Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 9 subscribers
  • Views 2829 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tamper protections questions.

Jakub Sochacki

Hi all, 

I have a few questions about managing Tamper Protection:

1. Is it possible to enable / disable Tamper Protection by a policy? I would like Tamper Protection enabled for all Windows computer, but disabled for all Mac computers. I don't see the option to do this except enabling for all and then manually disabling for all mac computers? 

2. Why does Tamper Protection behave differently between operating systems:

- Mac: user who is not admin cannot bypass the policies, needs to put in admin password. 

- Mac: once admin is authenticated, various policies can be turned off or on

- Mac: once "override" checkbox is unchecked, policies go back to normal

- Windows: non-admin user can bypass policies without any password

- Windows: when a policy is turned off, it cannot be turned back on

- Windows: once "override" checkbox is unchecked it does not return the policies to normal...

 

IS this normal behaviour or is there something wrong with my Windows machines?

I attach 2 gifs showing the behaviour. Click on them and they will play. 

 



This thread was automatically locked due to age.
Parents
  • +1

    Hi  

    You can only Enable/disable tamper protection for all computers and servers from Global Settings> Tamper protection. You can enable/disable tamper protection for a specific device from its details page. For your other query, the behavior which you are seeing on the windows machine is as expected.  On Window endpoints, the settings may not be able to be toggled back on. To re-enable the settings, uncheck the Override option and restart the Sophos MCS Agent and Sophos MCS Client services.

  • 0 in reply to Shweta

    Thanks for the quick answer. I wish it worked differently, but i is good to have the clarity that it is what it is ;]

Reply Children
Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?