Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 37 replies
  • Subscribers 32 subscribers
  • Views 4965 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SATC replacement - Server Endpoint

Ryan Partington

We had a customer put a case in yesterday about having the Server Endpoint Software configured to replace the failing SATC software. I advised I knew it was in the pipe but hadn't heard it had been released yet, and then he shared these two links:

Set up SATC with Sophos Server Protection

Sophos Firewall: SATC with Server Protection

I worked through it with him, and I'm happy to report it all worked a treat across multiple browsers and clients on his THIN Client. Just thought I'd give anyone a heads up who has been waiting and may have missed the announcement. 



This thread was automatically locked due to age.
Parents
  • 0

    Overall some feedback: You need to place the Server in the "Best Protection" EAP (Early Access Program) to get this consistently running. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi

    how can I get that EAP?

    I can only see "New Server Protection Features".

  • 0 in reply to LHerzog

    The "New Server Protection Features" EAP was actually called "Best Protection" before. Same same (not different). We kept it running to avoid that people would have to jump in and out of EAP's all the time (for Endpoint and Server)

  • 0 in reply to SaschaP

    thanks for sending this update about the naming of that EAP - our test server has already been a member of that EAP.

    Our test TS server Windows 2019 has now been replaced by a Server 2022 machine and we'll test with it, not expecting it to be different than on 2019.

    GES Support confirmed the issue in the meantime to be reproducable by them at least for system generated traffic in a user session like CIFS (Port 445). Traffic generated by applications run by the user is supposed to work with user detection/authentication on the firewall.

  • 0 in reply to LHerzog

    so send the results of our support case to this thread:

    Just to clarify, this is not a bug in the product, but based on the SATC design, an expected behavior. To be very honest I don't think this behavior is different from the previous SATC version.

      our documentation team will add soon a note like the following in the online help for v18, v18.5 and v19.

    ”SATC can only authenticate user-based processes. Connections from processes started by system services, such as SYSTEM or NETWORK SERVICE, won't be associated with a directory user. This may result in blocked traffic depending on your authentication rules."

Reply
  • 0 in reply to LHerzog

    so send the results of our support case to this thread:

    Just to clarify, this is not a bug in the product, but based on the SATC design, an expected behavior. To be very honest I don't think this behavior is different from the previous SATC version.

      our documentation team will add soon a note like the following in the online help for v18, v18.5 and v19.

    ”SATC can only authenticate user-based processes. Connections from processes started by system services, such as SYSTEM or NETWORK SERVICE, won't be associated with a directory user. This may result in blocked traffic depending on your authentication rules."

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?