Exploit prevention policy

Note: This feature is not included with all licenses. If you want to use it, you might need to change your license. For more information, see http://www.sophos.com/en-us/products/complete/comparison.aspx.

Exploit prevention lets you:

By default, exploit prevention and all exploit prevention options are turned on.

Important: If you upgrade your license to include Exploit Prevention, it is not automatically installed on the computers you already manage. You need to reprotect the computers to install it. See Protect computers automatically.

You can exclude applications from exploit prevention. Note that they will still be protected by CryptoGuard and Safe Browsing.

For more information about the recommended settings for exploit prevention, see the Sophos Enterprise Console policy setup guide.

Note: If you use role-based administration:

For more information, see Managing roles and sub-estates.

HitmanPro.Alert and policy updates

HitmanPro.Alert detects applications, on endpoints, that need protection. It reports the detected application to the Sophos Enterprise Console server. The server collates the applications that require protection and every 120 minutes merges the new application data into the policy. The server distributes the updated policy to the endpoints and provides the list of applications to be protected.