this helps?

  • After adding this it didn't work. We find nothing in the RSOP. 

  • If there’s nothing in the RSOP then the policy hasn’t applied. So either the group is wrong or it’s not in the group? 

    When you say there’s nothing there, you should be seeing the existing policies applied? 

  • can you provide a screen of the RSOP, the object, and the policy where it is applied in the tree.

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.