Thread Info
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 3621 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Software Update On Air Gapped Network

Floki Saints

Hi Guys, is there like a standard procedure for downloading/updating your software subscription in an air-gapped network?

I already done these steps so far:

1. Install Sophos Management Console

2. Create an Update Source Folder (C:\Update Source)

3. Copy warehouse folder from Non-Air gapped to Airgapped directly into the Update Source Folder created at step 2

4. Share the folder using SophosUpdateMgr (I even set the SophosUpdateMgr as administrator) 

5. Navigate the Update Managers using the console

6. go the 'View/Configure Update' then add the Update Source

7 Click OK then go to the Subscription tab then Add recommended from left side to right side

8. Click OK then Trigger Update Now

 

These steps shows errors such as 80040041, 8004004 and so on, 

But when I do the following additional steps:

9. Stop Services: Sophos Agent, Sophos Message router, Sophos Update Manager, Sophos Management Service

10. Then start again with the same pattern, trigger 'Update Now'

 

Result:

Some Management Console updates successfully and some are not. Note that we have like 12 (twelve) Management Consoles. Please heeeeelp. Thanks

 

Floki



This thread was automatically locked due to age.
Parents

  • Hello Floki,

    first of all, some comments on your steps:

    Personally I'd first create and populate the UpdateSource share as this would permit to configure SUM with the wizard. But it should work either way.

    3. Copy warehouse folder ...
    Make sure the source Warehouse is stable while you fetch the copy. Did you use the same copy for all SUMs?

    4. Share the folder using SophosUpdateMgr (I even set the SophosUpdateMgr as administrator)
    as the share is solely used as SUM's Update Source you can (and should) use an account different from the one for endpoint updating. And as this is a local share the Update Manager should be able to access it without credentials. More important: Do not give the SophosUpdateMgr (or the SophosMgmtUser) administrative rights, never. Especially the SophosUpdateMgr credentials are stored on the endpoints, while the password is obfuscated this is reversible. Thus a dedicated user on one of the endpoints can gain administrative access to your server.

    8. Click OK then Trigger Update Now
    SUM starts an update after it has received its initial configuration, Update now shouldn't be necessary (but also should do no harm).

    The first update might not be error-free. You should give SUM some time, by default it'll start the next attempt within 10 minutes. If it fills its Warehouse and Working folders it is in principle fine. I'd let it make two or three checks before assessing potential errors.

    The error codes don't tell the actual error (and can sometimes be misleading). If errors persist you'd have to check the SUMTrace logs.

    Christian

Reply

  • Hello Floki,

    first of all, some comments on your steps:

    Personally I'd first create and populate the UpdateSource share as this would permit to configure SUM with the wizard. But it should work either way.

    3. Copy warehouse folder ...
    Make sure the source Warehouse is stable while you fetch the copy. Did you use the same copy for all SUMs?

    4. Share the folder using SophosUpdateMgr (I even set the SophosUpdateMgr as administrator)
    as the share is solely used as SUM's Update Source you can (and should) use an account different from the one for endpoint updating. And as this is a local share the Update Manager should be able to access it without credentials. More important: Do not give the SophosUpdateMgr (or the SophosMgmtUser) administrative rights, never. Especially the SophosUpdateMgr credentials are stored on the endpoints, while the password is obfuscated this is reversible. Thus a dedicated user on one of the endpoints can gain administrative access to your server.

    8. Click OK then Trigger Update Now
    SUM starts an update after it has received its initial configuration, Update now shouldn't be necessary (but also should do no harm).

    The first update might not be error-free. You should give SUM some time, by default it'll start the next attempt within 10 minutes. If it fills its Warehouse and Working folders it is in principle fine. I'd let it make two or three checks before assessing potential errors.

    The error codes don't tell the actual error (and can sometimes be misleading). If errors persist you'd have to check the SUMTrace logs.

    Christian

Children
  • in reply to QC

    Hi Christian,

     

    Thanks for response. Also there's an error with the SUMTrace log file that you mention which is the 1219.

    Did the following steps to solve the issue:

    1. Remove administrators privilege to both sophos account

    2. Shared the UpdateSource with sophosupdatemgr account

    3. Restart Anti-Virus Server

     

    I don't know why, but when I restarted the servers, the updates went through.

     

    Thanks Christian

Unfiltered HTML