Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2476 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos - looking for tips

MurphysLaw

I've recently been put in charge of Sophos at my corporation, the individual who has done it before is retiring. He's done his best to transfer his knowledge over - but I feel a lot of the way he has done things could be improved. I am also looking at redesigning the architechture. (oh we're using product 9.5)

Are there any Sophos 'best practices' for the way the SUM servers should be built? Any product technical guides I could look at for ways to design/maintain/build Sophos?

Would anyone share how they have it designed in a largish corporation? We have about 15,000 computers we are protecting.

Thanks!

ETA: Clarification

:5756


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    The authoritative SUM server is the one the Sophos Management Service chooses as the authoritative with regards to the package information as sent in with a status message from the SUM.  This can be hard coded to be one server using the registry key.

    Say you have 3 SUM servers and 3 subscriptions.  Each SUM server has a different subscription for example:  "9.5.1", "9.5.2" and "9.5.3".  The management server would need to be aware of all 3 subscriptions and store package information for all 3 in the database. Say you have 3 clients updating from those distribution points, when the clients send in their status messages, they would need to match the package information in the database in order for a comparison for up to date status to work.

    So for example on the SEC server you would subscribe to all 3 subscriptions and make the SEC SUM, the authoritative.  That way as soon as it has finished updating the CIDs for those subscriptions it sends in a status message which is treated by the management service as authoritative and writes the package information into the database.

    That way any clients that have already picked up the update can be correctly classified with regard to their up to date status.

    This post has more info on the up to date status:

    Thanks,

    Jak

    :5798
Reply
  • 0

    Hi,

    The authoritative SUM server is the one the Sophos Management Service chooses as the authoritative with regards to the package information as sent in with a status message from the SUM.  This can be hard coded to be one server using the registry key.

    Say you have 3 SUM servers and 3 subscriptions.  Each SUM server has a different subscription for example:  "9.5.1", "9.5.2" and "9.5.3".  The management server would need to be aware of all 3 subscriptions and store package information for all 3 in the database. Say you have 3 clients updating from those distribution points, when the clients send in their status messages, they would need to match the package information in the database in order for a comparison for up to date status to work.

    So for example on the SEC server you would subscribe to all 3 subscriptions and make the SEC SUM, the authoritative.  That way as soon as it has finished updating the CIDs for those subscriptions it sends in a status message which is treated by the management service as authoritative and writes the package information into the database.

    That way any clients that have already picked up the update can be correctly classified with regard to their up to date status.

    This post has more info on the up to date status:

    Thanks,

    Jak

    :5798
Children
No Data
Unfiltered HTML