Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 3 replies
  • Subscribers 9 subscribers
  • Views 1421 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central: Desktop Server AD users not shown as active and web policy violations not reported?

Fred_B

After installation of Intercept X with EDR on our 2008 RDS server I received a message from our Sophos reseller that I bought to many licenses.

In truth I bought licenses for users and servers like before with Endpoint Protection and Enterprise Console but the desktop server users are not reported in Central. And they are the majority of our users.

So according to Central they have never been active and they have never violated a web policy. The RDS server installation of Intercept X is active on the W2008 RDS server and reported active in the Central console.

Active users and web policy violations are only reported for workstation installations of Intercept X with EDR.

I don’t think it should work like this.

Fred



This thread was automatically locked due to age.
Parents

  • The point is - The installer of Central checks for the installed OS: Client Windows or Server Windows.

    Afterwards it will use the Central Server License or Central Client License.

    There are two different SKUs depending on the OS. 

    https://community.sophos.com/kb/en-us/123469

     

    Effective January 2019, RDS sessions are already included on Central server protection and will no longer reflect on the endpoint license count. For more information see the guide below:     

    Virtual Desktop Licensing Guide 

     

    __________________________________________________________________________________________________________________

  • in reply to LuCar Toni

    I will inform the reseller that he has informed us only half about the change in the licensing model. We are a long time user and were informed that the licensing model now required licenses for all servers. In the past they were licensed on a per user ratio. This change meant a price increase for us. As we are running mostly RDS sessions it would have been a price decrease. That part has been left out by the reseller.

    The main issue however for this thread is that the Base Web Policy is not working / not enforced for the servers!

    I tried it the now on the RDS server with a website that is explicitely Blacklisted and it is opens normally, without a warming / block and is furthermore not reported on the Central console. I tried it with a website in a blocked category, opens normally and no mention of it in Central.

    On the RDS server  Intercept X Agent I see that a user trusted a low reputation download. I cannot see what it was and it is not reported in Central.

    I will open a support case for this.

    Regards,

    Fred

Reply
  • in reply to LuCar Toni

    I will inform the reseller that he has informed us only half about the change in the licensing model. We are a long time user and were informed that the licensing model now required licenses for all servers. In the past they were licensed on a per user ratio. This change meant a price increase for us. As we are running mostly RDS sessions it would have been a price decrease. That part has been left out by the reseller.

    The main issue however for this thread is that the Base Web Policy is not working / not enforced for the servers!

    I tried it the now on the RDS server with a website that is explicitely Blacklisted and it is opens normally, without a warming / block and is furthermore not reported on the Central console. I tried it with a website in a blocked category, opens normally and no mention of it in Central.

    On the RDS server  Intercept X Agent I see that a user trusted a low reputation download. I cannot see what it was and it is not reported in Central.

    I will open a support case for this.

    Regards,

    Fred

Children
  • in reply to Fred_B

    I have logged a support case but I am still awaiting an answer by Sophos. 

    It turns out that Web Control only works on Windows 10. It does not on Windows 7 and W2008 R2 Remote Desktop Server.

    Might have something to do with old registry setting not cleaned up properly after uninstalling Endpoint Protection with Enterprise Console before installing Intercept X with Central. We were not using it with Endpoint Protection.

    Fred

     

      

Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML