Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 17379 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos scanning network locations

BUKtrj

Hello all,

A bit of info before i go on, we just installed Enterprise Console 5.2 on a clean 2012 R2 server, deployed to a few test machines as this is replacing an old symantec solution.

The problem is that we use Quest for keeping an eye on folder activity (opening, deleting ect) but since 2 of our laptops had sophos installed Quest reports that the user accounts tied to the laptops are continually scanning our network location where home drives are located, Quest doesn't report the same activity for my machine, the only differences is that the other 2 users have offline folders enabled for their home drives and i'm on Win7 to their Win8.1, we have added the CSC folder to the exclusions in the hope this was the cause.

Any advice appreciated.

:45889


This thread was automatically locked due to age.
Parents
  • 0

    Hello Christian and thank you for your response,

    I'll try to explain it as best i can so bear with me ;).

    Laptop A has had sophos deployed to it which replaced symantec which worked a dream.

    Laptop A has the following set as an offline folder, \\server\users folder\UserA.

    Since sophos was install our quest logs are filling with access denied reports as it tries to scan ALL folders in \\server\users folder\

    So report looks a little like this:-

    UserA access denied to folder UserB

    UserA access denied to folder UserC

    UserA access denied to folder UserD

    UserA access denied to folder UserE

    ect

    Turning off sophos on Laptop A causes this to stop, at first i thought it was part of the daily scan we set but it starts the moment the machine connects to the domain.

    My concern about excluding remote files from the on-access scan is that LaptopA tries to open file1 from server and because it is a remote file it won't scan unless it scans content when the local temp file is created?

    Hope this helps.

    Cheers

    :45935
Reply
  • 0

    Hello Christian and thank you for your response,

    I'll try to explain it as best i can so bear with me ;).

    Laptop A has had sophos deployed to it which replaced symantec which worked a dream.

    Laptop A has the following set as an offline folder, \\server\users folder\UserA.

    Since sophos was install our quest logs are filling with access denied reports as it tries to scan ALL folders in \\server\users folder\

    So report looks a little like this:-

    UserA access denied to folder UserB

    UserA access denied to folder UserC

    UserA access denied to folder UserD

    UserA access denied to folder UserE

    ect

    Turning off sophos on Laptop A causes this to stop, at first i thought it was part of the daily scan we set but it starts the moment the machine connects to the domain.

    My concern about excluding remote files from the on-access scan is that LaptopA tries to open file1 from server and because it is a remote file it won't scan unless it scans content when the local temp file is created?

    Hope this helps.

    Cheers

    :45935
Children
No Data