Configuration guide

This guide is for network administrators who want to protect computers running Windows Embedded platforms.

To find out which platforms we support see Supported Windows Endpoint and Server Platforms.

Embedded versions of Windows can be compiled with many different customizations, so this guide does not attempt to discuss whether each can be protected successfully. Instead, it tells you how to run checks after installation to see whether Sophos Endpoint Protection is functioning properly.

Warning This guide assumes that you have previously used Sophos Central for installing and managing Sophos Endpoint Protection on your network.

It describes how to:

  • Install Sophos Endpoint Protection on computers running Windows Embedded platforms.
  • Test that the software is being updated.
  • Test threat detection.
  • Set the peripheral control policy.
  • Set the data control policy.

Install Sophos Endpoint Protection

Make sure that Microsoft .NET Framework 4 is installed.

Note Sophos Endpoint Protection can be installed without it, however you will not be able to access the self help section that you need for tests later on.

Follow these instructions to install Sophos Endpoint Protection on your workstations: Endpoint Protection.

Check updating

To check that your workstations are receiving Sophos updates:

  1. On the taskbar notification area, right-click the Sophos Endpoint Protection icon and select Update now. Wait for the update to complete.
  2. Open Sophos Endpoint Protection.
  3. Click About.
  4. Click Run Diagnostic Tool.
  5. Click the Update tab and check the last update time.

Test threat detection

  1. Download the eicar string from http://www.eicar.org/.
  2. Copy the string into a Notepad file and save it as eicar.txt.
  3. Rename the file to eicar.com and double click it.

You should see a detection then a cleanup.

In the Sophos Endpoint UI, the Status tab will show Threat detected.

The Events tab will show threat detected and then threat cleaned up.

Clear the alert from Sophos Central:

  1. Sign in to Sophos Central Admin.
  2. Go to Endpoint Protection > Computers .
  3. Find the workstation you did the test on and double-click to open details.
  4. On the Status tab, you see an alert. Select the alert and click Acknowledge to dismiss it.

Set the Peripheral Control Policy

  1. In Sophos Central, go to Endpoint Protection > Policies.
  2. Click the Peripheral Control policy then click the Settings tab.
  3. Under Manage Peripherals, select Control access by peripheral type and add exemptions.
  4. Select Block for all the peripheral types.

Set the Data Loss Prevention Policy

The purpose of this task is to prevent the copying of sensitive files.

  1. In Sophos Central, go to Policies > Data Loss Prevention and click on the policy you want to apply to your workstations.

    You can clone an existing policy and edit it. See Data Loss Prevention Rules.

  2. Add a New Content Rule. See Create a Data Loss Prevention Rule.
  3. When specifying actions for the rule make sure that you Block Transfer.
  4. When configuring the rule, under Conditions > Destination is:, click Storage.

Legal notices

Copyright © 2020 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.