Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 4893 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote Managed Clients

TonyZuffa

We provide managed services to clients around the country and with that we deploy Sophos to our clients. We don't always have access to the pc's after we stop working with clients. If I delete the pc's from our Enterprise console the computers show back up at the next check-in. Is there a way to force removal or permanent deletion for those computers that we are no longer servicing from our side or does the endpoint client have to be uninstalled from the computers themselves?



This thread was automatically locked due to age.
Parents
  • 0
    Hi,

    If you delete a computer in SEC, it essentially marks it in the database as deleted. The computer is still mapped to the existing group, policies, etc... In this case, the next time the computer reports in, it will be revived and stay in the same group.

    If you delete the computer from the database (computersanddeletedcomputers table in the "core" SOPHOSX database directly) a new record will be created on the next status and it will be place in unassigned.

    There is no way in the Sophos software to blacklist an endpoint by name/router name etc to prevent it appearing. You'd be relying on firewall/network level config changes to "hide" the management server from the client.

    One option would be just to create a group in SEC to place these computers in. The other option as you mention is to remove the Sophos Remote Management System component as a minimum from the endpoint.

    Maybe Sophos Cloud would offer a better management experience of such computers and could be worth a try,

    Regards,
    Jak
Reply
  • 0
    Hi,

    If you delete a computer in SEC, it essentially marks it in the database as deleted. The computer is still mapped to the existing group, policies, etc... In this case, the next time the computer reports in, it will be revived and stay in the same group.

    If you delete the computer from the database (computersanddeletedcomputers table in the "core" SOPHOSX database directly) a new record will be created on the next status and it will be place in unassigned.

    There is no way in the Sophos software to blacklist an endpoint by name/router name etc to prevent it appearing. You'd be relying on firewall/network level config changes to "hide" the management server from the client.

    One option would be just to create a group in SEC to place these computers in. The other option as you mention is to remove the Sophos Remote Management System component as a minimum from the endpoint.

    Maybe Sophos Cloud would offer a better management experience of such computers and could be worth a try,

    Regards,
    Jak
Children
No Data
Unfiltered HTML