1 Overview
Sophos Endpoint blocks malicious software as well as dangerous scripts from running on the system. However, there are scripts we create for our own purposes, but when we launch them, they are blocked by Endpoint.
Here thegioifirewall will guide you to use exclusion policy to allow these scripts to run
2 Situation
The situation in this article is that Endpoint blocks script from automatically removing software from your computer.
When we launch the script to uninstall, the endpoint shows a message and marks this script as a member of the Security Software Removal Tool group, so it blocked the script from running.
Open the log to see if we will see the blocked script information about the path as well as the file’s hash code
3 Configuration
To configure the above exclude script, we perform the following steps:
We proceed to create an Endpoint policy. Select the policy type as Threat protection. Select the devices you want to add to the policy
Then switch to settings. Scroll down to the bottom.
In the Exclusion section, select Add Exclusion
Select Exclusion Type as File or Folder. In the Value section, Enter the path of the script file to remove the endpoint and then select Add.
Save policy just created. So we can run the script to remove the endpoint of the above article.
Leave a Reply