Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 5512 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring SophosUpdateManager without Internet Access

PeterT

Can anyone advise me, or point me in the direction of a white paper, that describes how to update the Sophos Update Manager on a Network which is not connected to the Internet ?

So far I have managed to install the Sophos Enterprise Console 4.5.1, installed the Sophos database, and have successfully searched for other computers on the Network by importing from Active Directory.

Now I want to protect these PCs / Laptops, but at the moment there is nothing in my SUM because when I run the Download Security Software wizard I can not connect to the Sophos website.  (i.e. the machine running Sophos EndPoint Security and Control is not on the Internet).

What do I do next ?

:10609


This thread was automatically locked due to age.
  • 0

    Thanks Jak, I'll take a look at that straight away.

    Peter

    :10655
  • 0

    I have now made some progress with configuring SophosUpdateManager but still have some problems.

    In a nutshell I seem to have installed the AutoUpdate application but not Anti-Virus.

    Following the instructions in the "Installing and Configuring an Air Gap using Enterprise Console" article I found a colleague with an Internet machine who installed Sophos Endpoint Security and Control and downloaded the Applications from the Sophos website. Then he burnt the "Warehouse" folder onto a CD. There was also a folder called CIDs.

    On my non-internet Windows 2003 Server I copied "Warehouse" and "CIDs" into the "SophosUpdate" share which is at "C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Update Manager".

    Following instructions in the white paper I have also created a share called "SophosUpdateManager" on my Desktop. I copied the "Warehouse" in here as well.

    Using the Enterprise Console I selected Update Manager and on the Sources tab I set the primary source to be the "SophosUpdateManager" folder.

    Previous to all this I had succesfully identified the Client (Windows XP) PCs in my network (i.e. linked in with Active Directory). So I was now ready to do two things :

    1. Protect my client PCs.

    2. Install Sophos Anti-Virus application on the W2003 Server (up to now I had only installed the Enterprise Console)

    Protecting my PCs installed the Sophos Auto Update service on the Clients but the Sophos shield is grey with a red cross and there is no sign of the Sophos AntiVirus service.

    On the W2003 Server I ran the "setup.exe" from the CIDs folder. This installed Sophos AutoUpdate but the Sophos Anti-Virus application failed.

    The error message in the Enterprise Console said

    Code 0000006b Download of SAVXP failed from server C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Update Manager\CIDs\S000\SAVSCFXP\

    Apologies for the long-winded post.

    Can anyone help ?

    Peter

    :11233
  • 0

    On my non-internet Windows 2003 Server I copied "Warehouse" and "CIDs" into the "SophosUpdate" share which is at "C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Update Manager"

    Now - this is the location used by SUM for

    storing (Warehouse) the data "downloaded" from the SophosUpdateManager share

    deploying (CIDs) the decoded software to make it available to the clients

    So I'd say you don't need to copy anything there. Has SUM successfully completed downloading and deploying? In SEC use View->Bootstrap Locations ... to check if SAVXP is available in the expected location.

    Code 0000006b Download of SAVXP failed from server C:\Documents and Settings

    Ideally this should be a share on your server (\\server\SophosUpdate\...) and not a local path. Setup.exe configures the path it  is run from (if you don't use any switches) and using Protect computers this is the share. But as the clients also fail this is likely not the problem. So it might be that the CID has not (yet) been successfully deployed.

    As 0000006b is rather general you should check the ALUpdateyyyymmddTtt...tt.log in C:\Program Files\Sophos\AutoUpdate\Logs for the specific reason.

    Christian

    :11237
  • 0

    Thanks for the reply Christian,

    I must admit I got a bit confused between my "SophosUpdate" share and my "SophosUpdateManager" share so I put the CIDs and the Warehouse into both. I have now cleared out the contents of "SophosUpdate" and copied the contents of my colleague's CD ( CIDs and Warehouse ) into my  SophosUpdateManager share.

    I just updated the SUM again and that seemed to go OK (reported that it was downloading the binaries and then the Last Checked / Last Updated dates were changed to the current time).

    View / Bootstrap locations is completely empty at the moment.

    I guess that's not right !

    Any more advice would be gratefully received.

    Thanks

                  Peter

    :11245
  • 0

    Peter,

    View / Bootstrap locations is completely empty at the moment.

    Correct - that's not right. Please check the configuration (Subscriptions tab) whether a subscription (the Recommended subscription) is selected at all. Distribution should automatically be set to the default share. Also look at the Configuration column - it has to say Matches.

    Christian

    :11247
  • 0

    Christian,

    I didn't have any Subscription selected at all. Once I'd sorted that out the rest of it all fell into place.

    Sophos Anti-Virus is installed on the W2003 Server and the XP clients and all my Sophos shields have turned blue.

    Many thanks

                           Peter

    :11273
Unfiltered HTML