Fix Endpoint Threat Protection policy
Ensure your Endpoint Threat Protection policies use the recommended settings.
The recommended settings offer the best security. If you must change settings to fix issues, change as few as you can and apply them to as few devices as you can.
If Account Health Check warns that policies have settings that differ from Sophos recommendations, you can fix this automatically or manually.
If you choose to fix your policies automatically, we apply our recommended settings for all options in your endpoint threat protection policies to your affected computers. You can review the changes in your audit log.
To fix your policies automatically, do as follows:
Click Fix automatically in the warning.
Confirm that you want to apply our recommended settings.
To fix your policies manually, do as follows:
Click the policy name in the warning.
The Settings tab on the policy page opens. A warning shows at the top of the tab and settings that differ from our recommendations are highlighted in red.
- If the policy is the Base Policy, as in the example shown here, click Reset to reapply the recommended settings.
- For any other policy, or if you want to reapply recommendations manually, so you can check each one, go to each highlighted setting and turn it on or reconfigure it.
A reset turns on all settings except device isolation and SSL/TLS decryption of HTTPS websites (turn these on manually if you want them).
Click Save at the top of the policy page.
The Settings tab now shows that you have the recommended protection.