We have installed Sophos Antivirus (version 9.15.1 VE3.74.2) on UNIX SP AIX1.
Computers are visible and managed via Enterprise console 5.5.1
Issue was that computers were not updating. Update manager is configured and working on LINUX a WINDOWS servers.
We have discovered that these UNIX machines does not update from default network path Server\Sophosupdate\CIDs\S000\EESAVUNIX\AIX_PPC but from this path Server\Sophosupdate\CIDs\S000\AIX_PPC
Unfortunately updates are downloaded to default path.
Is it possible to configure this path somehow?Thanks,
visible and managed [...] UNIX machines does not update from default network pathdo they show as compliant with the updating policy and are the Primary (and optionally Secondary) location as expected (i.e the paths SUM on the server deploys to)? AFAIK an updating policy sent to then endpoints contains all available products and their paths, the endpoint agent selects the appropriate for its platform but does not modify it.I don't have a license for UNIX so I can't say how it behaves or supposed to behave. I'd say the SEC should produce the correct paths from the subscription selected, the endpoints receive, process, and apply it accordingly. For the first I'd export the updating policy to check which paths are sent.
Thanks for your reply.
Yes UNIX computers are compliant with updating policy like WINDOWS and LINUX machines.
I have created export you mentioned. Default path for updates is
I have checked in details of WINDOWS, LINUX and UNIX machines path from which they download updates
Windows has \\<server_name>\SophosUpdate\CIDs\S000\SAVSCFXP\ and updated files are directly in this folder
Linux has \\<server_name>\SophosUpdate\CIDs\S000\savlinux and updated files are directly in this folder
UNIX has \\<server_name>\SophosUpdate\CIDs\S000, but updated files are downloaded to \\<server_name>\SophosUpdate\CIDs\S000\EESAVUNIX\AIX_PPC
somehow update manager is expecting updated files in different folder from the folder where they were downloaded from Sophos.
If I could modify path where updates are placed, or path for update manager , issue would be fixed.
as said, I don't have a UNIX subscription so I can't check what SEC puts into the policy for the UNIX platforms. It might just be the "subscription tag" (Snnn). Previously a path for UNIX had two elements - EESAVUNIX and a platform-dependent subfolder like \AIX_PPC.
Either SEC has always put EESAVUNIX into the policy and the endpoint added the platform path - then it'd be an issue with SEC 5.5.1.Or the path always ended in Snnn and the updater in version 9.15 builds the path incorrectly.
A possible workaround is a specific updating policy for your UNIX machines (if feasible and if it indeed works as I assume): In the Primary Source add the \EESAVUNIX folder. SEC will complain but accept this location. The endpoints should then build the correct path.
Nevertheless you should contact Support to find out how it's supposed to work.
Thank you Christian,
I think too that there is an issue with SEC. I have contacted support to help me with fixing of this issue.
as said, I expect that a policy with \\<server_name>\SophosUpdate\EESAVUNIX as path would provide a temporary workaround.
This did not work.
When I configured update manager as you mentioned.
Details by Unix machine were changed to this path \\server\SophosUpdate\EESAVUNIX\CIDs\S000 and updating did not work.
There must be problem in the update manager settings, which I cannot change.
This did not worknaturally. What was I thinking [:@]?!? Sorry, my bad [:$]
Let's recap: SEC/SUM writes to ...\EESAVUNIX\AIX_PPC but tells the UNIX machines to use ...\AIX_PPC.So ... if you open an admin command prompt, cd to the \S000 directory, and then mklink /J AIX_PPC .\EESAVUNIX\AIX_PPC the UNIX machines should see AIX_PPC where they are told to expect it.
I have the same problem and resolved in the next step.
Workaround 11 Click the button at the top of the SEC screen and switch to "Update Manager"2 Double-click on the policy subscription (eg "recommended version") currently assigned to the computer3 Uncheck unnecessary if OS is not currently being used (eg Sophos for Virtual Environments etc.)4 Press "OK" twice to close the screen5 Wait until update manager's "download status" is "Downloading binary" changes to "last check date:6 Click the button at the top of the screen of the SEC and switch to "end point"7 Double-click on the "update" policy assigned to the target computer8 Press "OK" twice to reflect policy
Because it is google translation, sorry if it's weird.
*moved the thread to the SAV for UNIX thread so others can find this.*
Thanks this helped.
Many thanks for you assistance.