I created a policy and a rule to monitor files being transferred to external storage devices. However, it seems the policy only works after a reboot. Is this normal? I haven't seen this with other polices; just the DLP.
Hi Michael,
Thanks for reaching out to the Sophos Community Forum.
I have not previously encountered this issue when testing DLP policies. One way you can confirm if the latest policy has been received is by checking the timestamp shown in the policy tab of the Sophos Endpoint Self Help tool.
The "Sophos Adapter" should show an updated timestamp once the new policy has been received. You can also check the following registry location.
- HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\Policy\DataControl
Each entry will be enumerated higher than the last based on time. You can also expand out the subfolders in this registry section to verify that the policy settings shown within match what you've defined in Sophos Central.
