Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 13198 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New Computer Policy - Apply to all Computers ?

Aaron Smith

Playing around with a trial version of Sophos Central atm, and after messing around with the BASE Policy a little, I have broken out the peripheral control into its own policy to make it a little more intuitive for our admin's.

But unlike the base policy, the new one seems to rely on being assigned to a computer or computer group to apply. Is there a way to create a dynamic computer group which will have all computers in it. Or create a policy which applies to every computer (like the BASE policy) ?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Aaron, 

    Welcome to Sophos, as for your query the policy applied to the systems is user's based. So, in other words, the policy cannot be changed as per the machine based policy. For Machine based policy we have Server Protection that can manage machine based policy disregard the users logged onto that system. 

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Aditya Patel

    In SOPHOS cloud console IS possible to create COMPUTER policies, but - it seems to me - simply aren´t working. I set this as Support case to Sophos.

  • 0 in reply to Jiri Hadamek

    Hello Jiri Hadamek,

    I'm not a Central user so I can't say from experience how it behaves and whether the documentation is (still) correct. But ...

    COMPUTER policies [...] simply aren´t working
    For each "feature" (Threat Protection, Peripheral Control, and so on) there is one and only one policy that wins. From the Central Admin Help under About Policies: If you set up a user policy and a computer policy for the same feature, and both could apply to the same computer, the policy that’s higher in your policy list takes priority (see here for a simple example).  How did you determine that computer policies aren't working?

    Christian

Reply
  • 0 in reply to Jiri Hadamek

    Hello Jiri Hadamek,

    I'm not a Central user so I can't say from experience how it behaves and whether the documentation is (still) correct. But ...

    COMPUTER policies [...] simply aren´t working
    For each "feature" (Threat Protection, Peripheral Control, and so on) there is one and only one policy that wins. From the Central Admin Help under About Policies: If you set up a user policy and a computer policy for the same feature, and both could apply to the same computer, the policy that’s higher in your policy list takes priority (see here for a simple example).  How did you determine that computer policies aren't working?

    Christian

Children
  • 0 in reply to QC

    Hi Christian,

    thank you for your help, but ALL that you have written is unusable for Sophos central cloud console.

    1. I am sure that COMPUTER policy isn´t working, because I can clearly determine resulting policy from file c:\ProgramData\Sophos\Sophos Anti-Virus\Config\machine.xml.

    In this file I CANNOT SEE any changes (after waiting and updating Sophos config SEVERAL times on several testing PC)

    2.  I can attach COMPUTER policy to Computer or GROUP of computers in Cloud Console, but in resulting policy set in this Console aren´t any COMPUTER policy displayed.

  • 0 in reply to Jiri Hadamek

    Hello Jiri Hadamek.

    as said I don't use Central but its concepts aren't inapprehensible (and not that dissimilar from SEC's). There's one aspect unknown to me though - whether a computer (not a server) has always a user assigned, i.e. whether the device requests just the computer policies after a user has logged off or keeps the last logged on user associated with it.

    Which policy did you test and what changes did you expect? Does the resulting set contain a user policy or the Base policy instead of the expected computer policy?

    Christian

Unfiltered HTML