Is it possible to make user based rules (not device specific) in Sophos enterprise console? What is the benefit of AD sync in SEC?
This thread was automatically locked due to age.
Is it possible to make user based rules (not device specific) in Sophos enterprise console? What is the benefit of AD sync in SEC?
Only Sophos Central has user based policies.
SEC ADSync just keeps the group/machine structure in sync. New computer added to AD, it appears in the right SEC group, create a OU, new group etc... You can also have SEC try a push to install on a new client. It does only try once though, so I think a startup script to pull an install is better/more reliable.
The main issue with ADSync is if you need to apply a different policy to computers in the same OU. In this case you need to restructure your AD to at least create a different OU as you can only set policies on a SEC group level.
Regards,
Jak
Only Sophos Central has user based policies.
SEC ADSync just keeps the group/machine structure in sync. New computer added to AD, it appears in the right SEC group, create a OU, new group etc... You can also have SEC try a push to install on a new client. It does only try once though, so I think a startup script to pull an install is better/more reliable.
The main issue with ADSync is if you need to apply a different policy to computers in the same OU. In this case you need to restructure your AD to at least create a different OU as you can only set policies on a SEC group level.
Regards,
Jak