Hi,
Our client has some issues, related to central endpoint protection
1. Bluetooth headphones are not working Even it is allowed in peripheral control policy. We have checked a JBL Bluetooth headphone, even the user has full access in peripheral…
Hi all,
I've been having random workstations blue screening since christmas and all reports point to a driver issue, all of the drivers were so far intel ethernet cards until this morning when my own laptop bluescreened.
I've found this article but…
Dear All,
Hope you are all doing well.
I have a question regarding AMSI Sophos Protection. Is it okay to turn off AMSI logging? Turn off AMSI logging to resolve compatibility issues – Sophos Home Help
Since we upgraded our workstations to Windows…
Hi,
I have DLP solution named Somansa which is installed at one of my clients place along with Sophos Antivirus.
There I have enabled Application blocking through Somansa DLP which is working fine in the system where Sophos is not installed but same…
Hello dear Sophos Community,
we have some old devices in our company and I noticed that the sophos agent collects data like Processor structure and Operating System but now my question is; Can I get Sophos to collect more information than this from…
I am playing around with the XDR Datalake. The goal is to use the XDR Datalake for our inventory. So we do not have manually update it.
I can get all installed software from the Datalake thanks to the query "windows_programs". However in this query…
Hello,
We have the Intercept X Advanced with XDR license, will we need a new license if we want to implement the NDR Sensor or does our license already include this sensor? When will it be released?
Thanks André Soares
We are facing a situation where we need to use Intercept X with Windows 7. The challenge is that the client cannot upgrade the system due to incompatibility with certain medical instruments.
We are considering using Intercept X as an antivirus solution…
Dear All:
Along with saying hello and hoping that you have enjoyed a nice end-of-year holiday with your families, write to ask them the following:
Our company has Sophos Intercept 100%. Strangely it is not just the Sophos processes that take the disk…
hi all,
i have read the "setting up sophos relay and update cache" here
https://support.sophos.com/support/s/article/KB-000035498?language=en_US
couple of questions -
on the sophos central portal it says this
Update Cache and Message Relay Status…
Dears,
I am facing an issue with uninstalling Sophos Endpoint Agent in order to reinstall it again.
In Sophos Central Dashboard, there is a laptop that is totally not protected while Sophos agent but not updated yet (logged in remotely to the device…
My employees accidentally cleared an alert in Sophos Central for a ransomeware attack. Doing so erased all the detail information (File locations, etc.) Can someone point me to the log location so I can get that information from the log?
A strange thing happened to us on Endpoint, which was in a locked office, in one second the endpoint blocked at least 10 pages of inappropriate tip as Adult/Sexually Explicit.
Since I am sure that no one was sitting at the endpoint and no one could…
In a fairly new windows laptop, we had to install Sophos in our company laptop. This made the laptop extremely slow and hard to use.
All of my coworkers have also been facing similar issues.
Sophos uses around 90-100% of the CPU.
what should I do…
I am reaching out for guidance on a critical issue one of our clients is currently facing. They have fallen victim to a ransomware attack, specifically impacted by the 'Hhuy virus' from the STOP/DJVU ransomware family, identifiable by the '.HHUY' extension…
hi all,
how do i point endpoint agents to a specific "update cache and message relay" because atm there saying "sophos" on the web portal but i want them to point to a specific relay server as there not internet facing machines
thanks,
rob
hi all,
how do i install sophos endpoint protection but miss pcs with it already on
https://doc.sophos.com/central/Partner/help/en-us/Help/Deployment/WindowsCommandLine/index.html#message-relays
do i need to add "no competitor removal" to miss all…
I saw the popup the other day announcing the new feature in Threat Protection to block QUIC to make sure that everything goes through Web Control and Threat Control correctly.
I clicked the "Read more" link which took me to Threat Protection Policy…
problems installing sophos endpoint, Error: No reachable update service locations , The log generates the following: 2023-12-19T15:28:54.2670382Z INFO : Trying update service url sus.sophosupd.com/.../d409441b-33e9-47f3-b22a-0cf49378a0a8 with proxy: …
Hi,
due to some strange German law, there must be some wistle-blowing URL to be excluded from decrypting but also from logging.
is that possible with Sophos Endpoint / Central?
What about Datalake?
Though it's a nightmare in terms of security…
Hey Sophos,
you managed to bring one of our websites out of production with your new NTP64 component.
Since installed, endpoints will not load it or only parts of it. Intercept-X kills the connection during TLS handshake.
HTTPS Decryption enabled…
Our SAP server’s backup process, that is using certutil.exe, is detected as a defense evasion threat.
In details the detection is
Detection ID: WIN-EVA-PRC-CERTUTIL-DECODE-1 Command Line: certutil -decode password.b64 password.txt File Path: C:\Windows…
Hello Everyone, I have tryied to search about this in the forum but couldn't find anything.
My scenario is : XGS2100 Xstream protection + Endpoints with advanced Threat protection.
I keep receiving this two alerts but I have tried to see what to do…
Hi
Intercept X with XDR. I cannot find in the Endpoint management portal where to allow one (or more) sites currently blocked because they are listed in the "Proxies and Translators" category.
Any assistance appreciated.
