Sophos Update Manager: Troubleshooting steps when Update Manager is not up to date with Threat detection/data update failed error.

Disclaimer: This information is posted as-is and the content should be referenced at your own risk

Hi Community,

This case study provides a solution for the Sophos Update Manager which fails to get the update from the Sophos’ Servers with the valid username and password.

Open the Sophos Enterprise console and check the update section on the dashboard. There will be an error in the update section as per below snapshot.
Click on the “Update manager” which will show the Update managers in the bottom part of the dashboard and there will be “Threat detection data update failed” error. Right-click on the update manager and click on the “View Update Manager details”.
Once the details window is opened, there will be sections of “Outstanding alerts and errors”. It should have below errors only. If it contains error related to update-source, please contact Sophos support to resolve the issue.
Follow what to do section to resolve the issue with the Update manager.

What to do

Close the Sophos Enterprise Console and Open Service console (Ctrl + R and then write services.msc). Stop the below services in the below-mentioned order.

a. Sophos Message Router

b. Sophos Agent

c. Sophos Update Manager

2. Navigate to C:\Program Files (x86)\Sophos\Update manager and then select the below shown four files from this path and move them (Cut and paste) to the desktop.

3. Please make sure that permissions on the below folder should be proper: “C:\ProgramData\Sophos\UpdateManager\UpdateManager”

a. Right-click <C:\ProgramData\Sophos\UpdateManager\UpdateManager> folder and select properties.

b. In Sharing tab:

Everyone: Read

NETWORK SERVICE: Full Control

SophosUpdateManager: Full Control

Administrator: Full Control

c. In Security tab:

System: Full Control

NETWORK SERVICE: Full Control

SophosUpdateManager: Read & Execute, List folder contents and Read

Administrator: Full Control

Users : Read & Execute, List folder contents and Read

Creator Owner has Special Permissions.

4. Once it is done, navigate to the path “C:\ProgramData\Sophos\Update Manager” and rename the "working" folder to “Working_old” as shown in the below screenshot.

5. After that navigate to the path “C:\ProgramData\Sophos\Update Manager\Update Manager” and perform the below two tasks.

a. Rename “CIDs” folder to “CIDs_old”

b. Rename “Warehouse” folder to “Warehouse_old”

6. Now restart below-mentioned services in the below-mentioned order:

a. Sophos Update Manager

b. Sophos Agent

c. Sophos Message Router

7. Open the Sophos Enterprise Console and start the force update through the below-mentioned option.

8. It will create a new working folder, CIDs and warehouse folder and download all the content from the start. Once it is successfully completed, there will be no error against the update manager.

Have an idea or suggestion regarding our Documentation, Knowledgebase, or Videos? Please visit our User Assistance forum on the Community to share your idea!

[unlocked by: Jasmin at 1:41 PM (GMT -8) on 30 Dec 2019]