This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Differ from Policy on Exploit Prevention Policy

 All my endpoints shows  Differ From policy on Exploit Prevention Policy, my SEC version 5.5. How can this be fixed it is really an eye sore when 89% of your endpoints has an error differs from policy



This thread was automatically locked due to age.
Parents Reply Children
  • yes, at first i did not noticed it coz we are on the process of upgrading all our endpoints from win XP to windows 10, after we are done deploying Sophos on all our endpoints and defining all the policy, the problem occurred.  Is there a fix already available, its been how many months now. Right now we have a problem, we are a Financial institution and we are under audit and this problem will definitely raise a red flag with our external auditors.

  • Hello Sanwenn Picson,

    as the article says: For Sophos Enterprise Console customers - The product release has been moved into July. It is an update to Exploit Prevention. Can't say why it takes that long to fix it.

    we are under audit
    I'm surprised that auditors already consider something like exploit prevention but maybe it's just that something isn't green, not what this something it actually is, that bothers them.
    Joking aside - naturally your auditors likely won't settle for This is a reporting issue only, the policy is applied and the endpoints are fully protected. I think that Sophos take this seriously and that they don't drag their feet with EXP but it's not wise to rush things (as this could actually cause EXP to break).

    Christian

  • You know how this auditors works, and they dont buy that this issue is only a messaging issue, so there's no work around for this one, all we have to do is wait.

  • Hello,

    did you know if the problem is solved ?

    I have the same problem (all computers "differs from policy") and the link to KB does not work.

    Thank you

  • Hi  

    Thank you for contacting us. Please kindly DM me the case number so that I can follow up with he investigation carried out so far. In case you have not contacted support yet, please create a ticket and update it with SDU logs from any one sample endpoint. and kindly DM me the same.

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.