Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 2944 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Control - Differs from policy

ash

Is there a way to find out how a machine is reporting back as "differs from policy" on application control?

When I look at the details of my machine in the console it hasn't detected an application in quite some time .. yet it says I differ from policy.

I had a look in C:\ProgramData\Sophos\Remote Management System\3\Agent\Logs at my latest log, and it showed me some applications that I needed to authorize in the AV & HIPS policy .. but returned the same list for policy and config with "APPCConfig (Different)"

Does it keep historical data when making the comparrison?? So if I had an application that once made me differ will that be reported on forever?? Or is there a way to clear that out and acknowledge it.

Im struggling to get my console looking good and reports into order

:430


This thread was automatically locked due to age.
Parents
  • 0

    This might sound daft, but why does this end up requiring an unistall and reinstall? Surely this is why we have a 'comply with' option in the console. Can that process not go through the registry and reset the registry settings? Seems daft to me that we end up having to remove something to fix it.

    I too face this problem regularly and go through cleanup/reinstall. If it's just a case of fixing registry entries, can the RMS not have this fix feature added? Actually on the positive side, I've noticed that app-control additions that I authorise in the console do clear from client machine warnings after a few days though I haven't determined why it takes that long and what caused it to clear. Perhaps next time the authorised app was used?

    Matt

    :2035
Reply
  • 0

    This might sound daft, but why does this end up requiring an unistall and reinstall? Surely this is why we have a 'comply with' option in the console. Can that process not go through the registry and reset the registry settings? Seems daft to me that we end up having to remove something to fix it.

    I too face this problem regularly and go through cleanup/reinstall. If it's just a case of fixing registry entries, can the RMS not have this fix feature added? Actually on the positive side, I've noticed that app-control additions that I authorise in the console do clear from client machine warnings after a few days though I haven't determined why it takes that long and what caused it to clear. Perhaps next time the authorised app was used?

    Matt

    :2035
Children
No Data
Unfiltered HTML