This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Group Policy deployment

I'm looking to deploy ESDP via group policy. I read the article at http://www.sophos.com/support/knowledgebase/article/13090.html

It looks like that is an old article for an old version because the shares it has is the batch script don't exist in the current version. The share is has is \\<SERVER>\InterChk\ESXP\Setup.exe

I'm assuming the share should be something like:

\\<SERVER>\SophosUpdate\CIDs\S000\SAVCFXP\Setup.exe

Is this correct?

Is the method described in that article still the best practice for deploying with GP (besides a different share)?

Usually it is prefered to use a .msi for managed software deployment. What are the alternatives with using the .msi files?

If there is an article about GP deployment for the current version please post the link.

Thanks,

Patrick

:69


This thread was automatically locked due to age.
Parents
  • Hello Patrick,

    first of all, re: article 13090 which describes the pre. SEC 4.0/SUM configuration (although it has been recently updated). You can (and should) post a comment through the "Suggest an improvement" link (near the bottom of very article). The KBTeam is listening and while this will not help you immediately other users will  benefit from that.

    As Linck has said simply use the current bootstrap location (it's obvious for us old-timers but ...).  Also - depending on the structure of your AD - you might want to use synchronisation (unless you do not want to deploy Sophos to all computers in a certain OU).Or you can import the computers from AD and use "Protect computers" - but sync is of course the least work.

    If you're using SCCM/SMS there's article 12457.

    Since you are evaluating Sophos a few words of advice (call me wisenheimer) which may come a little bit late though (I see you've already experimented quite a bit): make small and simple steps and use it "out of the box" as much as possible.

    • Try to get familiar with the concepts, they are quite simple although not immediately obvious (I know, this sounds a little bit cryptic)
    • Being a "techi" I tend to look for screws and knobs to fiddle with - don't do it, first follow the startup guide and look of it fits the bill 
    • Don't try to tweak accounts and permissions before you know what you are doing. If you are concerned about security set it up in in a safe corner, evaluate the impact and then adapt it - if necessary. BTW: you can easily move the clients ("endpoints" they are called) to another management server later.

    And no - I'm only a customer and I don't get paid for advertising Sophos :smileywink:

    Hope this helps

    Christian

    :86
Reply
  • Hello Patrick,

    first of all, re: article 13090 which describes the pre. SEC 4.0/SUM configuration (although it has been recently updated). You can (and should) post a comment through the "Suggest an improvement" link (near the bottom of very article). The KBTeam is listening and while this will not help you immediately other users will  benefit from that.

    As Linck has said simply use the current bootstrap location (it's obvious for us old-timers but ...).  Also - depending on the structure of your AD - you might want to use synchronisation (unless you do not want to deploy Sophos to all computers in a certain OU).Or you can import the computers from AD and use "Protect computers" - but sync is of course the least work.

    If you're using SCCM/SMS there's article 12457.

    Since you are evaluating Sophos a few words of advice (call me wisenheimer) which may come a little bit late though (I see you've already experimented quite a bit): make small and simple steps and use it "out of the box" as much as possible.

    • Try to get familiar with the concepts, they are quite simple although not immediately obvious (I know, this sounds a little bit cryptic)
    • Being a "techi" I tend to look for screws and knobs to fiddle with - don't do it, first follow the startup guide and look of it fits the bill 
    • Don't try to tweak accounts and permissions before you know what you are doing. If you are concerned about security set it up in in a safe corner, evaluate the impact and then adapt it - if necessary. BTW: you can easily move the clients ("endpoints" they are called) to another management server later.

    And no - I'm only a customer and I don't get paid for advertising Sophos :smileywink:

    Hope this helps

    Christian

    :86
Children
No Data