About Sophos groups
Sophos Endpoint Security and Control restricts access to certain parts of the software to members of certain Sophos groups.
When
Sophos Endpoint Security and Control
is installed, each user on this computer is initially assigned to a Sophos
group depending on their Windows group.
| Windows group | Sophos group |
|---|---|
| Administrators | SophosAdministrator |
| Power Users | SophosPowerUser |
| Users | SophosUser |
Users who are not assigned to a Sophos group, including Guest users, can only perform the following tasks:
SophosUsers
SophosUsers can perform the tasks above and also perform the following tasks:
- Open the Sophos Endpoint Security and Control window
- Set up and run on-demand scans
- Configure right-click scanning
- Manage (with limited privileges) quarantined items
- Create and configure firewall rules
SophosPowerUsers
SophosPowerUsers have the same rights as SophosUsers, with the addition of the following rights:
SophosAdministrators
SophosAdministrators can use and configure any part of
Sophos Endpoint Security and Control.
Note: If tamper protection is enabled, a SophosAdministrator must know
the tamper protection password to perform the following tasks:
For more information, see About tamper protection on this computer.