Windows updates will fail to load and virus protection will stop working when safeguard is installed. We uninstall SGN Client and all returns to normal. Any ideas of what would cause this?
win 10 1909 184.108.40.206. I have heard from one of our field techs and it is just windows av updates that it stops.
What version of encryption are you installing?
SGN and Central Device Encryption, there is no interaction that should prevent other items from updating.
Snr. New Product Introduction Engineer | CISSP | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
Any help would be greatly appreciated. Were are having to uninstall Safeguard for updates to virus protection to run and then reinstalling after it is done. This is causing virus protection to quit working, then you can't download anything because it can't be scanned by virus protection. We are having to do this process each week on some computers.
Sorry Brian - A busy week and I didn't get back to you. Are you using the full Defender/ATP MEM product or just the "free"/in-built one? Are you saying now that Defender won't run while SafeGuard is installed? Have you set any policies in Defender that may interfere with SafeGuard? Are you running any File encryption policies on the affected workstations - AND are you actively using File Encryption, or are you just managing BitLocker with SafeGuard?
Enterprise version of defender. Defender will run for a while then it will stop services and will not update. After safeguard is removed updates work for defender and it will scan. We are using file encryption actively and using file encryption policies.
This is what I have found. Would we have to update policies in safeguard ?
Thanks for that Brian - If you're using File Encryption then I would add that path to the exclude policies - to be ignored. It would be likely the SafeGuard is trying to interrogate/encrypt that location and this is causing an issue for Defender. I had a similar issue with OneDrive - not AV related but strange anomalies with OneDrive and File Encryption. Missing/deleted files was common.
In the console - Go to Polices. Create a test group and then assign the policy to this group to test - Don't apply to everyone yet until you can verify this resolves it.
My OneDrive exclusion looks like this...You'll need something similar but using the path (s) you found
You can substitute the first bit of the path with <Program Data>
So your exclude path for your test policy would be
<Program Data>\Microsoft\Windows Defender\Platform
We are so new to this. Our network admin is gone and we are trying to get this setup. We have add group in policy group and added a policy. How would we add a user and a computer to that group?
Hi Brian - It's a little long winded but....
Right click your domain (or workgroup) and select New.
Select Create New Group.
Put a character at the beginning (this will make it appear higher on the tree and easier to find that wading through the whole directory)
".Test Defender Group"
(Note don't use quotes and I used a "." at the beginning)
Once created - Select the Member tab.
Find your test machines and drag them into the window to make them members.
Click SAVE (top left)
Select the root of your domain (or workgroup) you wish to apply the policy to.
Select the Policies Tab.
Drag in your policy (or group of policies) in to the window.
BEFORE you save - we now modify WHO that policy applies to.
REMOVE .Authenticated Computers AND .Authenticated Users. If you miss this step the policy will apply to ALL.
Drag in the group you created earlier (Test Defender Group)
Note the NO OVERRIDE means the policy WILL apply/force even it something else conflicts.
You can then see if the policy has applied by finding your test machine (s) and using the RSOP tab - the resulting policy applied to the machine. A username won't be needed if you applied your policy to a computer object and not a user.
Hope this helps?
After adding this it didn't work. We find nothing in the RSOP.
If there’s nothing in the RSOP then the policy hasn’t applied. So either the group is wrong or it’s not in the group?
When you say there’s nothing there, you should be seeing the existing policies applied?
can you provide a screen of the RSOP, the object, and the policy where it is applied in the tree.