Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 16261 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DLP Blocking all transfers to USB drive for just some computers

Brad Wagner

Hello. I'm testing Sophos Endpoint Advanced on Windows 10 for a SMB. On our 2017 machines (HP EliteDesk 800 G3) *any* file transfer to a USB key is blocked. I see a Sophos pop-up telling me so. Furthermore, the cloud event log shows the key being inserted, but it does not have a record of the blocked transfers. The blocked transfers are visible on the client.

Meanwhile, the DLP works great for 2013 vintage machines (HP 6300 Pro towers). Users get the Allow/Block options. Everything is logged.

Both sets of machines have the same policy. When I disable DLP for the malfunctioning computers, the transfers work again. Where should I go to troubleshoot the issue?

If it’s any assistance, when I attempt to copy a file to the USB drive on the 2017 machines, I see two things essentially simultaneously:

  • A Windows 10 pop-up mid-screen telling me that to continue, administrative access rights are required. (Our users aren’t members of the Administrators group on their local machines.) Providing those rights has no effect, as I’ve already seen…
  • A Sophos Endpoint pop-up lower right telling me that “Transfer of file [filename] was blocked."

Thanks for any help you can provide.



This thread was automatically locked due to age.
Parents
  • 0

    Am I the only one who finds this frustrating and insane, Sophos need to provide a fix for this so that we can use the features that they have sold to us.

  • 0 in reply to h1tchiker

    Hello h1tchiker er al.,

    a fix for this
    there's no easy fix for the (deprecated) AppInit_DLL functionality. Disputed from its inception it was nevertheless there. I don't think that Sophos closed their eyes to the changes. 

    Christian

  • 0 in reply to QC

    I believe they did close their eyes to this. I have not once got a straight answer though either partner elevation or product support. If this feature is deprecated (aka not an option for windows 10) they should not be advertising it, in my opinion. I believe Sophos is missing the boat with Windows 10 management where others in the field offer the same options and at the same price point (not including nextgen options). 

    In full disclosure, we are moving away from their EP product and finding other solutions to meet our needs with DLP and EP. 

    This is no different then having Central not behind a 2FA for what seemed to be forever. 

     

     

Reply
  • 0 in reply to QC

    I believe they did close their eyes to this. I have not once got a straight answer though either partner elevation or product support. If this feature is deprecated (aka not an option for windows 10) they should not be advertising it, in my opinion. I believe Sophos is missing the boat with Windows 10 management where others in the field offer the same options and at the same price point (not including nextgen options). 

    In full disclosure, we are moving away from their EP product and finding other solutions to meet our needs with DLP and EP. 

    This is no different then having Central not behind a 2FA for what seemed to be forever. 

     

     

Children
No Data
Unfiltered HTML