Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 2506 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy Comparison Failure

Alasdair

Running Enterprise Console 4 on Server 2003 deploying endpoint security and control 9 onto windows xp workstations.

EC is reporting Comparison Failure under Policy Compliance on about 90% of the workstations.

I'm tried reprotecting the computer sbut no change and i've tried the right click "Comply with" option but they dont want to correct themselves.

It does look like the policies applied to the computers differs from the server. For instance, one group is set for Device Control enabled but they are all reporting inactive. There is also a group where it should be enabled but some are enabled, some are not.

Short of going round and uninstalling the software from every computer and reinstalling. Anyone know anything that might solve this?

Thanks

:792


This thread was automatically locked due to age.
Parents
  • 0

    Reprotecting a machine only reinstalls Sophos AutoUpdate and possibly Sophos Remote Management System (unless you first removed Sophos Anti-Virus). Also, reinstalling Sophos Anti-Virus is unlikely to have any effect.

    If your AV/HIPS policy contains a Scheduled Scan, then it could be that Scheduled Tasks is in a bad state. You might try Sophos kb 28060 on an affected computer to see if that resolves the issue.

    If your AV/HIPS policy does not contain a Scheduled Scan, then you could try Sophos kb 30496 to increase Agent logging on an affected computer, which will then create verbose logs in:

    C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Agent\Logs

    Hopefully those logs will tell you which section is failing, which will be a good start.

    Kindest regards,

    Tyler

    :816
Reply
  • 0

    Reprotecting a machine only reinstalls Sophos AutoUpdate and possibly Sophos Remote Management System (unless you first removed Sophos Anti-Virus). Also, reinstalling Sophos Anti-Virus is unlikely to have any effect.

    If your AV/HIPS policy contains a Scheduled Scan, then it could be that Scheduled Tasks is in a bad state. You might try Sophos kb 28060 on an affected computer to see if that resolves the issue.

    If your AV/HIPS policy does not contain a Scheduled Scan, then you could try Sophos kb 30496 to increase Agent logging on an affected computer, which will then create verbose logs in:

    C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Agent\Logs

    Hopefully those logs will tell you which section is failing, which will be a good start.

    Kindest regards,

    Tyler

    :816
Children
No Data