This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Lock down Endpoint policies

Hi,

New to Sophos, have just installed EndPoint and pushed out the client and policies to all workstations. I have noticed that clients are able to make changes to the policies defined by the server on their local workstations throwing up a warning on the server that the policies do not match.

My question is, is there anyway to lock the policies pushed out to the clients to stop them making changes?

Thanks in advance for any assistance.

This thread was automatically locked due to age.

Parents

0 Nick_Evans over 14 years ago

Hi,
Sorry to hijack the thread but I'm having the exact same issue. Users are able to turn off Data Control, Firewall and Device control.
I've removed all domain accounts from the local and Sophos admins groups, restarted, reapplied policies and still I'm able to remove/modify policies.
Obviously I can just re-apply the policies from the console but it'd be better if we could prohibit changes altogether.
Any other ideas?
EDIT - Forgot that my account was a member of SophosDomainAdministrators. Removed myself and all work fine - apologies!
:1093
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Nick_Evans over 14 years ago

Hi,
Sorry to hijack the thread but I'm having the exact same issue. Users are able to turn off Data Control, Firewall and Device control.
I've removed all domain accounts from the local and Sophos admins groups, restarted, reapplied policies and still I'm able to remove/modify policies.
Obviously I can just re-apply the policies from the console but it'd be better if we could prohibit changes altogether.
Any other ideas?
EDIT - Forgot that my account was a member of SophosDomainAdministrators. Removed myself and all work fine - apologies!
:1093
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data