Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 0 subscribers
  • Views 19527 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC 5.2.1 air gap configuration question

JonBignall

Hi all.


I am just getting started with Enterprise Console 5.2.1 and Endpoint Security and Control 10.2 and I hope someone can give me some advice.


I need to deploy to a number of air gapped networks and have been following the Sophos article 64899 to set this up. The non air gapped server (internet facing) works as expected and can manage a test endpoint computer successfully and deploy software packages, policies and updates to it.


I then copied the contents of the above server's  warehouse folder to CD and transferred the data to the appropriate share on the test air gapped server as per article 64899.  The enterprise console on this server was successfully able to deploy the required packages and updates to it's test endpoint computer. The endpoint PC is successfully retrieving updates from the air gapped server. Great! I thought...

However, this PC is trying to send it's status/feedback messages to the original non air gapped server instead of it's "parent" on the air gapped network; I established this by looking at the endpoint PC's router logs. As a result the air gapped server  console shows the endpoint PC as unmanaged even though it was the server used to deploy the packages to the endpoint PC in the first place.


I assume that this has happened because some of the warehouse files copied from the original server contain references to the host name/IP address of that server, not the one on the air gapped LAN. Is this assumption correct?


Am I missing something? My requirement is to manage the air gapped  endpoints from the enterprise console server on their own LAN. The original non air gapped server is purely used to download the software packages and definition updates from the Sophos website and write them to CD for transfer  to the air gapped server; after the testing phase it will probably never be required to manage any  LAN connected endpoints of it's own. The endpoints to be managed will always be on the air gapped networks with their own respective enterprise consoles.
Any advice would be gratefully received!

Regards


Jon

:42814


This thread was automatically locked due to age.
Parents
  • 0

    Hi Christian.

    It was a pretty standard installation on the air gapped server, the only thing I changed was the default installation drivefor the software  and the location/share to pick up the updates from. I may have had the CID folder on there as well at one stage, but I removed it when I realised it wasn't required. Perhaps that caused it. I will investigate.

    Thanks

    Jon

    :42916
Reply
  • 0

    Hi Christian.

    It was a pretty standard installation on the air gapped server, the only thing I changed was the default installation drivefor the software  and the location/share to pick up the updates from. I may have had the CID folder on there as well at one stage, but I removed it when I realised it wasn't required. Perhaps that caused it. I will investigate.

    Thanks

    Jon

    :42916
Children
No Data
Unfiltered HTML