Sophos Endpoint Security and Control Windows Embedded test guide. Product version: 10



Similar documents
Sophos Anti-Virus for Mac OS X network startup guide

Sophos Anti-Virus for NetApp Storage Systems startup guide

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

Endpoint web control overview guide. Sophos Web Appliance Sophos Enterprise Console Sophos Endpoint Security and Control

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Sophos Cloud Migration Tool Help. Product version: 1.0

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Sophos Endpoint Security and Control standalone startup guide

How to Configure Sophos Anti-Virus for Home Systems

SafeGuard Enterprise upgrade guide. Product version: 6.1

Sophos SafeGuard Native Device Encryption for Mac quick startup guide. Product version: 7

Sophos Enterprise Console server to server migration guide. Product version: 5.2

Sophos Enterprise Console server to server migration guide. Product version: 5.1 Document date: June 2012

Sophos Endpoint Security and Control How to deploy through Citrix Receiver 2.0

SafeGuard Enterprise upgrade guide. Product version: 7

Sophos Disk Encryption License migration guide. Product version: 5.61 Document date: June 2012

Sophos Computer Security Scan startup guide

Sophos Anti-Virus for Mac OS X network startup guide. For networked Macs running Mac OS X

SafeGuard Easy upgrade guide. Product version: 7

Sophos Mobile Control User guide for Windows Mobile

Sophos for Microsoft SharePoint startup guide

Sophos Mobile Control user help. Product version: 6.1

Sophos Mobile Control User guide for Windows Phone 8. Product version: 3.5

Kodak Asset Management Software Client Module

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES

How to connect to VUWiFi

Sophos Enterprise Console Auditing user guide. Product version: 5.2

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

Sophos for Microsoft SharePoint Help

Implementing and Supporting Windows Intune

Sophos SafeGuard File Encryption for Mac Quick startup guide. Product version: 6.1

PC Agent Quick Start. Open the Agent. Autonomy Connected Backup. Version 8.8. Revision 0

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

Moving SQL Servers. Document version 3.2 Published December 2010

In this note, you will learn the basic applications of McAfee VirusScan Enterprise (hereafter McAfee ). Six topics will be covered as below:

Integration with IP Phones

Sophos Enterprise Console Help

Sophos Mobile Control Startup guide. Product version: 3

SafeGuard Enterprise Web Helpdesk. Product version: 6.1

SMALL BUSINESS EDITION. Sophos Control Center startup guide

Sophos for Microsoft SharePoint Help. Product version: 2.0

Citrix Access Gateway Plug-in for Windows User Guide

SafeGuard Enterprise Web Helpdesk

Sophos SafeGuard Disk Encryption, Sophos SafeGuard Easy Demo guide

Administrator s Plus. Backup Process. A Get Started Guide

Secure File Transfer Guest User Guide Updated: 5/8/14

Sophos Mobile Control Startup guide. Product version: 3.5

Sophos Mobile Control User guide for Apple ios. Product version: 4

Troubleshooting File and Printer Sharing in Microsoft Windows XP

Sophos Mobile Control User guide for Apple ios. Product version: 2 Document date: December 2011

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

Sophos Deployment Packager user guide. Product version: 1.2

How to Configure a Secure Connection to Microsoft SQL Server

Sophos Mobile Control Installation guide

SELF SERVICE RESET PASSWORD MANAGEMENT BACKUP GUIDE

SecuraLive ULTIMATE SECURITY

If the Domain Controller is running Windows Server 2003, it is strongly advised that the Group Policy Management tool is installed.

SafeGuard Easy startup guide. Product version: 7

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

Secure Agent Quick Start for Windows

HELP DOCUMENTATION E-SSOM BACKUP AND RESTORE GUIDE

McAfee VirusScan Enterprise for Linux Software

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

Sophos Mobile Control User guide for Apple ios

Moving the Web Security Log Database

Symantec Endpoint Protection Getting Started Guide

Integrate Astaro Security Gateway

Integrating Symantec Endpoint Protection

Sophos Anti-virus Basic Level Handout

All other trademarks are property of their respective owners.

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Releasing blocked in Data Security

Hyperoo 2.0 A (Very) Quick Start

Unix server Installation guide

GUARD1 PLUS Mini-Attendant File Manager User's Guide Version 2.71

PureMessage for Microsoft Exchange Help. Product version: 4.0

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

Sophos Mobile Control User guide for Android

K7 Business Lite User Manual

Manually Add Programs to Your Firewall or Anti-Virus Programs Trusted List. ZoneAlarm

Interact for Microsoft Office

Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide

Sophos Mobile Control as a Service Startup guide. Product version: 3.5

Endpoint Security VPN for Windows 32-bit/64-bit

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

NOVELL ZENWORKS ENDPOINT SECURITY MANAGEMENT

Microsoft Office Communicator 2007 Getting Started Guide. Published: July 2007

Sophos Anti-Virus for Windows, version 7 user manual. For Windows 2000 and later

System Administrator Guide

You must have at least Editor access to your own mail database to run archiving.

ESET REMOTE ADMINISTRATOR. Migration guide

DP-313 Wireless Print Server

Cloud Attached Storage

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Using McAfee VirusScan. Professional Edition Version 8.0. Software On a DX8000 DVR

Installation Guide. Wyse S Class Conversion to ThinOS. Wyse Simple Imager TM Release Issue: PN: L Rev. C

Aventail Connect Client with Smart Tunneling

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

Transcription:

Sophos Endpoint Security and Control Windows Embedded test guide Product version: 10 Document date: February 2013

Contents 1 About this guide...3 2 Prepare for testing...3 3 Install security software...4 4 Test threat detection...5 5 Test application control...5 6 Test data control...6 7 Test device control...7 8 Legal notices...8 2

Windows Embedded test guide 1 About this guide This guide is for network administrators who want to protect computers running the following Windows Embedded platforms: Windows Embedded POSReady Windows Embedded for Point of Service (WEPOS) Windows Embedded Standard Windows XP Embedded (Windows XPe) Embedded versions of Windows can be compiled with many different customizations, so this guide does not attempt to discuss whether each can be protected successfully. Instead, it tells you how to run checks after installation to see whether Sophos security software is functioning properly. This guide assumes that you have previously used Sophos Enterprise Console for installing and managing Sophos software on your network. It describes how to: Install Sophos security software on computers running Windows Embedded. Test that the software is being updated. Test threat detection. Test application, data and device control. Important: If you complete all the tests in this guide successfully, Sophos will make commercially reasonable efforts in accordance with its standard business practices to provide technical support. For current support policy, see Sophos support knowlegebase article 63797 (http://www.sophos.com/en-us/support/knowledgebase/63797.aspx). 2 Prepare for testing Before you start: Select endpoint computers running Windows Embedded to use as test computers. Ensure that you have the EICAR virus detection test file installed or ready to install on your test computers. Ensure you have Windows Live Messenger available to install on the test computers during application control testing. Note: Windows Embedded computers have highly variable configurations. Therefore, you may need to modify some of these tests somewhat, for example when testing device control, choose actual hardware present or available to connect. 3

Sophos Endpoint Security and Control 3 Install security software Before testing, you need to: Install the security software on test computers. Check that the software is being updated. 3.1 Install software You install Sophos Endpoint Security and Control for Windows in the same way that you would install it on any other Windows endpoint computer. You can do either of the following: Automatic installation. In Enterprise Console, find the test computers and ensure they have a valid updating policy. Select the computers, right-click and click Protect computers. Manual installation. At the test computers, browse to the folder from which endpoint computers get updates and run the Sophos installation program. Note: The folder from which computers get updates can be found by looking in Enterprise Console, Bootstrap Locations on the View menu. 3.2 Check updating You should check that the test computers are receiving Sophos updates. At the test computers: 1. On the taskbar notification area, right-click the Sophos Protection icon and select Update now. Wait for the update to be completed. 2. Open Sophos Endpoint Security and Control. 3. On the home page, in the Status panel check that the Last Updated time has changed. 4

Windows Embedded test guide 4 Test threat detection 4.1 Check that detection works To check that Sophos Endpoint Security and Control can detect threats, perform an EICAR test as follows. 1. On the test computers, attempt to copy an EICAR standard anti-virus test file onto the computer (or run EICAR if it is already on the computer). The test computers should display a virus alert. 2. Check that the test computer's Quarantine manager shows the EICAR file as a detected threat. 4.2 Check alerts Go to Enterprise Console and: Check in the computer list view that the Status and Error and Alert Details tabs show an alert and the virus name. Now you must clear the alerts. 4.3 Clear alerts 1. On the test computers, clear the alert from the Quarantine manager. 2. In Enterprise Console, clear the alert in the Resolve Alerts and Errors dialog. 5 Test application control 5.1 Configure application control 1. In Enterprise console, open an application control policy. 2. Configure the policy to block an application such as Windows Live Messenger. 3. Apply the policy to the test computers. 4. In Enterprise Console, check that the policy change is being applied, and that the test computers comply with the policy. 5

Sophos Endpoint Security and Control 5.2 Check that application control works 1. On the test computers, right-click the Sophos Protection icon and select Update now. 2. Attempt to install and open the application (e.g. Windows Liver Messenger). 3. Check that an alert is shown. The application should be shown in the Quarantine manager as a blocked application. 4. In the Enterprise Console Application Control tab, check the Application control event count. 5.3 Clear alerts and reset policy 1. On the test computer(s), clear the alerts from the Quarantine manager 2. In Enterprise Console, change the application control policy back to its original settings (remove Windows Live Messenger from the banned application list). 3. In Enterprise Console, check that the endpoint application control policy shows "Same as policy". 4. On the test computer(s), check that the controlled application can now be installed/run. 6 Test data control 6.1 Configure data control 1. In Enterprise Console, create a data control policy and open it. 2. On the Policy Rules tab, click Manage rules. 3. In the Data Control Rule Management dialog box, click Add Content Rule. 4. Enter a Rule name. Under Rule Content click the link in "Where the file contains". 5. In the Content Control List Management dialog box, select a CCL and click OK. 6. Under Rule Content, click the "Select destination" link and check Removable Storage. Click OK. 7. On the Data Control Rule Management dialog box, select the rule you created and click OK. 8. Close all dialogs and apply the policy to the test computers. 6.2 Check that data control works 1. On the test computers, open Sophos Endpoint Security and Control. 2. On the home page, in the Status panel, check that data control is shown as enabled. 3. Click the Data control log icon. Check that data control scanning has started. 6

Windows Embedded test guide 7 Test device control 7.1 Configure device control 1. In Enterprise Console, open a device control policy. 2. Configure the policy to block Modems and Wireless. 3. Ensure that the policy is applied to the test endpoint computers. In the Computer details, the Device Control Policy Compliance column should show "Awaiting policy transfer" and then "Same as policy". 4. Check that the endpoint is now compliant with the policy. 7.2 Check that device control works 1. On the endpoint computers, connect modem & wireless devices. A balloon warning should be displayed for each blocked device 2. Open Sophos Endpoint Security and Control. On the home page, click the Device control log and check that the device is blocked. 3. Check that the Windows Device Manager shows that the device has been disabled. 4. Use the wireless device to attempt to contact a wireless network Windows should show that the device is blocked and cannot detect networks. 5. Use the Windows Device Manager to test the modem device. Check that the modem cannot be tested. 7.3 Reset device control policy 1. In Enterprise Console, set the device control policy as follows: Modem: Full access. Wireless: Full access. 2. Apply the policy to the test computers. 3. Check that the computers comply with the policy. 4. On the test computers, click the Device control log icon and check that the device is enabled. 5. On the endpoint, check that the wireless device can detect wireless networks. 6. Use the Windows Device Manager to test the modem device. Check that the device self test is successful. 7

Sophos Endpoint Security and Control 8 Legal notices Copyright 2010 2013 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner. Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information