server not updating for weeks yet green in dashboard

Hi JerzyT 

How long is the server out of date? and is there any update failure alerts in the central for the respective client?

Hi JerzyT 

How long is the server out of date? and is there any update failure alerts in the central for the respective client?

Hi Gowtham,

I am looking at one affected server now. Here are some details:

-it says agent is not updated for 4 months

-there are event entries that say " Download of WindowsCloudServer failed from server http:∕∕dci.sophosupd.com."

-machine appears with green status

-there are no alerts for this server

In general my experience with alerts is opposite where there is a lot of noise and alerts for every single blip like a workstation not rebooting etc. but in this case it seems like it did not bring this incident to our attention and we noticed it accidentally. For example at the same time this is happening there is another server there that was made "amber" because it could not update. So it seems to be the case just for few random machines.

Regards,

JT

Hi JerzyT 

The issue that you are reporting is something new that I have not seen so far. I would like to take a look into your central Dashboard. Will it be ok for you to enable the remote assistance for the support in your central account and DM me the license number?

Also, Can you open a support case so that we can investigate this further? - Open a support ticket via Web form.

Has this image been cloned from another image, renamed or in some way pre-existing to this build, say restored from a backup or something like that?

Now that I think about it I did have an issue where I renamed a computer and it was not getting updates, I got flagged however.  But still just trying to fill in the blanks.

Hi Gowtham,

Looking more into this I see that for each one of these servers there was an amber event that said device was not up to date. It must have been that these alerts were acknowledged by customer and even tho servers were not updating they were showing green. I have a case opened for the actual reason why servers were not updating which turned out to be TLS 1.0.

Regards,

JT

Hi Gowtham,

One thing I liked about SEC was that you could clearly see on the list of serves, in appropriate tab the client and definition versions for all servers whereas now in my situation I would need to go into each device to check. Unless there is another way I am not aware of.

Regards,

JT

Can you elaborate more on TLS 1.0? Do mean you had TLS 1.0 disabled or enabled, for example in my case I have SSL 3.0, TLS 1.0 disabled and my servers are updating fine.

TLS 1.0 was disabled for security reasons and servers stopped updating. This KB helped: https://community.sophos.com/kb/en-us/132609

So basically making TLS 1.2 default protocol.

Hi JerzyT 

Glad to know that the issue was sorted out. Regarding the client's version details, you can check them from the Sophos Central Dashboard (Expand the Installed component versions).