You can distribute the current versions of the Sophos Endpoint Security and Control as part of a disk image and add it in a disk image for cloned virtual machines. This procedure will make sure that the produced target/cloned computers:
The following sections are covered:
Applies to the following Sophos products and versions Sophos Endpoint Security and Control
Note: Paths and locations listed here may vary slightly according to which version of Windows you are running. Also, they may vary depending on what the system drive on the template computer is, and whether Sophos Anti-Virus was installed to the default location.
[HKEY_LOCAL_MACHINE\Software\[Wow6432Node]\Sophos\Remote Management System\ManagementAgent\Private]
C:\Program Files\Sophos\AutoUpdate\ OR C:\Program Files\Sophos\AutoUpdate\data\
[HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Web Intelligence\Web Control\EndpointId]
C:\Program Files\Sophos\Sophos Patch Agent\
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Sophos Patch Agent
You could encounter errors in Enterprise Console, or on an individual computer, when using a disk image containing Sophos Anti-Virus for Windows 2000+, if you changed the security identifier (SID) value during the imaging process.
For more information on how to resolve this problem, refer to the related knowledgebase article: Sophos Endpoint Security or Sophos Anti-Virus: local user interface becomes inaccessible.
Note: The above set of instructions are not required if running Endpoint security and control version 10.3.7 and above. Altering the SID value on these versions will cause a Comparison failure to appear in SEC.
In some desktop virtualization scenarios, the target computers are used as virtual desktops and are frequently reverted to their original state (i.e. the state immediately after the imaging process has completed). This means that Sophos Anti-Virus will need to perform an update each time the desktop is reverted to this state and then run again. In order to minimize the security and performance impact of this update, the following steps are recommended:
Note: In Sophos Enterprise Console 5.2.1 and up to version 5.3.1, the ability to subscribe to a fixed version has been removed. In these situations the following steps will allow the use of fixed packages:
Opening the Subscriptions dialog after setting this key (no other action required) you will see the current list of fixed packages.
Note: The option to enable the use of fixed packages via the menu, has been made available in Sophos Enterprise Console 5.4.0. Further information can be found in article 117348.
For more information on how to perform these steps, refer to the Enterprise Console User manual and to your visualization solution’s documentation.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.