We'd love to hear about it! Click here to go to the product suggestion community
In https://community.sophos.com/kb/en-us/36501 it is mentioned that "BOPS has been globally disabled in the endpoint product, we continue to show the policy option in SEC but currently ignore the selected setting".
As the option to "Detect buffer overflows" is still available in AV-HIPS policy, how do we make sure that this setting has been globally disabled? The reason I'm asking is that because we have seen performance issues in SQL servers as documented in https://support.microsoft.com/en-us/help/2033238/performance-and-consistency-issues-when-certain-modules-are-loaded-in and that we currently have plenty of AV & HIPS policies in which this option is enabled. We want to make sure that we do not have to manually untick the box in all AV HIPS policies we have.
Thanks in advance for your help!
By default, BOPS is disabled from SAV 10.7.6. As mentioned in the article, it will show the policy option in SEC but you can ignore the selected setting.
In reply to Shweta:
Thanks for the confirmation - we are running 10.8.4 on our platform so BOPS should have been disabled. Thanks.
In reply to LamienS:
It must be disabled then, please let us know if you have any further queries.