This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

manage program update of Security Agent during working time


yesterday some ouf our Sophos Central Clients received program updates whilst working on the computer. This resulted in slow performance and a loss of Security Heartbeat to the firewall when the Heartbeat Service restarted. The restart of the Service is quick but the reconnection of the Heartbeat with the firewall takes over a minute. This causes applications to crash or interruption of active web meetings.

Is there a way to manage this behaviour?

We want automated installation and I don't want to push updates manually. But there should be some warning like "your Sophos Software needs update, install now or later" like 15 minutes, 1 hour and so on.

Any way to achieve this?

At least there should be a possibility to select a general time frame that an administrator can create for program upgrades. So for example: only install updates from 12 until 1pm. Missted schedule: install after next reboot.



This thread was automatically locked due to age.
Parents Reply Children
  • Thanks for your answer and the link. I will read into it.

    Unfortunately, manual update was not what I was looking for.

    But this reads interessting "If you prefer, you can control how your computers update. For example, you can stop updates on all computers during a busy period"


    after checking this in Central there is a lack of functionality.
    "stop updates on all computers during a busy period" only means you can pause updates in a known period of high activity. It does not mean, stop update, when computer is busy (or in active use).

    Using manual updates just means an extra task for an admin who is already busy.

    For us it would be OK if the user gets a notification about a automatically scheduled upgrade and can decide to delay it until a deadline where the upgrade is installed anyway.

  • What about the option under the Update Management policy:

    Scheduled Updates

    Set the day and time when you want product updates to become available for computers. Remember: if they aren't on, they won’t get the update until the next time they start.
    Note: This doesn't affect security updates, such as identities used to protect you against new threats.

  • So easy! Why I did not find that?

    That would meet our second choice - to set a specific time for installation. Do you know if it really installs updates at that time or is there some sort of hidden random +/- time?

  • Hi 

    The time is local to each computer, if you select 9 pm, each computer will get the update at 9 pm local time for the computer. Just need to make sure that the computers are on. 


    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.