Tamper Protection - Firewall

Question

Hi

We are running Sophos Endpoint Security and Control, version 10.2 and I have a quick question about the Tamper Protection feature. I have used this feature to protect the basic setup for AV, HIPS and Device Control, but it appears that I can still change the firewall settings. Is this normal or is there a configuration I am missing? I do not want to have the end users changing any firewall settings, so I am hoping there is a way for Tamper Protection to lock this down.

Thank you

This thread was automatically locked due to age.

QC · Accepted Answer

Hello digitizedmind, TP does not (yet) apply to SCF. TP applies anyway to Administrators (members of the SophosAdministrator group to be exact) only. Now, you probably have a reason to give your users these rights. Apparently they need to perform some administrative tasks or make some ad hoc changes to the configuration - thus some settings which are deemed as potentially necessary (especially when "on the road") are still accessible, the Authorization Manager and SCF. Can't say what's in the works - although it won't help you now it can't do no harm to submit a feature request. Christian :41755