When using virtual machines that run on a virtualization server, it is possible to run several instances of the same virtual machine from an original gold image. Identity is normally set at the time of software installation. Therefore, if multiple instances of the gold image run at the same time, they will all attempt to use the same identity. Following this, if the Sophos Central Endpoint software is installed into the original gold image, all the virtual machines created from that gold image will have the same identity in the Central Admin console.
This article describes how to install Sophos Central Endpoint software on a gold image so that every instance of a virtual machine run from that single gold image gets its own unique identity. This allows it to be managed correctly from the Sophos Central.
Note: Creating a gold image for a server with Sophos Central Server Lockdown or Sophos Central Update Cache is currently unsupported.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Cloud Managed EndpointSophos Cloud Managed Server 1.4.0
In order to run Sophos Central Endpoint on gold images, you must force the MCS component to re-register with the Central servers so that a new ID is assigned. This must be done when the new instance of the gold image is started for the first time.
C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\
%ALLUSERSPROFILE%\Application Data\Sophos\Management Communications System\Endpoint\Persist\
C:\ProgramData\Sophos\Management Communications System\Endpoint\Cache\
%ALLUSERSPROFILE%\Application Data\Sophos\Management Communications System\Endpoint\Cache\
C:\Documents and Settings\All Users\Application Data\Sophos\AutoUpdate\data\
C:\ProgramData\Sophos\Management Communications System\Endpoint\Config\
%ALLUSERSPROFILE%\Application Data\Sophos\Management Communications System\Endpoint\Config\
When the Sophos MCS Client service is started, it will register with the Sophos Central Servers and obtain a unique ID. At this point, the machine should now be shut down and a gold image is taken. When the machine reboots, the Sophos services will start accordingly.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.