This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless Bridging E-Mail Alerts

We are using Sophos Enterprise Console 5.5 with the latest endpoint clients.

We have "Wireless Bridging" blocked via Device Control and would like to turn off the alerts when a devices WiFi is enabled or disabled.

There do not appear to be alerts that I can create exceptions for.

Is there a way to disable these annoying alerts? We want to keep the policy on but do not need alerts each time a PC is disconnected from Ethernet.

 

Thank you!



This thread was automatically locked due to age.
Parents
  • Hello JaysonScheuer,

    it doesn't look like Device Control's messaging distinguishes based on the trigger. i.e. whether the device has been blocked when the radios have been turned on or when the cable has been plugged in, and AFAIK you can't filter by type.
    Apparently you have turned on email alerting in the policy - may I ask why?

    Christian     

  • We use alerting primarily for the USB device alerts. It's nice to know when a USB device was plugged in and blocked, and where that alert is coming from. We have been slowly introducing laptops into our environment and use the "Disable Wireless Bridging" feature. We get alerts every time some undocks their laptop, we don't want this.

     

    I don't know how, if possible, to apply two different device control policies to one PC. So for example, a PC would comply with the USB blocking Device Control policy AND the Wireless Bridging policy. If I could apply two different policies I would remove the alerting from the one. From what I gather you don't think there is anyway to remove or filter out those alerts. 

  • Hello JaysonScheuer,

    nice to know when a USB device was plugged in and blocked
    and it should be more or less realtime?

    The advantage of alerting by the endpoint is that it's easy to configure. One disadvantage is that it's mostly all-or-nothing. As you say laptops - did you set an internal SMTP in the AV policy? If so, the endpoints wouldn't be able to send an alert when "outside". Haven't checked whether the messages are queued on Windows (they are on Linux) or simply discarded if the SMTP can't be reached.

    two different policies
    there's always only one policy assigned to a computer

    Christian

Reply
  • Hello JaysonScheuer,

    nice to know when a USB device was plugged in and blocked
    and it should be more or less realtime?

    The advantage of alerting by the endpoint is that it's easy to configure. One disadvantage is that it's mostly all-or-nothing. As you say laptops - did you set an internal SMTP in the AV policy? If so, the endpoints wouldn't be able to send an alert when "outside". Haven't checked whether the messages are queued on Windows (they are on Linux) or simply discarded if the SMTP can't be reached.

    two different policies
    there's always only one policy assigned to a computer

    Christian

Children
  • Yes we have setup our e-mail capabilities. And I can also confirm that alerts are queued up and sent when the laptop returns to the network.

     

    Thank you for your time. It does seem as if there isn't any option for filtering out those alerts.

     

    Thanks again!