Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 2711 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help with Sophos Endpoint Protection 10

iStalk

Dear developers, please tell me how to implement the means Sophos, a moment ...

On a PC locally installed Sophos Endpoint Protetstion 10, and a user who works on this PC has administrator privileges, they can not be lower ... he is an administrator on the PC, how to realize that it can not change, delete files from the folder c: \Program Files\Sophos\, as well as he could formally updated with the website?

:24127


This thread was automatically locked due to age.
Parents
  • 0

    Hello iStalk,

    as said, outside a domain there is no higher authority than a local administrator. That's not a Sophos problem. One way to overcome this is giving a (Power) User the additional needed rights (you did not say why the user needs to be an administrator, i.e. what actions s/he must be able to perform which are by default not available to a non-admin) without ceding full control - which might be tricky.  

    By the way why the defense only protects against changes Sophos Anti-Virus

    If you're talking about Tamper Protection - keep in mind that TP can be enabled/disabled locally. Thus if a (local) administrator enables TP and sets the SCF working mode to Interactive a user would be unable to undo changes to the configuration in response to an interactive prompt. Keeping the machine usable takes precedence over guarding against manipulation (you might have noticed that Configure\A-V\Authorization ... is still available even when TP is enabled). Extending TP (do not forget that it applies only to Administrators and usually the average user doesn't belong to this group) requires careful evaluation of the pros and cons and possible side-effects.

    Christian

    :24157
Reply
  • 0

    Hello iStalk,

    as said, outside a domain there is no higher authority than a local administrator. That's not a Sophos problem. One way to overcome this is giving a (Power) User the additional needed rights (you did not say why the user needs to be an administrator, i.e. what actions s/he must be able to perform which are by default not available to a non-admin) without ceding full control - which might be tricky.  

    By the way why the defense only protects against changes Sophos Anti-Virus

    If you're talking about Tamper Protection - keep in mind that TP can be enabled/disabled locally. Thus if a (local) administrator enables TP and sets the SCF working mode to Interactive a user would be unable to undo changes to the configuration in response to an interactive prompt. Keeping the machine usable takes precedence over guarding against manipulation (you might have noticed that Configure\A-V\Authorization ... is still available even when TP is enabled). Extending TP (do not forget that it applies only to Administrators and usually the average user doesn't belong to this group) requires careful evaluation of the pros and cons and possible side-effects.

    Christian

    :24157
Children
No Data