Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 19 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 6135 views
  • Users 0 members are here
Options
Suggested

Plans for access to protection policies?

Trevor Lockley

Are there any plans on the roadmap to expose (possibly read-only) data about individual protection policies for each tenant?

Things like scheduled scan date, per-policy exclusions, computer/group scoping, etc.

Top Replies

  • in reply to RichardP +4 verified

    Hello Trevor and Skylar,  I can shed some light on our plans for policy based APIs.  If I were to classify the requests here, it looks like we have two requests.

    1. Policy management APIs for tenants
    2. Reporting of Policies for rapid insights and response

    At current, we do not have plans for reporting API, however recognize this functionality is important to our customer base and are actively discussing what a full suite of reporting APIs and functionality would look like, and where it would fall on our backlog.

    Now, for some good new! We are currently in active development on a full set of policy management APIs at the tenant level, which are currently due to release early in the first quarter of the 2021 calendar year.  This will include functionality for policy retrieval and management across:

    • Endpoint enumeration
    • Application control
    • DLP
    • Windows Endpoint firewall management
    • Peripheral control
    • Threat protection
    • Update management
    • Web control
    • Server Lockdown
    • File integrity monitoring

    Initial release will cover the ability to:

    • Retrieve all policies for a given Tenant
    • Retrieve a single policy for a given Tenant
    • Update policy order priority
    • Update an existing policy
    Jump to answer
Parents
  • 0

    Hi,

    I'm sorry but I am not sure what you are requesting here. Are you asking for an API path where you give a TenantID and get back all the policies that have been created in that tenant with a list of machines it is assigned to?

    Right now, you can pull out the policy information on a per machine basis with the paths in the Endpoint API. Is that the information you are looking for?

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to RichardP

    I am looking more for endpoints that can detail settings in the various protection policies stored in the official Central Dashboard.

    An example of the data I'm looking to get is the scheduled regular scan date per Endpoint Protection and Server Protection policy.
    I'd also like to be able to retrieve data on the various settings toggles for specific policies

    Something like... "Does policy A and B but not Policy C have Deep Learning enabled?" or
    "Are there any policies that would be considered not configured properly?" via semi-regularly scraping the policy data and comparing it to known defaults.

    The current endpoint APIs do a really good job with the broad strokes, but some of the reporting I'd like to do requires details that as far as I can tell are not yet available from the current API.

  • +1 in reply to Trevor Lockley

    Hi Trevor, 

    Unfortunately policy retrieval is not currently possible in our Central API. I am not sure on an ETA for it in the future either. 

Reply Children