Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 797 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SATC - What are the minimal settings for Server Endpoint?

AndreasHämmerle

I followed theses instructions to setup the SATC Authentication on a Windows Server 2016 Test VM.

https://support.sophos.com/support/s/article/KB-000038634?language=en_US

At our productive Terminal Server, where we plan to use SATC in the future, there is WindowsDefender AV in use.

We only want to use the Sophos Endpoint Software on productive Terminal Servers to do the Sophos-XG User based authentication with SATC integrated Feature in Server Protection

With the folowing Server-Protection settings the SATC authentication works as expected. On XG side I can see authenticated Thin Client Users from the Test VM

When I disable all Features except IPS, I will not see the authenticated Users on XG any more when they are logon/logoff.

(the Sophos Guides only say: "The SATC feature requires IPS to be turned on in the server's threat protection policy" so I assume this should be enough??)

When there is only IPS active, I was iritated by the orange box "This feature won't work as you have Live Protection turned off". So I decided to turn on Live Protection at the same time as IPS. The result is it doesn't work either, no authenticated user on XG.

So the question is:

What is the minimum setting for SATC to running?



This thread was automatically locked due to age.
Parents
  • 0

    Why do you want to do this? Endpoint is to protect the Server. How are you going to protect the server? 

  • 0 in reply to LuCar Toni

    All Clients + Servers are protected with Sophos Endpoint, expect our Terminal-Servers because we had several problems here. Instead of troubleshooting this problems step by step, the decicion was made to use Windows Defender AV for the Terminal Server instead of the Sophos Endpoint. Thats a long story... I am not happy with this decision, but it is like it is.

    Regardless of that, Sophos decided to retire the legacy SATC and move that functionality into the Sophos Endpoint.

    For customers which are using 3rd party Endpoint software there must be a way (i hope) to use SATC with integrated Sophos Endpoint Software without the neeed of activation all scanning functionalitys.

Reply
  • 0 in reply to LuCar Toni

    All Clients + Servers are protected with Sophos Endpoint, expect our Terminal-Servers because we had several problems here. Instead of troubleshooting this problems step by step, the decicion was made to use Windows Defender AV for the Terminal Server instead of the Sophos Endpoint. Thats a long story... I am not happy with this decision, but it is like it is.

    Regardless of that, Sophos decided to retire the legacy SATC and move that functionality into the Sophos Endpoint.

    For customers which are using 3rd party Endpoint software there must be a way (i hope) to use SATC with integrated Sophos Endpoint Software without the neeed of activation all scanning functionalitys.

Children