Sophos Endpoint Agent XDR & Siemens WinCC V7.x

Hi community,

Sophos Central has not been approved by Siemens WinCC V7.x !
I am forced to install Sophos Endpoint Agent on such Servers anyway.

What are the recommended global exclusions from Sophos for such Servers,
and above all which exclusion type ?

Some Servers lose the WinCC license (because of a timeout ?), this is fatal for our production!

Can anybody help me ?

Best ragrds,
Thomas



Edited tags
[edited by: Gladys at 6:49 AM (GMT -7) on 19 Jun 2023]
  • Hi Thomas_LSW,

    Thanks for reaching out to the Sophos Community Forum. 

    I was not immediately able to locate documentation on the suggested configuration of Sophos in such an environment, but the exclusions you will want to add will depend on the other applications you have deployed on the systems. Will these systems be running SQL or other process-intensive applications? 

    If you haven't already contacted your Sophos Account Manager regarding this, requesting to be put in touch with a Sophos Sales Engineer may be beneficial, as they are typically able to better understand the specific needs of your organization to suggest what solutions or configurations may be best suited.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi community,

    the folder of the license files is "C:\AX NF ZZ" - this is a hidden folder.

    What exclusion and exclusion type should be set up ?

    I can't believe that no one is using wincc here.

    Best regards,
    Thomas

  • In this case, you will need to populate the following exclusion of the type "File or Folder (Windows)"
    - C:\AX NF ZZ\

    Ensure that you include the trailing back-slash as this will indicate that you wish to exclude a folder and not just a file by the name "AX NF ZZ". 

    In the "Active For" drop-down menu, selecting "Real-time only" will ensure that Sophos does not scan the file/folder prior to your system accessing it. The files will still be touched briefly to check the path, however, the scan operation will be omitted for those files. 

    You can find much more information on exclusions at the following documentation link, you'll also find a video explaining exclusions. 
    - Windows scanning exclusions

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids