Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 5842 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint not reporting blocked DVD drive, so cannot create exemption

Monkster

Hi,

 

I have setup a new Win10 desktop with DVD-RW drive. I need to create a Device Control exemption, but there is no entry in the "add exmption" screen for optical drive to enable me to create it. I also note there is no pop-up alert from Sophos to say it has blocked the drive.

If I disable Device Control on the PC the DVD can burn discs fine, when I re-enable it I cannot. So Sophos is definitely in control of it.

I haven't had issues with creating any device exemptions before so this is a strange issue.

Thanks in advance for any help!

Stephen.



This thread was automatically locked due to age.
Parents
  • 0

    Hello Stephen,

    you say that with other drives it works? In this case no alert, no pop-up, no entry in the DC log (you can set it to verbose on the endpoint), and nothing in the Windows Events log?
    Does the policy block all access or allow just R/O?

    Christian

  • 0 in reply to QC

    Hi,

     

    I've not made any exemptions using the machine before, but have had no problem making rules in the past from any other computer. We did get the roll-out of the latest version of End-Point in the last week or so.

    Correct, there's no pop-up, no alert, no entry in the device control log within Sophos End-Point on the PC itself, no entry in device control event log on Enterprise Console. I don't see anything obvious in Windows Event Log.

    The existing device control policy for the PC allows read only for optical drives.

    Thanks,

    Stephen.

Reply
  • 0 in reply to QC

    Hi,

     

    I've not made any exemptions using the machine before, but have had no problem making rules in the past from any other computer. We did get the roll-out of the latest version of End-Point in the last week or so.

    Correct, there's no pop-up, no alert, no entry in the device control log within Sophos End-Point on the PC itself, no entry in device control event log on Enterprise Console. I don't see anything obvious in Windows Event Log.

    The existing device control policy for the PC allows read only for optical drives.

    Thanks,

    Stephen.

Children
No Data
Unfiltered HTML