With a recent aquisition we are using Lansweeper to get a hold of our asset inventory. One issue I see is that there are over 300 devices that are flagged as having antivirus disabled. When I go on the asset in Lansweeper is shows that Windows Defender is disabled and that Sophos is enabled. There are even some instances where the PC is showing multiple Sophos instances (even though there is only 1). What can we do to have it ignore the Windows Defender (which we do not use) and focus on only 1 Sophos AV applications?
To address the issue of multiple antivirus detections in Lansweeper's asset inventory, follow these steps: First, uninstall Windows Defender from devices where it's not in use. Next, ensure only one instance of Sophos antivirus is installed on each device, removing any extra installations. Configure Lansweeper to exclude Windows Defender and unnecessary Sophos instances.
Now, perform a rescan in Lansweeper to update the inventory accurately. For ongoing management, consider using endpoint management solutions to streamline antivirus deployment and monitoring. Always refer to tool documentation and support if needed.
Not sure if these help :
Have you also checked if Defender should be running in Passive Mode alongside Sophos, not sure with Sophos , you can check the status of Defender using Powershell and running "mpcomputerstatus" and check the field "AMRunningMode" ?