https://intelix.sophos.com/report/0193e2da226c4e748d1eea2314d5219f/static/url
Hello, I am migrating and cleaning up our website Spectrum for Living and have run it through all the tests possible and believe that due to previous poor hosting, it is…
Hi, I'm facing a issue that delay around 2 mins to get internet access even the WiFi shown connected. This issue happens after install the Sophos Endpoint. Anyone facing the same issue like mine?
Hi,
If I want to install the inplace auto upgrade from W10 to W11, it is blocked by Sophos without any notification. If I stop the HitmanPro.Alert service, the upgrade works. My invocation is as follows: setup.exe /auto upgrade /priority normal /noreboot…
I created a Threat Protection Policy and enabled Deep scan and Scheduled it for only one file server.
Today, I'm trying to find the log of the scan and see if it deleted or quarantined anything. Where can I find this?
Hi
Intercept X with XDR. I cannot find in the Endpoint management portal where to allow one (or more) sites currently blocked because they are listed in the "Proxies and Translators" category.
Any assistance appreciated.
Good day members. I Trust you are well. Our IPS report on Sophos Central shows the following IPS report. I have Traced the IP back to microsoft Data center.
I would like to know is this a false positive as i have scanned the computers muliple times…
Hello,
I wanted to see if anyone else is having issues with Restricting USB's in macOS Sonoma. I am currently on Version 10.5.1 for Sophos and on macOS Sonoma 14.1.1
Currently, I have the Peripheral Control set to Read Only for Secure removable storage…
HI everyone,
I was wondering if it is a way to block all the vpns using sophos central?
I have the web filtering based entirely on sophos central, and it seems okay so far.
One of our customers wants all the vpns blocked on the enpoinds something…
Ave collegae!
Is there a way to
- see / check per device (/user) - what peripheral(s) had been blocked - allow one or more of the blocked device(s)
the customer prefers GUI
Salvete
hRy
Hi
I want to adding a appliction on device SJ32ACC but its told me error adding application , and I allow by SHA256 & key applicaion used by most organisations , could you help me to fix this issue ,thx?
Hello,
To give context, our leadership and information security team are concerned with alerts that I coming from Sophos. Their concerns are valid considering the email titles are: Alert for Sophos Central [*****]: A device is not encrypted.
However…
Just as the subject asks: Can PSTools be excluded for a single machine (for Sophos admin)? if so, how can I create that exclusion so that it's not alerting every time I try to download and install it? I don't want to create a global exclusion because…
Hello,
i want to block accounts.google.com - docs.google.com etc.
I succesfully blocked google docs but when i try to block google accounts, i can still reach that webpage somehow.
Im trying from website management.
What should i do?
Regard…
Hi,
we have our default " Base Policy - Update Management " policy which is applied to most of our endpoints set to "Recommended" software package versions.
We would like to change this to latest FTS and leave the latest "Recommended" package setting…
Dear all,
There are a large number of fake "whatsapp web" pages at the top of Google search currently.
I saw that the IP range is: 104.21.x.x or the URL is https://uaa.xxxxxxxx / https://wh9.xxxxxxxx
Is there a more effective to block the IP range…
Hello,
In my domain, standard domain users are not able to install a program. But there are some programs that doesnt require admin rights to be installed. I was wondering if i can block them with Sophos. I have tried application block but for that…
I want to exclude the following (example) from real-time scanning:
This directory ( 26e9f183-6e80-4436-8461-a67d55c5e4b1) is randomized within the user's profile temp directory
c:\Users\testuser\Temp\26e9f183-6e80-4436-8461-a67d55c5e4b1
These files…
Scenario - Attacker has made into a system and now wants to kill \stop the AV but is tamper locked.
From SIEM perspective to Monitor such events
what logs can be shipped from the Event viewer? or from Sophos log directories?
Hi All,
We have application control currently set to block Microsoft WSH WScripts, and want to keep it that way.
However we have a VBS script that uses Wscript that ideally we want to exclude, so it can be run on endpoints without disabling application…
Good Day, We've had some instances where either Sophos protection service or Network protection service might not start up. This cause the computer to become Isolated but we cannot un-Isolate unless we restart or use Admin rights to start the service…
Anybody else tried using the "$" variable to exclude a filename and not work??
Looking at the article: Exploit mitigation or ransomware wildcards and variables - Sophos Central Admin
Is says this:
VariableExample $
All available drives.
For…
Hello
i need to unistall agent but i can't disable tamper because i don't see client on my control center (i don't know the reason!)
how to do?
I read many post but i can't modify Sophos MCS Agent registry key (access denied, i tried to change permission…