Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 7167 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos and Local Security Groups

toddh

Hey,

I have been looking at the Local Security Groups created by Sophos.

I have read the descriptions and I think I am clear on what each group allows it's members to do. However, I am not entirely sure of what role they play in the overall functionality of the Sophos software itself.

I have been searching for some documentation on exactly how these groups are used and what the difference is between the Domain accounts and the Local accounts, but I have been unsuccessful.

I was wondering if anyone knows of a document that explains them?

I was wondering how they are populated? Are they populated by automatically? I think they are because on almost all our machines the user that uses the PC is in the SophosAdministrators. 

Do these groups play a role in the ability for virus's to be cleaned off the system? Let's say if a "Cleanup" was issued from the SEC, do these groups have to be populated by specific users in order for the "Cleanup" to be successful?

I want to make sure they are being used properly. We are not experiencing any issues, but I want to make sure I'm understanding their functionality and role correctly!

Thank you, 

:17213


This thread was automatically locked due to age.
Parents
  • 0

    @jak

    Well I obviously didn't search hard enough!

    thank you for your detailed response as well as the links your provided!

    Definitely has helped me better understand the role of these groups.

    I was wondering. Let's say hypathetically, these groups were not populated at installation of SAV.

    The software is pushed down from SEC and everything is functioning normally.

    The computer in question is then hit by a virus which appears on the SEC. Can an administrator still push a

    remote cleanup down from the SEC to the SAV with these groups not being populated correctly?

    Since these groups only govern what the users can do in the SAV GUI locally, it should not affect  the control done using the SEC. Is is this correct?

    Thank you 

    :17257
Reply
  • 0

    @jak

    Well I obviously didn't search hard enough!

    thank you for your detailed response as well as the links your provided!

    Definitely has helped me better understand the role of these groups.

    I was wondering. Let's say hypathetically, these groups were not populated at installation of SAV.

    The software is pushed down from SEC and everything is functioning normally.

    The computer in question is then hit by a virus which appears on the SEC. Can an administrator still push a

    remote cleanup down from the SEC to the SAV with these groups not being populated correctly?

    Since these groups only govern what the users can do in the SAV GUI locally, it should not affect  the control done using the SEC. Is is this correct?

    Thank you 

    :17257
Children
No Data