This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos agent vs light weight agent on DC

I am planning to install Sophos on couple of domain controllers. On most of the servers I have installed light weight agents to make sure system are running with our heavy scans and loads. With DC's I want to make sure that Sophos will not slow down them, but at the same time I want to be able to use live discovery on them. What is the recommendation, should I install light weight agents or regular agents (DC are from win 2003 - 2019) 




This thread was automatically locked due to age.
  • Hi There,

    Providing that it was your DC which needs to be protected. I would suggest you install the regular endpoint agents. As long as your server meets the minimum requirements for endpoint installation it won't face any issue. Also if you are running scanning tools on this server, you need to ensure that all necessary exclusion has been added to avoid any performance/application issue. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Thank you for the rapid response Glenn. Can you please provide me with a list of exclusions recommended for windows server? 

    Also, when it comes to light weight agents, the biggest disadvantage of them for me is that I am unable to see any alerts and activities from them in the central. I understand that light weight agents require less computing power and therefore I can not expect the same performance from them as regular agent but is there a way to somehow ship logs from them to sophos central ?