This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

not fully tamper protected

evaluating the latest endpoint protection deployed from the console (ver 5.2.1 R2). i have enabled tamper protection but some parts of the user AV is still not greyed out.

how can we prevent users from changing AV settings? even prevent uninstalling by them?

This thread was automatically locked due to age.

Parents

0 IAMU over 11 years ago

A user with local admin rights can stop the Sophos Anti-Virus service either through the "Services" menu or CTRL+ALT+DEL killing the Sophos process which stops on-access scanning.
Is it possible to lock down stopping the Sophos services and/or killing the Sophos process by a local admin? I'm in the same situation where my clients need the local admin right, but I don't want them having any ability to bypass their anti-virus product.
:50552
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 IAMU over 11 years ago

A user with local admin rights can stop the Sophos Anti-Virus service either through the "Services" menu or CTRL+ALT+DEL killing the Sophos process which stops on-access scanning.
Is it possible to lock down stopping the Sophos services and/or killing the Sophos process by a local admin? I'm in the same situation where my clients need the local admin right, but I don't want them having any ability to bypass their anti-virus product.
:50552
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data