According to this post and comments made in it, these rollouts should be complete and devices should be updated fully to the new architecture, however my entire fleet still hasn't updated. The new agent seems to be rolled out but devices still have the Sophos Anti-Virus component. Can we get a status update on this or a method to force it. I get tired of having to continually monitor if these changes have rolled out for months on end.
Are you using scheduled or delayed updates in your update policy?
Program Manager, Support Readiness | CISSP | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
I'm curious if we're supposed to have specifically set something in our Global Template for this, because MOST of our tenants haven't gotten the memo to scrap SAVService yet. The relevant setting was simply un-set all this time, and I figured that meant "it'll happen automatically."
The next-gen endpoint architecture has been rolled out to 10% of customers and will gradually be released to larger groups. If you're looking to test out the new features sooner, it's possible to enroll a few devices in the EAP Program for Endpoints, likewise for Server OS'.
If you have customers using MSP Flex licensing, the EAP Programs may not be available. In this situation, you can open a case with our support team to request that the customer/you be moved into the appropriate release group to receive the updates right away.
I'm note seeing the next gen architecture on any of our devices either yet. I've added my own device to the EAP but that doesn't seem to force the update either.
Have you rebooted since the client was added to the EAP?
sddsVersion should be 3
sdds3Synced should be 1.
Is the SAVService.exe process still exists, which is part of the SAV component, then it hasn't migrated as the SAV component should be removed as an orphaned product. I believe this happens after reboot on the next update once the client is using SDDS3 rather than SDDS2.
I've rebooted but those registry keys are showing 2 and 1 respectively. Should I change the sddsVersion to 3 manually?
I wouldn't suggest that.
Under;HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate\Service\CloudSubscriptions\BaseDoes that show the "Tag" value to be BETA or RECOMMENDED?
Hmm, well that would be set as part of adding the computer to the EAP and the first step.
Do you have: sdds3.ready under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\EndpointFlags
is that set to 1 or 0?
I think that would happen at the same time as the computer being added as it pulls down the new flags.