This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to prevent end users removing items from quarantine?

Hi,

Im managing an estate of Windows XP and 7 users with Sophos Enterprise Console 5.2.1 r2. Endpoint security and control 10.0.

While reviewing EC I can see a number of users have removed from quarantine a file identified as a virus/spyware: Mal/ExpJS-BE.

I would like to know how best to ensure that end users do not have the permissions to remove anything from quarantine but raise this into our service desk for investigation first.

Having the ability for end users to re-introduce files which Sophos has quarantined is not something we consider helpful.

We want this to be restricted to Sophos Administrators only, by that I mean IT staff with the appropriate knowledge and a ticket to track such changes.

Can anyone advise how this is possible through EC, GPO etc, I really dont want to be visiting desktops to make changes to hundreds of machines.

Many thanks

This thread was automatically locked due to age.

0 DustySophos over 11 years ago

Wow,
Really - no response?
Not even a sarcastic one refering me to relevant instructions?
Thanks guys?
:47013
Cancel
Vote Up 0 Vote Down

Cancel
0 jak over 11 years ago

Hi,
How about using restricted groups to manage the members of the local Sophos groups?
Regards,
Jak
:47019
Cancel
Vote Up 0 Vote Down

Cancel