Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 3054 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Control Center 4.0 and Endpoint Security and Control 10.2 Tamper Control

Vandal

Under Authenticate User in Tamper control on the ESC on the server also running Control Center. No one ever turned on Tamper Control but it is on. So we have no way of knowing the password to change settings on any clients or the server.

How do we learn our password or disable tamper control?

:39179


This thread was automatically locked due to age.
Parents
  • 0

    Hello Vandal,

    first of all, the Small Business board might be the better place to ask. Nevertheless - AFAIK SCC (whether 4.0 or 4.1) is not aware of TP (it's Tamper Protection, not Control) and TP should not be on by default. Is it really enabled on all clients? - in which case you should contact Support.

    It might be possible to configure the CID with a disabled policy (please see Using ConfigCID.exe ... and Using ExportConfig.exe ... where to place the file (should be named - case sensitive - savconftp.xml) containing the following:

    <?xml version="1.0" encoding="UTF-8"?>
<policy type="tamperprotection" xmlns="com.sophos\mansys\policy" xmlns:csc="com.sophos\msys\csc"><csc:Comp RevID="FactoryDefault" policyType="19"></csc:Comp><configuration xmlns="http://www.sophos.com/xml/msys/tamperprotectionpolicy.xsd"><disabled></disabled></configuration></policy>

     Can't say if this will work but you might want to try. BTW: You are likely entitled to an upgrade of SCC to SEC.

    Christian

    :39197
Reply
  • 0

    Hello Vandal,

    first of all, the Small Business board might be the better place to ask. Nevertheless - AFAIK SCC (whether 4.0 or 4.1) is not aware of TP (it's Tamper Protection, not Control) and TP should not be on by default. Is it really enabled on all clients? - in which case you should contact Support.

    It might be possible to configure the CID with a disabled policy (please see Using ConfigCID.exe ... and Using ExportConfig.exe ... where to place the file (should be named - case sensitive - savconftp.xml) containing the following:

    <?xml version="1.0" encoding="UTF-8"?>
<policy type="tamperprotection" xmlns="com.sophos\mansys\policy" xmlns:csc="com.sophos\msys\csc"><csc:Comp RevID="FactoryDefault" policyType="19"></csc:Comp><configuration xmlns="http://www.sophos.com/xml/msys/tamperprotectionpolicy.xsd"><disabled></disabled></configuration></policy>

     Can't say if this will work but you might want to try. BTW: You are likely entitled to an upgrade of SCC to SEC.

    Christian

    :39197
Children
No Data