Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 19 subscribers
  • Views 43622 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Complete Security Suite

dohc97

We are currently using an AV suite from another company.  I just wanted to ask your opinion on the above security suite as it is one of the products we are evaluating.  

- how efficient is it in catching virus, malware and adware

- how is it affecting the performance of both the server it is installed in and the user's machines

- how manageable is it as far as pushing to new machines

- can I install the Enterprise Console in a VM

I may have some more questions in the future.

Thanks..

:26297


This thread was automatically locked due to age.
Parents
  • 0

    HI, 

    I assume the client hasn't been protected yet and therefore hasn't communicated with the server.  The computer record was added by performing a search which found it.  It next needs the Remote Management System (RMS) to communicate.

    There are 2 approaches:

    1. Create a new SEC group, call it "Clients" for example.

    2. This new group will have the "Default" updating assigned to it as well as all the other "Default" policies.

    3. You should be able to move the computer to this new group and then right click on the computer and choose protect.  You can't protect a computer until it's in a group as when it's in unnasigned it doesn't have any policies assigned to it.

    So this is the push from SEC to the client.  The other option is to perform a pull install by running setup.exe from the server share on the client.

    So at the client, browse back to the server:

    \\<server>\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe

    In SEC you can see the View - "Bootrap Locations" dialog to see these locations.

    You can then enter the details required to perform the install.  (To script the pull method for use in scripts, see: http://www.sophos.com/en-us/support/knowledgebase/12570.aspx )

    Once RMS is installed (This is the first endpoint package to be installed by Sophos AutoUpdate) the machine should show up in SEC as connected.   You can move it to a group as required.

    To ensure RMS works correctly, you should ensure that  the firewall on the server allows TCP 8192 and TCP 8194 Incoming.

    Ideally you would also configure the client to allow 8194 TCP incoming,  If you use the Sophos Client Firewall, This will allow the RouterNt.exe process anyway.

    Regards,

    Jak 

    :26467
Reply
  • 0

    HI, 

    I assume the client hasn't been protected yet and therefore hasn't communicated with the server.  The computer record was added by performing a search which found it.  It next needs the Remote Management System (RMS) to communicate.

    There are 2 approaches:

    1. Create a new SEC group, call it "Clients" for example.

    2. This new group will have the "Default" updating assigned to it as well as all the other "Default" policies.

    3. You should be able to move the computer to this new group and then right click on the computer and choose protect.  You can't protect a computer until it's in a group as when it's in unnasigned it doesn't have any policies assigned to it.

    So this is the push from SEC to the client.  The other option is to perform a pull install by running setup.exe from the server share on the client.

    So at the client, browse back to the server:

    \\<server>\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe

    In SEC you can see the View - "Bootrap Locations" dialog to see these locations.

    You can then enter the details required to perform the install.  (To script the pull method for use in scripts, see: http://www.sophos.com/en-us/support/knowledgebase/12570.aspx )

    Once RMS is installed (This is the first endpoint package to be installed by Sophos AutoUpdate) the machine should show up in SEC as connected.   You can move it to a group as required.

    To ensure RMS works correctly, you should ensure that  the firewall on the server allows TCP 8192 and TCP 8194 Incoming.

    Ideally you would also configure the client to allow 8194 TCP incoming,  If you use the Sophos Client Firewall, This will allow the RouterNt.exe process anyway.

    Regards,

    Jak 

    :26467
Children
No Data
Unfiltered HTML