This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Alerts

Hi everyone,

 

Lately one of our cusotmers are getting a lot of high alerts regarding the What happened: Real-time protection has been disabled on a computer else A computer does not comply with the Sophos Central policy you applied to it.

 

IS there any fix for this as a number of PC seem to be affected all at once while they are fully protected and updated?

 

Thanks



This thread was automatically locked due to age.
  • Hi Patryk,

    It could be that the machines are shutting down/starting up and Sophos MCS sends a health status back while the Sophos Anti-virus service was not running.  It's also possible that the health of the machine is reported back to Central as Sophos Anti-virus performs a major update where in that time the Sophos Anti-virus service may not be running.

    It would be helpful to determine what's causing this.  If it occurs on start-up, Sophos MCS Client service could be set to delayed start to ensure Sophos Anti-virus starts up before the health status reports back.  If this occurs on shutdown I do not think there's anything that can be done as there's no way to control the order in which services shut down.

    https://community.sophos.com/kb/en-us/121811