This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Client Firewall - Which firewall policy is my device using?

Hello Folks,

My company is undergoing a security audit, and I have been tasked to pull some information from our user workstations regarding the Sophos Client Firewall.

My Sophos Enterprise Console has been configured with several custom firewall policies.

Once I have installed the firewall on an endpoint, I would like to verify that is using the correct firewall policy.

I have looked into the logs that are generated locally, but I do not see any line that mentions what policy my endpoint is subscribed to.

Is this information found any where on the local device?

Thanks in advance!

This thread was automatically locked due to age.

0 QC over 12 years ago

Hellp tcshain,
the rawadaptercfg (no extension) XML file in the adapter storage (...\Sophos\Remote Management System\3\Agent\AdapterStorage\SCF) contains the RevID which matches the CorrelationID in the dbo.Policies table in the database. In addition you'd have to check that the client complies - see HKLM\SOFTWARE\[Wow6432Node\]Sophos\Sophos Client Firewall\Config.
HTH
Christian
:35871
Cancel
Vote Up 0 Vote Down

Cancel