Security Heartbeat blocked PC after format

Hello Everyone

One of our clients that has Sophos Endpoint and XG Firewall had this issue.

The computer with Sophos Endpoint got a virus and they formatted it, now that the computer is brand new the firewall does not let it get to the internet because heartbeat says it is infected.

Can you please help?

Security Heartbeat and Firewall
[edited by: Nikolaos Zisis at 2:43 PM (GMT -7) on 14 Mar 2024]

    Sophos XG firewall is doing exactly what it's supposed to.  no heartbeat, no trust for internet or lateral movement of network traffic

    To fix this, reinstall the endpoint client so that endpoint generates healthy heartbeat for firewall to trust.

    Firewall will still allow access to sophos central, so link to client download can be provided, a trusted share on network for access to client installer, or on a usb drive

    ... also, you may need to manually clear/acknowledge the infection event in central.  The above steps assuming you have already done this as part of the OS reinstall/re-image process.