Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 28960 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Awaiting Policy Transfer

Zatol

Recently I've noticed a lot of my computers are stating that they are awaiting a policy transfer on application control. However, many of them appear to actively be using the application control I set up. Is there a reason these are not being reported as being in policy? 

:20343


This thread was automatically locked due to age.
  • 0

    Hi,

    Maybe this post will help:

    /search?q= 16273

    Regards,

    Jak

    :20345
  • 0

    That is a very informative post. What I see on my main management point is the envelopes folder going down.. when I first opened the folder I was looking at around 12k messages and now I'm around 9.5k.

    However, on the relay at one site where I have a lot of computers awaiting policy transfer, I've watched the number go up from 6.9k to 8k in a matter of minutes.  

    :20369
  • 0

    I've restarted the message router service on that relay in hopes that it will resolve the issue. I'll report back. Thanks for your help. I had not known about the envelopes folder prior to that. 

    :20373
  • 0

    I am having a similar issue. 80 percent of my clients are reporting that they differ from the Application Control Policy. In my case, there are very few messages in the Envelopes directory. The Application Control Policy was modified recently and, since that change, I now have this issue with clients.

    Any thoughts?

    :20431
  • 0

    Hi,

    Did the set configuration messages time out?  

    If you re-apply the application control policy for those machines showing as differs, I would expect the envelopes directory to grow by one message per offline client (as long as you just re-apply the application control policy and don't comply with all policies).  As long as the offline clients become online within 4 days they should pick up the policy when they check in.

    Regards,

    Jak

    :20453
  • 0

    These machines were offline during a 2 week period in which the policy change was made so I assume the messages did time out.

    I'll try to re-apply and see what happens. I attempted that earlier today before my post and had no success.

    :20455
  • 0

    My envelopes folders are working properly but I now have even more clients showing as differing from the application control policy.

    :20483
  • 0

    Hey mdp,

    I reset the Sophos messaging service on my relay and my Sophos server to resolve the issue.  

    :20501
  • 0

    Thanks. In my case, the Envelopes are working properly. I ran the Sophos Diagnostic Utility and will submit to support.

    Currently, 88% of my clients differ from the application control policy.

    :20545
  • 0

    Working with SOPHOS support helped me resolve this issue. In the end, I created a new application policy, built it out to match my old one, and applied the new policy to my workstations. Now they are complying with the policy.

    :20659