Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 2923 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I stop users altering the firewall rules / disabling the firewall ?

Robbiej

I have already enabled tamper protection which has restricted the settings for the AV portion of the product

but it does not appear to apply any restrictions to the firewall part

users can still open the client software click configure firewall and check the box entitled Allow all traffic

I need to be able to stop the users making thier own changes to the firewall settings

can anyone help ?

Thanks in advance

:27987


This thread was automatically locked due to age.
  • 0

    Hello Robbiej,

    as you've noticed SCF is not (yet) covered by TP. Power users and administrators (i.e. members of the SophosPowerUser and SophosAdministrator groups) can access and change the configuration.

    Christian

    :27989
  • 0

    Hi Christian,

    thanks for the response,

    Please excuse my ignorance (only just trialling the product) but can you advise where these groups exist? .. they are not in my AD structure and I cannot see them in the enterprise console

    Thanks

    :27991
  • 0

    Hello Robbiej,

    no problem. When Sophos is installed on a client it creates three local security groups on the client - please see Understanding Windows and Sophos Groups (well, actually it creates a fourth, SophosOnAccess, but this one has a different purpose).

    Your users are obviously members (directly or via a another group) of SophosAdministrator or SophosPowerUser.

    Christian

    :28125