Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 3 subscribers
  • Views 7870 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

All Clients "Not compliant"

scorpionking
Hi folks!

Next problem with Endpoint Protection... [:)]

All my clients show as [Not compliant] with description "SAV policy is not compliant":


The Administration Guide says:
The status Not Compliant indicates that the device's settings are currently not the same as configured on the UTM. To resolve this problem you find a link in the window to send the current endpoint settings to the endpoint.


So I click on "Resolve" and the status turns to [OK].
The log shows:
2012:09:23-18:46:13 vpn epsecd[13764]: D Epsec::Utils::Logging::_log:59() => id="4245" severity="debug" sys="System" sub="epsecd" name="Sent comply with action" mcs_id=""


But a few minutes later all devices are [Not compliant] again for the same reason.
Here the log shows:
2012:09:23-18:46:53 vpn epsecd[13764]: W Epsec::Utils::Logging::_log:59() => id="4234" severity="warn" sys="System" sub="epsecd" name="Endpoint is not compliant" mcs_id=""
2012:09:23-18:46:53 vpn epsecd[13764]: D Epsec::Utils::Logging::_log:59() => id="4228" severity="debug" sys="System" sub="epsecd" name="Updated AGENT info in the DB" mcs_id=""


What can I do?


This thread was automatically locked due to age.
Parents
  • 0
    Seems I'm talking to myself in this thread... [;)]

    Sadly it helps! [[:D]]

    Well, it appears to have been an intelligent conversation... [[:D]]

    I'm waiting a bit before I install this in production, and don't have it installed in the lab at present.  Are you saying that you deleted all exclusions that began with "\servername" and left only those like "F:\Users\Administrator\" or that you eliminated all?

    Also, does this problem occur only on XP and Server 2003 and earlier servers, or does it apply also to Win7 and Server 2008R2?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Seems I'm talking to myself in this thread... [;)]

    Sadly it helps! [[:D]]

    Well, it appears to have been an intelligent conversation... [[:D]]

    I'm waiting a bit before I install this in production, and don't have it installed in the lab at present.  Are you saying that you deleted all exclusions that began with "\servername" and left only those like "F:\Users\Administrator\" or that you eliminated all?

    Also, does this problem occur only on XP and Server 2003 and earlier servers, or does it apply also to Win7 and Server 2008R2?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Are you saying that you deleted all exclusions that began with "\servername" and left only those like "F:\Users\Administrator\" or that you eliminated all?

    Only those beginning with "\servername" (UNC paths), exclusions like "F:\..." are working.

    Also, does this problem occur only on XP and Server 2003 and earlier servers, or does it apply also to Win7 and Server 2008R2?

    The mentioned log is from a Win7 machine, but the problem also appeared on Server 2008 R2 and Windows XP.

    @jays: UTM 9.002-12 (latest Up2Date).

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Unfiltered HTML