This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Differs from policy - Updating policy

Hello,

I have had some communication issues between the Sophos Enterprise Console management server the majority of my Sophos endpoint clients. These clients were not reporting to the server. They were all unmanaged. Once we allowed the RMS ports to our server vlan, all the unmanaged clients start reporting and became managed clients.

However, 95 clients are not compliant with the Updating Policy. All other policies Anti-Virus and HIPS, etc. are stating same as policy. Also confirmed that both compliant and non-compliant machines the “Last message received from computer” is a recent date/time.

During troubleshooting, I have noticed that on non-compliant endpoints, the modified date of the iconn.cfg file is from November 2018. I have compared this file with some endpoints, which are compliant, as the modified date of those iconn.cfg files are much more recent, early March 2020. I did not spot any differences in the content of both iconn.cfg files.

Could you please help me to get these 95 non-compliant endpoints in a compliant state? Any help would be much appreciated.

- I performed a re-installation of all Sophos endpoint security and control components (Anti-Virus, AutoUpdate, Defence etc.).
- Restarted the Sophos Agent service, triggered “comply with all group policies”. This results in endpoints reporting same as policy, after some time they will go back in differs from policy state.

Regards,

RB



This thread was automatically locked due to age.