Sophos - PC IN Isolation

Computer Isolation

If the computer is in isolation and there is absolutely no way to resolve the issue without dialling in or gaining internet access to the machine, I’ve made a policy called Device Exception under the threat protection policies which will remove it from isolation once the policy applies (I want to say it took about 10 minutes to apply itself today)


Tamper Protection

If there ever comes a time you need to uninstall Sophos as it says tamper protection is enabled but you cannot turn it off the normal way.

Open CMD as admin and navigate to the Sophos folder in program files

CD C:\program files\Sophos\endpoint defense

Then enter

Sedcli -tpoff *specific tamper protection password from Sophos Cloud*


Uninstalling all of Sophos’ files

If you need to uninstall Sophos but you’re unable to, or if you want to remove all of the files to do with Sophos, you can run an executable via CMD called Sophoszap to do this for you

Navigate to the folder sophoszap is stored in

Enter sophoszap –confirm


The link to download SophosZap is this, but I’ve attached the file too

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Article is closed for comments.
Powered by Zendesk