Sophos Endpoint: Configuration Lockdown Server function on Windows Server

Server Lockdown is a function helping administrators to approve whether an applications is allowed to run on a Server. It helps admin be able to control and edit applications execution, making hackers hard to attack Server through applications

Guide to configuring Server Lockdown function

  • Before configuring Server Lockdown function, we have to use a policy to apply on Server
  • Login on Sophos Central Admin by Admin account (create a Sophos Central account)-> Server Protection -> Policies
  • Choose Base Policy – Lockdown

 

  • Create a new Policy by cloning from Base Policy
  • Click Clone  -> Continue

 

  • In tab Server, we move Server name which we want to use Lockdown function from Available Servers to Assigned Servers

 

  • In tab Settings, we can choose files or folders which can be run or not when enabling Server Lockdown. Besides that, files or folders which can be changed without turning off Server Lockdown function -> Save

 

  • After that, we choose Manager Protection -> Server to Lockdown

 

  • Choose Server name which we want to Lockdown

 

  • Click Lockdown

 

  • Click Begin Lockdown

 

  • We can see notification about Lockdown have been activated, the activation process takes about 30 minutes to complete. After that, we can use Server normally -> Click Summary to refresh

 

** When Server in the Lockdown process, we have not to install or update any software

  • To Disable Server Lockdown -> Click Unclock

Be the first to comment

Leave a Reply

Your email address will not be published.


*