A lot of AV locks things down so you get Windows errors.
Help me to install a some software please
- Thread starter SexyGreyFox
- Start date
A lot of AV locks things down so you get Windows errors.
The error could mean a number of things including access to a netshare which is common when you elevate to an admin. However, the OP replied, the file is being deleted just after it's run.
Most AV software, including Sophos should display a notification saying the file has been quarantined. The warning has probably been suppressed by the admin.
Is this a customised sophos install for the NHS, ( beyond having a password they must know ) ...
given the ransomware problem they have had, it does seem a reasonable approach.
can you install a virtual machine, with sophos, exclusively, for your nhs work , and, thus, workaround the problem.
given the ransomware problem they have had, it does seem a reasonable approach.
can you install a virtual machine, with sophos, exclusively, for your nhs work , and, thus, workaround the problem.
I posted a video above:
Here's a video of me putting the file into the Temp folder straight out of a ZIP file and it deletes without running it..
http://www.dmpoole.co.uk/pics/sophos.mp4
Yes
I've got another 256gb SSD and today I have done a full install of all my favourite programs and I can boot into my 'Sophos NHS drive' first thing in the morning.
If I need to use Sonar I can put the other new drive on.
UPDATE
I've just had a call off NHS IT and my mate Rob said the instructions they sent out were wrong and you don't need to install Sophos on your home machine only the VPN
Apparently they've had dozens of calls about it and they don't have the password.
Sophos is for those who take the NHS laptops home with them but it should already be installed anyway.
I've just had a call off NHS IT and my mate Rob said the instructions they sent out were wrong and you don't need to install Sophos on your home machine only the VPN
Apparently they've had dozens of calls about it and they don't have the password.
Sophos is for those who take the NHS laptops home with them but it should already be installed anyway.
Sophos on W10. I've literally heard it all now. Ditch it, it's not needed, in fact, no 3rd party AV is really required for W10.
This is why NHS Digital and Trusts IT is in such a mess. They literally have no idea.
This is why NHS Digital and Trusts IT is in such a mess. They literally have no idea.
Last edited:
Don
Why isn't it needed? Is Windows 10 magically invulnerable?
Sophos as evidenced above does a lot more than just antivirus - it's a complete endpoint protection product.
My previous job was in higher education. When the time came to move to Windows 10 I was able to convince everyone to ditch Sophos.
We had too many issues managing Sophos for the Windows 7 clients. The management console needed several hours of maintenance every week and Sophos support we clueless even though the infrastructure was installed by their consultants before my time. The team had given trying to fix client and definition update issues on endpoints.
We had too many issues managing Sophos for the Windows 7 clients. The management console needed several hours of maintenance every week and Sophos support we clueless even though the infrastructure was installed by their consultants before my time. The team had given trying to fix client and definition update issues on endpoints.
It offers nothing more than Defender. In fact, like most 3rd party AV solutions, it actually slows down the W10 experience because of it's obtrusive and intrusive nature. Additionally, for W10 in the Enterprise, it's absolutely the last thing you'd want given a respectable security design, AppLocker, CredGuard and DeviceGuard with Defender ATP. That's what the NHS/Trusts should be using. Not some bloatware they don't even have the password to.
As evidenced above how? He was advised to remove it and just use a VPN (although I admit, the very idea that they deem a VPN as a solution to AV I think worries me more)...
I've just had a call off NHS IT and my mate Rob said the instructions they sent out were wrong and you don't need to install Sophos on your home machine only the VPN
Apparently they've had dozens of calls about it and they don't have the password.
Sophos is for those who take the NHS laptops home with them but it should already be installed anyway.
this sounds like nhs haven't learned their lesson from the ransomware scandal ...
maybe, they have had to compromise, for home working
high tech/chip companies I'm aware of, you have to use a works laptop, with its end point software, to work from home.
The problem with the NHS is the disparity of the root NHS (and NHS Digital) and the Trusts. Nothing aligns. They are adopting Win10 (5 years after it came out), they've only just learned that it has a native AO VPN, which is configured poorly (ie, it doesn't have DNS leak protection in the profile XML), some trusts use AV, others don't, some Trusts don't even know what BYOD means, and yet other parts of the NHS appear to (as per the OP) but then implement it poorly with no MDM (Intune, AirWatch, etc) so asking a user to use a personal device offers no protection to the NHS at all. There are no conditional access policies for personal users ensuring OS patch levels or even OS versions are at a minimal level. Normal users don't demark their RBAC privileges, it's all a complete nightmare, and, as you say, is highlighting they haven't learned anything.
At least you now have a clean install of Windows 10
Has you work pattern changed now, are you being asked to work from home?
Yes I've been working from home for two months and last Thursday I decided to do a whole new installation and had my problems with my music software which I'd put in the OP.
Where did you get that from?
They said I can just use the VPN with my own antivirus and they shouldn't have been advising people working on their own computers to install Sophos.
I think only a handful of computers at a Trust with 3000+ computers have it.
Sorry, I didn't see mention you had your own AV installed (which I assumed you wouldn't, because to have that + Sophos would have been even more facepalm). In any case, the NHS were advised after WannaCry to use Win10 and stay Native first because 3rd Party AV is moot on W10, especially in a corporate environment. It appears that message didn't make it through
Don
Last time I checked Windows defender didn't offer centralised reporting, centralised management, bring your own device support, device policy control, application policy control etc
Defender ATP is a completely different thing to Defender though... and is more comparable to Sophos endpoint
The whole point is to provide a managed environment that you don't allow users to change/disable?
The very fact that certain installers were blocked from even running (likely based on whatever policies were in place)
As mentioned earlier in the thread, I don't think much to Sophos in general, and agree it's a bloaty mess. However it's protection and featureset is completely different to Windows 10's inbuilt version of defender.
1. You're comparing Sophos commercial to Defender. Sophos home offers none of those things and native Defender meets or exceeds it.
2. Defender ATP is comparable (again, meets or exceeds) to Sophos Intercept as you say, but you're missing my point. The NHS should be using Defender ATP. It will more than likely already be being paid for and yet they seem to want to spend more on licensing Sophos. Madness.
It looks as though I was comparing Sophos home to Defender and Sophos Intercept to Defender ATP. They are the comparisons I was making when suggesting Defender was a suitable alternative.
By "They" I mean NHS IT, as referenced by the OP. They don't know the Sophos management password!