This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 Build Upgrade - Sophos Endpoint Exclusions

Hi,

 

We're trying to upgrade our endpoints to a higher Windows 10 build version.

Just wondering if anyone has seen issues with Sophos either... 

1.) Preventing the build upgrade for completing

2.) Slowing the upgrade process, causing it to time out.

 

Unfortunately I do not have any evidence to backup Sophos being the problem, although when the build upgrade is in progress I can see Sophos Anti-Virus service jump up in CPU, which would indicate the on-access scanner is actively scanning the Windows 10 upgrade files.   

 

My question is: 

 

Is there a guideline of exclusions I should add to our endpoint policies, to avoid Sophos being a potential issue with Windows 10 build upgrades?



This thread was automatically locked due to age.
Parents
  • Hi Josh,

    I agree that it's worth trying on one endpoint to see if disabling Sophos Endpoint Protection fixes the issue to narrow down the cause.

    If you do find it's related to Sophos Endpoint, a suggestion is to exclude the Windows Update folder from being scanned by real-time scanning: https://support.microsoft.com/en-ca/help/822158/virus-scanning-recommendations-for-enterprise-computers

    Turn off scanning of Windows Update or Automatic Update related files

    • Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder:
      %windir%\SoftwareDistribution\Datastore\
    • Turn off scanning of the log files that are located in the following folder:
      %windir%\SoftwareDistribution\Datastore\Logs\
      Specifically, exclude the following files:
      • Edb*.jrs
      • Edb.chk
      • Tmp.edb
    • The wildcard character (*) indicates that there may be several files.
Reply
  • Hi Josh,

    I agree that it's worth trying on one endpoint to see if disabling Sophos Endpoint Protection fixes the issue to narrow down the cause.

    If you do find it's related to Sophos Endpoint, a suggestion is to exclude the Windows Update folder from being scanned by real-time scanning: https://support.microsoft.com/en-ca/help/822158/virus-scanning-recommendations-for-enterprise-computers

    Turn off scanning of Windows Update or Automatic Update related files

    • Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder:
      %windir%\SoftwareDistribution\Datastore\
    • Turn off scanning of the log files that are located in the following folder:
      %windir%\SoftwareDistribution\Datastore\Logs\
      Specifically, exclude the following files:
      • Edb*.jrs
      • Edb.chk
      • Tmp.edb
    • The wildcard character (*) indicates that there may be several files.
Children
No Data