This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Add an exeption for device control manually + documentation

Hello all,
is there no way to add the instance ID of a device manually?
First blocking the stick being a requirement is very unpractical for bigger companies.
The documentation of the exemptions is also very bad, after you made an exeption you dont see:

  • when was it made
  • which model was it
  • who was the person using it

There is definitly a lot of programming to do on your side, so that this feature is acceptable according to safety regulations.

I also saw a post from someone asking to implement a field for notes here.
Sadly he was just ignored and his post was closed after one year...

For now please let me know if there is any way to add an exeption without the requirement of inserting the specific device.
Without this we cannot smoothly handle the transition to encrypted storage devices...

Please do not ignore me like the other guy.

Best regards
Adrian



This thread was automatically locked due to age.
Parents
  • Hi Adrian,

    Thanks for reaching out to us. 

    It is not possible to add devices to the peripheral exemptions list before they have been detected by the endpoints. The Sophos Endpoint software installed on the local devices will report back what is found when peripherals are plugged in. Only once they are present in Sophos Central will you be able to define an exclusion for the peripheral. 

    It is recommended to leave this in "Monitor" mode when you are first rolling out the feature so that the list can be populated first.  

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • FormerMember
    0 FormerMember in reply to Qoosh

    Also, a good practice is to have a test machine that has this set to monitor in a separate policy. That way you can harvest the IDs of new devices by plugging them into the test machine.

Reply
  • FormerMember
    0 FormerMember in reply to Qoosh

    Also, a good practice is to have a test machine that has this set to monitor in a separate policy. That way you can harvest the IDs of new devices by plugging them into the test machine.

Children
No Data