This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is it possible to make user based rules (not device specific) in Sophos enterprise console? What is the benefit of AD sync in SEC?

Is it possible to make user based rules (not device specific) in Sophos enterprise console? What is the benefit of AD sync in SEC?



This thread was automatically locked due to age.
Parents
  • Only Sophos Central has user based policies.

    SEC ADSync just keeps the group/machine structure in sync.  New computer added to AD, it appears in the right SEC group, create a OU, new group etc...  You can also have SEC try a push to install on a new client. It does only try once though, so I think a startup script to pull an install is better/more reliable.

    The main issue with ADSync is if you need to apply a different policy to computers in the same OU.  In this case you need to restructure your AD to at least create a different OU as you can only set policies on a SEC group level.

    Regards,
    Jak

Reply
  • Only Sophos Central has user based policies.

    SEC ADSync just keeps the group/machine structure in sync.  New computer added to AD, it appears in the right SEC group, create a OU, new group etc...  You can also have SEC try a push to install on a new client. It does only try once though, so I think a startup script to pull an install is better/more reliable.

    The main issue with ADSync is if you need to apply a different policy to computers in the same OU.  In this case you need to restructure your AD to at least create a different OU as you can only set policies on a SEC group level.

    Regards,
    Jak

Children