What are the default policies?

When you install Sophos Enterprise Console, default policies are created for you.

Note Some features will be unavailable if your license does not include them.

Updating policy

The default updating policy in a fresh installation of Sophos Enterprise Console provides:

  • Automatic updating of computers every 10 minutes from the default location. The default location is a UNC share \\<ComputerName>\SophosUpdate, where ComputerName is the name of the computer where the update manager is installed.

Anti-virus and HIPS policy

The default anti-virus and HIPS policy in a fresh installation of Sophos Enterprise Console provides:

  • On-access scanning for viruses, Trojans, worms, spyware, and adware and other potentially unwanted applications (but not suspicious files).
  • Detection of buffer overflows, malicious and suspicious behavior of programs running on the system, and malicious network traffic.
  • Blocking of access to websites that are known to host malware.
  • Scanning of content downloaded from the internet.
  • Security alerts displayed on the desktop of the affected computer and added to the event log.

For a full list of the default settings for the Anti-virus and HIPS policy in a fresh installation of Enterprise Console, go to knowledgebase article 27267.

Application control policy

By default, all applications and application types are allowed. On-access scanning for applications you may want to control on your network is disabled.

Firewall policy

By default, the Sophos Client Firewall is enabled and blocks all non-essential traffic. Before you use it throughout your network, you should configure it to allow the applications you want to use. See Set up a basic firewall policy.

For a full list of the default firewall settings, see knowledgebase article 57757.

Data control policy

By default, data control is turned off and no rules are specified to monitor or restrict the transfer of files to the internet or storage devices.

Device control policy

By default, device control is turned off and all devices are allowed.

Patch policy

By default, patch assessment is turned off. For new patch policies, assessment is turned on. Once patch assessment is turned on, computers are assessed daily for missing patches (unless you have changed the patch assessment interval).

Tamper protection policy

By default, tamper protection is turned off and no password is specified to allow authorized endpoint users to re-configure, disable or uninstall Sophos security software.

Web control policy

By default, web control is turned off, and users can visit any site that is not restricted as part of the Sophos Enterprise Console web protection. See Web protection.

Exploit prevention policy

By default, exploit prevention is turned on. See Exploit prevention policy.