+ Post New Thread
Results 1 to 8 of 8
Windows Server 2008 R2 Thread, Software Restrictions/Sophos Enterprise Console in Technical; Hi all, Having a problem with getting our Sophos endpoints up and running. If a client is protected with the ...
  1. #1

    Join Date
    May 2013
    Posts
    11
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Software Restrictions/Sophos Enterprise Console

    Hi all,

    Having a problem with getting our Sophos endpoints up and running.

    If a client is protected with the endpoint software and a user logs in that has software restriction GPO's applied to it, something blocks access to Internet browsing.

    I've narrowed it down to a single GPO that contains the software restrictions, and if they are disabled (or changed to unrestricted) then the user can browse the Internet.

    The message that appears is that the browser cannot connect to the proxy server.

    Is there a clash somewhere? or a setting that needs amending?

    I've tried fully disabling all policies but there still isn't any connection.

    Strangely, as an Admin I can browse the Internet if I run Chrome with my credentials, but I'm assuming it's because there are no active software restrictions imposed on my account, and the proxy settings are taken from the registry.

    Sophos Enterprise Console 5.1
    Windows Server 2008 R2 - Standard users no admin rights

    Thanks in advance
    Tom

  2. #2

    Join Date
    May 2013
    Posts
    11
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    If anyone has any suggestions I'd be grateful. Slowly running out of ideas and at the moment have to choose between Internet Access and Anti-Virus...

    Thanks
    Tom

  3. #3
    clodhopper's Avatar
    Join Date
    May 2007
    Location
    Portsmouth
    Posts
    93
    Thank Post
    0
    Thanked 11 Times in 11 Posts
    Rep Power
    18
    Have you spoken to Sophos ??

  4. #4

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,689
    Thank Post
    334
    Thanked 515 Times in 483 Posts
    Rep Power
    179
    What's your SRP looking like? Sounds like you're blocking some of the sophos exe's and seeing they create an internal proxy once it's blocked you'll lose access etc.

    Steve

  5. #5

    Join Date
    May 2013
    Posts
    11
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for the replies!

    The only thing I can see that could block it is the path rules, and as \Program Files and \Program Files(x86) is unrestricted it shouldn't stop anything running - unless the exe's are somewhere else that I can't see.

    Just discovered that the effected users can't resolve any DNS names - which may be why they cannot connect to the network proxy, as I used the FQDN and it can't resolve it manually. Will attempt using an IP a bit later - might be a temporary fix.

    Had a quick gander at Sophos knowledge base and it does say that the firewall can block windows services, but the Sophos firewall is currently allowing all traffic which is stranger still.

    We're a school so our Sophos licensing etc. is managed by the local authority helpdesk, and they haven't got back to me yet. I might just send a request to Sophos anyway explaining...

  6. #6

    Join Date
    Nov 2011
    Location
    Cambridgeshire
    Posts
    520
    Thank Post
    141
    Thanked 74 Times in 66 Posts
    Rep Power
    19
    Quote Originally Posted by tkultschar View Post
    We're a school so our Sophos licensing etc. is managed by the local authority helpdesk, and they haven't got back to me yet. I might just send a request to Sophos anyway explaining...
    My comment isn't the most enlightening you'll ever receive but don't bother phoning Sophos unless you can get all of the account details from your LA. Their CRM won't let them open a case without it, so they won't help you at all (personal experience). You'd be better spending the time nagging your LA support.

  7. #7
    MordyT's Avatar
    Join Date
    Sep 2012
    Location
    In a computer
    Posts
    420
    Thank Post
    43
    Thanked 66 Times in 61 Posts
    Rep Power
    18
    You can check the event viewer logs and see what srp is blocking...

  8. #8

    Join Date
    May 2013
    Posts
    11
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Still waiting to hear back from LA.

    Checked the Event Viewer - There is nothing relating to either Sophos or what SRP is up to.

    I can't understand how it would block DNS name resolution though. I can ping IP addresses but not hostnames. Baffling!

SHARE:
+ Post New Thread

Similar Threads

  1. Sophos Enterprise Console SQL Restore
    By googlemad in forum Windows
    Replies: 1
    Last Post: 6th February 2009, 04:08 PM
  2. Replies: 1
    Last Post: 7th January 2009, 12:13 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •