Data Loss Protection Policy Reboot Required?

I created a policy and a rule to monitor files being transferred to external storage devices. However, it seems the policy only works after a reboot. Is this normal? I haven't seen this with other polices; just the DLP.



Edited tags
[edited by: Gladys at 7:37 AM (GMT -7) on 3 Oct 2022]
  • Hi Michael,

    Thanks for reaching out to the Sophos Community Forum.

    I have not previously encountered this issue when testing DLP policies. One way you can confirm if the latest policy has been received is by checking the timestamp shown in the policy tab of the Sophos Endpoint Self Help tool. 

    The "Sophos Adapter" should show an updated timestamp once the new policy has been received. You can also check the following registry location. 
    - HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\Policy\DataControl

    Each entry will be enumerated higher than the last based on time. You can also expand out the subfolders in this registry section to verify that the policy settings shown within match what you've defined in Sophos Central.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids