Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2367 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Kernel 4.9 and sophos client antivirus 9.11.x or else

AlexAbou Adam

Hello !

Long time ago I did no come here :) I ve a new question the sophos geeks ! (QC or lferrara for example ^^)

We use ubuntu precise (12.04) and trusty (14.04) distros in our infra for servers AND desktops. However, because of recent hardware (mainly intel) we need to backport xenial kernel or more recent for compatibility reasons, like this, our xubuntu can support new hardware.

 

Unfortunately, the antivirus does not support kernel above 4.4 for xenial (16.04) or trusty (14.04) et 3.13 for precise (12.04). Could you do

something please or tell us what we have to do ? We have roughly 700 sophos antivirus clients deployed on our computers (9.11.0.4.5).

 

Kind Regards



This thread was automatically locked due to age.
  • 0

    Hello AlexAbou Adam,

    welcome back. Me a geek? If you say so ...

    9.11.0.4.5
    this is not the latest - which license do you have? On my Endpoint installation the oldest version available is 9.11.1.

    As for the supported kernels file: I've never fathomed its exact meaning. IIRC when I installed (9.11) on 16.04 LTS neither 16.04 nor the 4.4 kernel were on the list, no problems. When they say it's supported it's supposed to work and they promise they'll look into it if it doesn't. As far as I can see on github Talpa was last changed to support the 4.7 kernel. Naturally I can't say if it needs changes for 4.9 (I can't even say whether it will try or refuse to compile - guess only   can tell.
    A basic test is simply to install SAV on a "custom" system, you'll immediately see whether Talpa compiles. The next steps are obvious and it might work. You don't intend to do this backport for the servers, do you?

    Christian

  • 0

    Hi,

     

    The supported_kernels.txt list the kernels for which Sophos ships pre-compiled Talpa Kernel Modules.

    On such a kernel, SAV will use the precompiled modules, and the system doesn't need gcc/make/kernel-headers.

    On other kernels, SAV will use talpa_select to attempt to compile Talpa locally. This requires gcc/make/kernel-headers and will often work. We have tried Talpa on the 4.8 kernel in Ubuntu 16.10 and it worked ok so far.

    It you are using a custom built kernel or a non-standard kernel for a distribution, you'll definitely have to compile Talpa locally. You might also run into problems, unrelated to SAV, if the OS and kernel are too far apart.

     

    Also you must keep SAV updated if you want to have protection, and 9.11.0 has been removed for quite a while.

Unfiltered HTML