Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 6705 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Will the client still get updates if unmanaged by enterprise console but has the correct update server?

JoeJediKholinar

We have changed to a new Sophos server. I have a laptop that current is running Sophos endpoint security but I am unable to protect is using the enterprise console because it is not on the domain. I set the update address to the new server. Will the laptop continue to get updates if Enterprise console does not know it is there? 



This thread was automatically locked due to age.
Parents
  • 0

    Hello JosephWhite,

    the short(ened) answer is: Yes - but I sense some incertitude (or perhaps misconception) so please bear with me when I try to give a more comprehensive one.

    if Enterprise console does not know it is there
    it's always the endpoint fetching the updates (with Protect Computers the endpoint is only instructed to access the share and run setup.exe from there). The path can either be UNC/SMB, HTTP or even local (e.g. a removable drive) - obviously in the latter case there is no way for SEC to exercise control. Actually you can install the stand-alone (SA) version and set your server as update location.
    a laptop [...] running Sophos [...] I am unable to protect it [...] because it is not on the domain
    It's possible to protect a non-domain endpoint from the management server, the requirement is that a local user with the same credentials exists on both with admin rights on the endpoint and read rights for the share.
    Was the endpoint managed by the old server (normally on a managed endpoint you can't set/change the update location from the GUI)? Anyway, whether managed or not, the same procedure as for the initial install can be used to direct it to the new server. For the SA version simply change the update address (as you apparently did). For the managed version (re-)install from the new CID.


    Christian

Reply
  • 0

    Hello JosephWhite,

    the short(ened) answer is: Yes - but I sense some incertitude (or perhaps misconception) so please bear with me when I try to give a more comprehensive one.

    if Enterprise console does not know it is there
    it's always the endpoint fetching the updates (with Protect Computers the endpoint is only instructed to access the share and run setup.exe from there). The path can either be UNC/SMB, HTTP or even local (e.g. a removable drive) - obviously in the latter case there is no way for SEC to exercise control. Actually you can install the stand-alone (SA) version and set your server as update location.
    a laptop [...] running Sophos [...] I am unable to protect it [...] because it is not on the domain
    It's possible to protect a non-domain endpoint from the management server, the requirement is that a local user with the same credentials exists on both with admin rights on the endpoint and read rights for the share.
    Was the endpoint managed by the old server (normally on a managed endpoint you can't set/change the update location from the GUI)? Anyway, whether managed or not, the same procedure as for the initial install can be used to direct it to the new server. For the SA version simply change the update address (as you apparently did). For the managed version (re-)install from the new CID.


    Christian

Children
No Data
Unfiltered HTML