Track Network Connections - New policy setting - Release Notes & News - Sophos Endpoint

1 Nov 2020

Hi all,

We are releasing a new policy setting to all customer on the w/c 2nd November, 'Track Network Connections'. This will be in the Advanced Settings section of the Threat Protection policy

We plan to enable this new feature gradually over four weeks; it will help our detection of malicious behavior by allowing our rules to monitor network flows. There is nothing you need to do for this enablement, however, if you wish to control its activation, you should disable the feature in policy. You can then control its activation as the next time it is set in policy, it will be enabled for devices which that policy applies to.

StephenMcKay over 2 years ago in reply to Daniel Kirin

Indirectly; we record information about the start of TCP and UDP ‘network flows’ from an endpoint, for use with the features mentioned above
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
Blake Gaubert over 2 years ago in reply to Thomas Hackmann

I agree with this!
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
Daniel Kirin over 2 years ago

Hi, does this track lateral network connections between endpoints?
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
StephenMcKay over 2 years ago in reply to Vinita Hall

Hi Vinita, the reboot notification is likely due to an Intercept X update, it will not be related to this change - this is a policy change only The settings are in the Sophos Central policy pages, there is no local UI policy for this
- Cancel
- Vote Up +1 Vote Down
- Sign in to reply
- More
- Cancel
Vinita Hall over 2 years ago

I just received a reboot notification on my desktop. How do I confirm this is the same information? Also, where do I find the Advanced Settings information as demonstrated above? I do not see this on my desktop user interface. Thanks.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel