Linux Sophos Protection with Tamper Protection


I got a few Linux systems in my network which I am trying to get a better understanding of protecting with Sophos Central,

The goal is to get the setup as close as possible to our Windows desktop setup in which computers have Sophos installed and scanning over system changes while also providing Tamper Protection to prevent our engineers from changing the current setup on their Linux machines with on-access scanning. Done some research on what commands people are using to disable features such as "/opt/sophos-av/bin/savdctl disable" for disabling the on-access scans. Why they are disabling it is due to the suggested slower performance when they write files on their Linux machines.

Hopefully someone can help me or point me in the right direction for this,

Cheers in advance

Added tags
[edited by: Gladys at 12:58 PM (GMT -7) on 8 Aug 2022]