Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 4551 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Device Control

Fahdp

HI,

I seemed to have lost the Device Control ability from my EC4.5. Basically any workstation that has SAV 9.5.5 VDL4.62G does not have device control but workstations that have the older 9.5.4 VDL4.61G have it.

9.5.5 machines also dont have the device control service in windows while 9.5.4 have it.

Is this something that has been removed in 9.5.5? I have tried re-protecting but it will still not show up on 9.5.5.

Any ideas?

Regards

F

:9487


This thread was automatically locked due to age.
  • 0

    Hi Fahdp

    Check your device control policy in the EC, when the clients upgrade to 9.5.5 they get assigned the default policy again.

    check the policies of the group, and push the policy down to the clients.

    Kind Regards

    :9521
  • 0

    Hi,

    I have already checked that and it is assigned the correct device control policy in EC. I even tried creating a new one and pushing it down to the clients. What I noticed is usually when I would make a change to a policy and push it through I would get a "Awaiting policy transfer" on the clients as they updated. 

    Since 9.5.5, even if I make a change or apply a new policy I dont get the "Awaiting transfer" message. The clients are updating with the "Updating" policy fine though.

    Bottom line is device control will still not work.

    Regards

    F

    :9531
  • 0

    Hello Fahdp,

    how come that some clients have 9.5.5 and others still 9.5.4?

    Of course a policy is only transferred to a client which has the corresponding component - thus if the DevCtrl column is blank assigning a policy has no effect.

    What I've seen is that some clients "lost" one of the components - "something" in the agent needs "disappeared" and DevCtrl is effectively disabled as the policy isn't processed - although the service is running. Usually reprotecting helps. Haven't seen that it is not installed though when it's enabled in the policy. Also occasionally the SAVAdapter key is missing but then the SAV column is also blank.

    Did you call Support yet?

    Christian

    :9547
  • 0

    Some clients had been off for a long time hence why some were 9.5.4. Most are 9.5.5 and its definitely doesnt exist. Either as a service or on the client endpoint console as well. Everything else works. Updating policies, Tamper control etc.

    I have tried re-protecting from the console and manually installing SAV, but without result. Device Control does not exist. No service nothing.

    Have rasied a support call. Awaiting reponses. Even if I create a new policy with different settings and push it, clients get nothing.

    Very strange and worrying as it now leaves a big gap in my infratsructure! :(

    :9549
  • 0

    Very strange and worrying

    Indeed. BTW - is DevCtrl there if you protect a new machine?

    Christian

    :9553
  • 0

    Nope. It just seems like its disappeared totally. New machine, re-protecting exisitng machines still doesnt work.

    I am wondering if I manually install a 9.5.4 client on a new machine if it will have Device Control. Worth a shot I guess ( if it lets me downgrade )

    :9555