What are the default policies?

When you install Enterprise Console, default policies are created for you.

Note: Some features will be unavailable if your license does not include them.

Updating policy

The default updating policy in a fresh installation of Enterprise Console provides:

Anti-virus and HIPS policy

The default anti-virus and HIPS policy in a fresh installation of Enterprise Console provides:

For a full list of the default settings for the Anti-virus and HIPS policy in a fresh installation of Enterprise Console, go to knowledgebase article 27267.

Application control policy

By default, all applications and application types are allowed. On-access scanning for applications you may want to control on your network is disabled.

Firewall policy

By default, the Sophos Client Firewall is enabled and blocks all non-essential traffic. Before you use it throughout your network, you should configure it to allow the applications you want to use. See Set up a basic firewall policy.

For a full list of the default firewall settings, see knowledgebase article 57757.

Data control policy

By default, data control is turned off and no rules are specified to monitor or restrict the transfer of files to the internet or storage devices.

Device control policy

By default, device control is turned off and all devices are allowed.

Patch policy

By default, patch assessment is turned off. For new patch policies, assessment is turned on. Once patch assessment is turned on, computers are assessed daily for missing patches (unless you have changed the patch assessment interval).

Tamper protection policy

By default, tamper protection is turned off and no password is specified to allow authorized endpoint users to re-configure, disable or uninstall Sophos security software.

Web control policy

By default, web control is turned off, and users can visit any site that is not restricted as part of Enterprise Console's web protection. See Web protection.

Exploit prevention policy

By default, exploit prevention is turned on. See Exploit prevention policy.