We have a terminal server running Sophos Intercept X Essentials. This now also reported a detected manipulation of the browser and provided corresponding information. How do you deal with this? Do you always report these reports to the Sophos team or…
Hello there,
I'd want to ask the Sophos community if I can block uncategorized websites in Sophs Central? Many of our users appear to browse uncategorized websites, which I am unsure how to prevent.
Kind regards,
Damian
Hi,
Our client is having endpoint and server with XDR, Please let us know if there is a query or report available for User password failed attempt on Windows MAC and Linux systems.
Also is there an option for sending an alert for this to central…
https://intelix.sophos.com/report/0193e2da226c4e748d1eea2314d5219f/static/url
Hello, I am migrating and cleaning up our website Spectrum for Living and have run it through all the tests possible and believe that due to previous poor hosting, it is…
Hi, I'm facing a issue that delay around 2 mins to get internet access even the WiFi shown connected. This issue happens after install the Sophos Endpoint. Anyone facing the same issue like mine?
Hi,
If I want to install the inplace auto upgrade from W10 to W11, it is blocked by Sophos without any notification. If I stop the HitmanPro.Alert service, the upgrade works. My invocation is as follows: setup.exe /auto upgrade /priority normal /noreboot…
I created a Threat Protection Policy and enabled Deep scan and Scheduled it for only one file server.
Today, I'm trying to find the log of the scan and see if it deleted or quarantined anything. Where can I find this?
Hi
Intercept X with XDR. I cannot find in the Endpoint management portal where to allow one (or more) sites currently blocked because they are listed in the "Proxies and Translators" category.
Any assistance appreciated.
Good day members. I Trust you are well. Our IPS report on Sophos Central shows the following IPS report. I have Traced the IP back to microsoft Data center.
I would like to know is this a false positive as i have scanned the computers muliple times…
Hello,
I wanted to see if anyone else is having issues with Restricting USB's in macOS Sonoma. I am currently on Version 10.5.1 for Sophos and on macOS Sonoma 14.1.1
Currently, I have the Peripheral Control set to Read Only for Secure removable storage…
HI everyone,
I was wondering if it is a way to block all the vpns using sophos central?
I have the web filtering based entirely on sophos central, and it seems okay so far.
One of our customers wants all the vpns blocked on the enpoinds something…
Hi
I want to adding a appliction on device SJ32ACC but its told me error adding application , and I allow by SHA256 & key applicaion used by most organisations , could you help me to fix this issue ,thx?
Hello,
To give context, our leadership and information security team are concerned with alerts that I coming from Sophos. Their concerns are valid considering the email titles are: Alert for Sophos Central [*****]: A device is not encrypted.
However…
Just as the subject asks: Can PSTools be excluded for a single machine (for Sophos admin)? if so, how can I create that exclusion so that it's not alerting every time I try to download and install it? I don't want to create a global exclusion because…
Hello,
i want to block accounts.google.com - docs.google.com etc.
I succesfully blocked google docs but when i try to block google accounts, i can still reach that webpage somehow.
Im trying from website management.
What should i do?
Regard…
Ave collegae!
Is there a way to
- see / check per device (/user) - what peripheral(s) had been blocked - allow one or more of the blocked device(s)
the customer prefers GUI
Salvete
hRy
Hi,
we have our default " Base Policy - Update Management " policy which is applied to most of our endpoints set to "Recommended" software package versions.
We would like to change this to latest FTS and leave the latest "Recommended" package setting…
Dear all,
There are a large number of fake "whatsapp web" pages at the top of Google search currently.
I saw that the IP range is: 104.21.x.x or the URL is https://uaa.xxxxxxxx / https://wh9.xxxxxxxx
Is there a more effective to block the IP range…
Hello,
In my domain, standard domain users are not able to install a program. But there are some programs that doesnt require admin rights to be installed. I was wondering if i can block them with Sophos. I have tried application block but for that…
I want to exclude the following (example) from real-time scanning:
This directory ( 26e9f183-6e80-4436-8461-a67d55c5e4b1) is randomized within the user's profile temp directory
c:\Users\testuser\Temp\26e9f183-6e80-4436-8461-a67d55c5e4b1
These files…
Scenario - Attacker has made into a system and now wants to kill \stop the AV but is tamper locked.
From SIEM perspective to Monitor such events
what logs can be shipped from the Event viewer? or from Sophos log directories?
Hi All,
We have application control currently set to block Microsoft WSH WScripts, and want to keep it that way.
However we have a VBS script that uses Wscript that ideally we want to exclude, so it can be run on endpoints without disabling application…
Good Day, We've had some instances where either Sophos protection service or Network protection service might not start up. This cause the computer to become Isolated but we cannot un-Isolate unless we restart or use Admin rights to start the service…