I am planning to install Sophos on couple of domain controllers. On most of the servers I have installed light weight agents to make sure system are running with our heavy scans and loads. With DC's I want to make sure that Sophos will not slow down them, but at the same time I want to be able to use live discovery on them. What is the recommendation, should I install light weight agents or regular agents (DC are from win 2003 - 2019)
Hi There,
Providing that it was your DC which needs to be protected. I would suggest you install the regular endpoint agents. As long as your server meets the minimum requirements for endpoint installation it won't face any issue. Also if you are running scanning tools on this server, you need to ensure that all necessary exclusion has been added to avoid any performance/application issue.
Thank you for the rapid response Glenn. Can you please provide me with a list of exclusions recommended for windows server? Also, when it comes to light weight agents, the biggest disadvantage of them for me is that I am unable to see any alerts and activities from them in the central. I understand that light weight agents require less computing power and therefore I can not expect the same performance from them as regular agent but is there a way to somehow ship logs from them to sophos central ?