You can temporarily change the security settings on this computer or server.

You might need to do this to troubleshoot. For example, you might want to turn off a feature to see if it is causing problems on the computer.

Restriction You may not have all the features described here. This depends on your license.
Restriction The Settings page is only available if you have entered the Tamper Protection password (available from the Sophos Central administrator).

How to change settings

Check the box marked Override Sophos Central Policy for up to 4 hours to troubleshoot.

You can now make changes on this page. The changes temporarily override the policy that you (or another administrator) have applied from Sophos Central Admin.

After four hours, the settings automatically change back to the centrally-enforced policy settings.

You can change the settings back sooner if you want to. You can’t use the slider controls to do this for individual features. Instead, turn off Override Sophos Central Policy for up to 4 hours to troubleshoot.

Deep learning

Deep learning uses advanced machine learning to detect threats. It can identify malware and potentially unwanted applications without using signatures.

Real-time Scanning

Real-time scanning scans items as users attempt to access them, and denies access unless they are clean. You can select:

  • Files: This scans local files and (if this is selected in the policy) network shares.
  • Internet: This scans internet resources. It can scan downloads in progress, block access to malicious websites, and detect low-reputation websites.

Controls on Users

  • Peripheral Control lets you control access to peripherals and removable media.
  • Application Control lets you detect and block applications that are not a security threat, but that you decide are unsuitable for use in the office.
  • Web Control lets you protect against risky downloads, control the sites that users can visit, and prevent data loss.
  • Data Loss Prevention lets you monitor and restrict the transfer of files containing sensitive data.
  • Tamper Protection lets you restrict changes. If this is turned on, a local administrator needs the necessary password to change security settings or uninstall Sophos Endpoint.

Runtime Protection

Runtime protection protects against threats by detecting suspicious or malicious behavior or traffic on endpoint computers. You can select:

  • Ransomware Detection: This protects against malware that restricts access to files, and then demands a fee to release them.
  • Safe Browsing: This protects your web browsers against exploitation by malware.
  • Exploit Mitigation: This protects the applications most prone to exploitation by malware, such as Java applications.
  • Network Threat Protection: This detects traffic between an endpoint computer and a server that indicates a possible attempt to take control of the endpoint computer. It includes packet inspection, which scans network communications, identifying and blocking threats before they can harm the operating system or applications.
    Note If you turn off Network Threat Protection, the EDR features, Isolation and Stonewalling, is also turned off.
  • Malicious Behavior Detection: This detects and blocks behavior that is known to be malicious or is suspicious.

Computer controls

You can monitor Windows Firewall (and other registered firewalls) on your computers and servers.