Remove endpoint device from Sophos Central

RE: Remove endpoint device from Sophos Central

Gregory Shearer — Mon, 28 Jan 2019 21:27:56 GMT

Thanks for the additional information. I have voted.

We are an educational institution with a one-to-one laptop program. As such, when students graduate, they can take the laptop with them. This means about 190 clients suddenly leave our domain each year. It is just not feasible to send them all a passcode for the TP. From the start, it seemed odd that TP is a global setting rather than a group policy. This only encourages organizations to keep the feature disabled. I initially had TP enabled, but quickly realized how problematic it was for the IT support, so I fairly quickly disabled it.

RE: Remove endpoint device from Sophos Central

Gowtham Mani — Mon, 28 Jan 2019 17:13:33 GMT

Hi Gregory Shearer

The clients that were removed from the Central dashboard will not automatically re-register back again. However, you can manually make it re-register as mentioned here.

Having the Tamper protection disabled for all the client is not something I would advise, it leaves the client vulnerable and modern threats are very much capable of removing or corrupting the AV files. Regarding the tamper protection as a policy, we already have a feature request. Please vote for it so that it might be taken into consideration by the respective team.

RE: Remove endpoint device from Sophos Central

Gregory Shearer — Mon, 28 Jan 2019 14:17:57 GMT

Thank you for your response, Gowtham. I posted my question, because I was informed by Sophos that, if I removed a device from our SC account, it would simply return, when the client computer next updates. If I understand you correctly, your response indicates that is not true.

Regarding your statement about tamper protection. I do not enable this feature, because doing so makes it just not logistically possible to inform all users about their tamper protection password. It would be nice, as I have stated in feedback, to have the tamper protection be a policy rather than a universal option, so I could put accounts into it to enable the owners of the computers to remove the application without a password.

Best,

Gregory

RE: Remove endpoint device from Sophos Central

Gowtham Mani — Sat, 26 Jan 2019 05:22:31 GMT

Hi Gregory Shearer

If your objective is to save the license count, you may simply remove the respective client computer and the user entry from the Sophos Central Dashboard. (The clients can longer be managed by you and it will not re-register automatically to the central account). Once the clients & user are removed, the license count should be restored within 24-48 hours.

Once you have removed the client entry, over a period of time the client computer will stop receiving the definitions and eventually the end user would have to remove or get a new license.

Note: make sure you disable the tamper protection or share the tamper protection password to the respective user before removing the client entry.