Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 2951 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAC Balloons/Popups at logon "Your machine has been removed from quarantine"

Koto

Hi,

I set up the Sophos NAC with simple check. But i have an strange behaviour in Enforcement mode.

At each logon (Windows XP SP3) i have a Balloons/Popup in systray that say: "Your machine has been removed from quarantine".

In reports/logs the explication is that the agent tray is not running at startup.

So, between the logon and the launch of the agent tray, the computer is in "quarantine".

How to disable this check ? It is possible to disable this Balloons?

Server: Sophos NAC 3.9 (Windows 2008 R2)

Clients: Windows XP SP3

:28915


This thread was automatically locked due to age.
Parents
  • 0

    Hi Koto,

    The following article talks you through how to disable balloon messages, however you will need to do this for all of Windows alerts, you are unable to disable them for just NAC.

    http://www.sophos.com/en-us/support/knowledgebase/113287.aspx

    The alternative would be to remove this from the NAC Policy:

    Navigate to your policies in NAC and select the one that you would like to change
    Under the Network Access header select Agent
    Select enforce
    Delete the 'No Agent Tray' option

    The disadvantage with this is if the Agent tray is not loaded (E.g. failed to load or was killed by the user) the machine could be in a non-compliant state without being quarantined.

    Hope this helps.

    Regards,
    Gareth

    :29209
Reply
  • 0

    Hi Koto,

    The following article talks you through how to disable balloon messages, however you will need to do this for all of Windows alerts, you are unable to disable them for just NAC.

    http://www.sophos.com/en-us/support/knowledgebase/113287.aspx

    The alternative would be to remove this from the NAC Policy:

    Navigate to your policies in NAC and select the one that you would like to change
    Under the Network Access header select Agent
    Select enforce
    Delete the 'No Agent Tray' option

    The disadvantage with this is if the Agent tray is not loaded (E.g. failed to load or was killed by the user) the machine could be in a non-compliant state without being quarantined.

    Hope this helps.

    Regards,
    Gareth

    :29209
Children
No Data