This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy non-compliance: Network Threat Protection

So suddenly overnight we now have 20+ endpoints that are all reporting "Policy non-compliance:  Network Threat Protection" and the NTP service is showing as not running on all those.  Anyone else see this or have some insight as to why this would suddenly happen?

I'll need to look into it a bit further, but the only change I know of is we pushed out Windows 10 1803 to a bunch of computers last night.



This thread was automatically locked due to age.
Parents
  • I have numerous computers that report that the Network Threat Protection is not running almost daily.

    I have a script to re-enable it, but I have to go into Central each morning to check, then fix the service and it's fine for the rest of the day, until the next morning.

    If you find out a permanent solution, I would love to hear it!

     

    If I find any other information out, I'll reach out.

Reply
  • I have numerous computers that report that the Network Threat Protection is not running almost daily.

    I have a script to re-enable it, but I have to go into Central each morning to check, then fix the service and it's fine for the rest of the day, until the next morning.

    If you find out a permanent solution, I would love to hear it!

     

    If I find any other information out, I'll reach out.

Children
  • Any chance you would share that script?  That would be helpful for getting the service running on all these endpoints. 

     

    I am thinking now that it's related to the 1803 push last night, since a lot of the ones I'm seeing would have been included in the group that got the update.

  • I am on 1803 and did not have the issue, still could be 1803 though, I am using Win 10 Pro not Enterprise.

    Respectfully, 

     

    Badrobot

     

  • We're on Enterprise, but this is one of the most frustrating things about Sophos where we'll have issues that will only affect some of our endpoints.  Perfect example:  our Telecom team has to install software on some PCs for our phone system.  Recently had to install on 2 computers right next to each other.  One of them was fine, the other Sophos flagged it as PUA.  Absolutely nothing different about the 2 computers and both had the same Sophos installed.  For this current issue we've got about 30 endpoints with the NTP service stopped and won't restart but probably have 200+ endpoints with 1803 installed.