Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 7995 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enpoint Protection Firewall inconsistent behaviour

PeterD_AUS

Hi,

I have just imaged and deployed 100+ notebooks with Windows 7 Ent. I then used the Enterprise console to push out Sophos and my policies in particular a firewall policy.

All endpoints show as 'same as policy' for the firewall policy, but they don't all behave the same. I have attempted to force policy compliance using the option to do so within the Enterprise console. but this has made no difference.

The effected devices have all been restarted many times.

This is causing havoc due to the inconsistent device behavior as you can image.

Any ideas? 
 

Thank you

Regards
Peter

:55758


This thread was automatically locked due to age.
Parents
  • 0

    Hello Peter,

    I assume by people/users you mean computers as policies apply to endpoints, not the logged on user. SCF logs its blocking actions and by default sends the to the console where they can by viewed with the Event Viewer.

    I don't think it's inconsistent - at least it looks deterministic. Everything seemingly identical network connection is a prime suspect. You say you had to amend the policy as it didn't work at all first - what if this change missed a subtle piece? But as said, the logs should give some insight.

    Christian

    :55773
Reply
  • 0

    Hello Peter,

    I assume by people/users you mean computers as policies apply to endpoints, not the logged on user. SCF logs its blocking actions and by default sends the to the console where they can by viewed with the Event Viewer.

    I don't think it's inconsistent - at least it looks deterministic. Everything seemingly identical network connection is a prime suspect. You say you had to amend the policy as it didn't work at all first - what if this change missed a subtle piece? But as said, the logs should give some insight.

    Christian

    :55773
Children
No Data