SafeGuard 5.6 Easy endpoint migration to 6.1 Enterprise Server

Hi EAA729,

This comes from the Safeguard easy upgrade guide at:

www.sophos.com/.../ssg_61_bpg_eng_upgrade_best_practice.pdf

Page 10.

To migrate endpoints:
1. Install the latest pre-installation package SGxClientPreinstall.msi that provides the
endpoint with the necessary requirements for a successful installation of the current encryption
software.
Do not uninstall previous pre-installation packages.

2. From the product's install folder, install the latest version of the respective Sophos SafeGuard
encryption software.
Windows Installer recognizes the features that are already installed and only installs these again.
If SafeGuard Power-on Authentication is installed, an updated POA kernel is also available
after a successful update (policies, keys etc.). Sophos SafeGuard is automatically restarted on
the computer.
To install new features with the upgrade, select an installation of type Custom. Then select the
new features and the ones to be upgraded. With an unattended installation, use the
ADDLOCAL= property to select the features you want (existing and new).

3. In the SafeGuard Management Center, on the Tools menu, click Configuration Package Tool.
Click Managed client packages and create a configuration package. For further information,
see the SafeGuard Enterprise installation guide, section Create configuration package for managed
computers.

4. Assign this configuration package to the Sophos SafeGuard endpoints using a group policy.
Authentication is disabled as the user-computer assignment is not migrated. After migrating,
the endpoints are therefore unprotected!

5. The user needs to restart the endpoint. The first logon is still achieved with Autologon. New
keys and certificates are assigned to the user.

6. The user needs to restart the endpoint for a second time and log on at the SafeGuard Power-on
Authentication. The computers are protected again only after the second restart.

7. Delete outdated and unused configuration packages.
The Sophos SafeGuard endpoint is now connected to the SafeGuard Enterprise Server.

Thanks

PaulD

Hi EAA729,

This comes from the Safeguard easy upgrade guide at:

www.sophos.com/.../ssg_61_bpg_eng_upgrade_best_practice.pdf

Page 10.

To migrate endpoints:
1. Install the latest pre-installation package SGxClientPreinstall.msi that provides the
endpoint with the necessary requirements for a successful installation of the current encryption
software.
Do not uninstall previous pre-installation packages.

2. From the product's install folder, install the latest version of the respective Sophos SafeGuard
encryption software.
Windows Installer recognizes the features that are already installed and only installs these again.
If SafeGuard Power-on Authentication is installed, an updated POA kernel is also available
after a successful update (policies, keys etc.). Sophos SafeGuard is automatically restarted on
the computer.
To install new features with the upgrade, select an installation of type Custom. Then select the
new features and the ones to be upgraded. With an unattended installation, use the
ADDLOCAL= property to select the features you want (existing and new).

3. In the SafeGuard Management Center, on the Tools menu, click Configuration Package Tool.
Click Managed client packages and create a configuration package. For further information,
see the SafeGuard Enterprise installation guide, section Create configuration package for managed
computers.

4. Assign this configuration package to the Sophos SafeGuard endpoints using a group policy.
Authentication is disabled as the user-computer assignment is not migrated. After migrating,
the endpoints are therefore unprotected!

5. The user needs to restart the endpoint. The first logon is still achieved with Autologon. New
keys and certificates are assigned to the user.

6. The user needs to restart the endpoint for a second time and log on at the SafeGuard Power-on
Authentication. The computers are protected again only after the second restart.

7. Delete outdated and unused configuration packages.
The Sophos SafeGuard endpoint is now connected to the SafeGuard Enterprise Server.

Thanks

PaulD