2 votes4 comments · Endpoint Protection » Sophos Enterprise Console (SEC) · Flag idea as inappropriate… · Admin →
Fixed in SAV Version 10.6.x :)
Currently under review! Keep those feature requests coming...
SAVService attempts interaction during upgrades, which throws this error. Customer asked for this as a feature request, since this behavior is not tracked as a defect.
2 votes1 comment · Endpoint Protection » Sophos Enterprise Console (SEC) · Flag idea as inappropriate… · Admin →
Console 5.3.1 has improved the way group memberships are evaluated for RBA, but the feature is not turned on by default! Try taking a look at https://www.sophos.com/en-us/support/knowledgebase/122529.aspx it should hopefully solve problems with RBA and nested groups for you.
You can already disable this through a policy setting: https://www.sophos.com/en-us/support/knowledgebase/113287.aspx
10 votesUnder Review · 0 comments · Endpoint Protection » Malware prevention · Flag idea as inappropriate… · Admin →
7 votesPip shared this idea ·
22 votes4 comments · Endpoint Protection » Sophos Enterprise Console (SEC) · Flag idea as inappropriate… · Admin →
Have you evaluated using the Sophos Reporting Log Writer?
While this does not write directly to the syslog it is the supported mechanism for integration of the log information with SIEM products.
Note Splunk Docs also has some references for configuration for use SEC.
This feature was implemented in XG Firewall
We are planning to integrate more tightly with Sophos Labs, this feature will be possible during that project, in an as-yet to be determined release.
Agreed with other commenter; would like to see the SID in the IPS reports.