Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3350 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Override in Authorized website setting in Endpoint - client computer?

DMFischer

We have Enterprise Console 10 and a Web appliance.

I have policies set up in the Ent Console and the Web appliance is working well.

I found the Authorization section under 'Configure Anti-virus / HIPS' and was concerned that my end-users would be able to modify these settings and gain access to sites that are 'warned' in the appliance.  Not to mention by-passing scans and other things we control from the Ent Console.  When I entered a test website from my machine in the Website tab I then see my machine in the Ent Console as 'Differs from Policy'

New to Sophos so I wanted to see others take on this.

I know I can control who gains access to the agent on each of the machines on our network by changing the local Sophos groups that are created.

thanks,

Dave

:36041


This thread was automatically locked due to age.
Parents
  • 0

    Hello Dave,

    SophosAdministrators as well as SophosPowerUsers have access to the Authorization Manager. It is even accessible when Tamper Protection is on. But - this setting applies to malicious sites ("Web protection") and is AFAIK not related to the appliance at all. Do you also use Web Control (which does interact with the appliance if configured)? Don't have an appliance but in the client-only mode you can not bypass it by authorizing a site (and I'd be surprised if this would be possible with the WA).

    Apart from this - most other AV settings are only available to SophosAdministrators (which includes only users with admin rights).

    Christian 

    :36059
Reply
  • 0

    Hello Dave,

    SophosAdministrators as well as SophosPowerUsers have access to the Authorization Manager. It is even accessible when Tamper Protection is on. But - this setting applies to malicious sites ("Web protection") and is AFAIK not related to the appliance at all. Do you also use Web Control (which does interact with the appliance if configured)? Don't have an appliance but in the client-only mode you can not bypass it by authorizing a site (and I'd be surprised if this would be possible with the WA).

    Apart from this - most other AV settings are only available to SophosAdministrators (which includes only users with admin rights).

    Christian 

    :36059
Children
No Data
Cookie Information Banner