We can gather an inventory list of devices using the Sophos Central API. We also need to establish the current devices in Sophos Central. Important fields from this data source are: You will need to monitor the latest changes in the Disabled OU or equivalent location dependent on how your organization manages retired devices and rebuild processes. For a quick overview, below is a process diagram we have in place.įirstly, and most importantly, we need a source of truth for devices, and for most organizations this is AD. To answer these questions, I will cover the basic components of our process as a template for you to implement into your own environment and processes.
#How to uninstall sophos endpoint with tamper protection manual#
The first is somewhat a manual process using the Sophos Central API to gather device information and manually cross reference those devices against your source of devices.
If there are many devices in need of deleting, we do not want to manually delete these through the UI of Sophos Central. This means there is currently no native method to clear old devices from Sophos Central automatically. So why do I need to do this?Ĭurrently the Sophos Central Active Directory (AD) Sync Utility supports synchronizing AD users and user groups, but not devices and device groups. Although, I’m sure for many of us out there, there’s a device that may have slipped through the net and is lying dormant in Sophos Central. Perhaps your tenant is looking spick and span and is a model deployment. Whatever the reason, you may already have a robust process in place for dealing with such devices. This could be due to a multitude of reasons. The number of devices managed in your Sophos Central will increase over time, and, as your estate evolves, some devices may not have a recent last activity date.
0 kommentar(er)
