Test threat detection
- Download the eicar string from http://www.eicar.org/.
- Copy the string into a Notepad file and save it as
eicar.txt
. - Rename the file to
eicar.com
and double click it.
You should see a detection then a cleanup.
In the Sophos Endpoint UI, the Status tab will show Threat detected.
The Events tab will show threat detected and then threat cleaned up.
Clear the alert from Sophos Central:
- Sign in to Sophos Central Admin.
- Go to Endpoint Protection > Computers .
- Find the workstation you did the test on and double-click to open details.
- On the Status tab, you see an alert. Select the alert and click Acknowledge to dismiss it.