Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 2 subscribers
  • Views 49640 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC 5.5.0 Folder exclusions not pushed out to Servers

Brown-Bear

Hi all,

I have setup various anti-virus on demand scanning folder exclusions for a Server Group. When I check the various Servers none of the excluded folders show up as excluded on the individual Servers.

I doubled checked this Server group to see which policy is applying to them and on that policy for "Anti-Virus and Hips" have selected to configure "On Access Scanning" and then selected the folder exclusions. None of these show up on the individual Servers.

Any ideas? I have watched the Sophos video www.youtube.com/watch how to exclude files and folders so I'm fairly sure I'm doing it correctly.I also rebooted the Servers in question but no joy as well as selecting "Comply with all group policies".

Thanks



This thread was automatically locked due to age.
  • 0 in reply to QC

    That's exactly what's happening Christian.

    The 2 exclusions that show up locally I pushed out originally *.pst and *.ost. They got them from the group that the Servers were in but I have moved them out of that group about 6 months ago and it seems they are still inheriting them......anyway in the SEC console the  exclusions for these Servers includes these 2 exceptions that show up locally so strange.

    I'm thinking maybe this is to do with a migration I did a year ago from a Win 2003 32 bit Server to a Win 2012 64 bit and I had a lot of issues going to version 5.2.2 - I can't remember what version I had originally but did follow the upgrade document and had to log a few tickets with Support.

    Thanks Christian

     

  • 0 in reply to Brown-Bear

    Hello Brown-Bear,

    SEC is (deliberately) quite simple and there shouldn't be any inconsistencies visual group-membership, policy assigned to group, policy contents, and what's actually sent to the endpoints. I also don't see why parts of certain settings normally exposed to the GUI should be hidden. Please note that once created each group has its own policy assignment, there is no policy inheritance afterwards. If you change a parent's policy assignment the children are unaffected. Policy assignments stick even if you move a sub-group to a different parent. Thus to check the assigned policy for an endpoint you have to do it on the very group the endpoint is in - not one of the upper groups.
    If you duplicate/copy a policy it becomes an entity of its own, you can't reference a set of exclusions from different policies. Hmm ...

    Christian

Unfiltered HTML