Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 9947 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Q: Two Mgmt Consoles - Newly inherited!

JonPinball
Hi, I have inherited a setup which looks like this.

1. 200 user site, has around 5 small site to sites over VPN tunnels - adding further 50 users
2. 100 user site, with further site to site VPN, adding further 75 users

Around 500 end points in total inc servers, laptops (all windows)

However, at each of the two locations, there is a management console running and each 'manages' it's own end points plus it's own nearest sites over VPN...clients are pushed from each mgmt point and update from same etc

There is no overall view of estate and all seems a bit confusing

Completely new to Sophos and still getting used to it so really wanted to ask if anyone had any pointers to the best route to go to have a single management point managing all clients (with maybe two update points?) and what would be best steps to take. Not sure if I still need more than one local update point, sites have reasonable links so probably not

is it a case of just re pushing to all clients on the console we want to keep so it effectively takes over? Client also look to have been added manually rather from ad...lots of stale objects

Again, any pointers or good docs to read would be really appreciated as unfortunately previous it team who configured are no longer and very little documentaion, previously have used macaffee / epo

Thanks
:56423


This thread was automatically locked due to age.
Parents
  • 0

    Hello JonPinball,

    if it's possible to apply Protect Computers to the "other" endpoints from the server you want to keep this will consolidate your endpoints. How to redirect Windows endpoints to a new management server describes an alternative method.

    Whether you want one or more UNC update locations depends on the available bandwidth, security (e.g. whether SMB/NetBIOS is acceptable over the site links), and reliability and availability of the connections.

    lots of stale objects

    You can synchronize with AD, it has some advantages but some drawbacks as well. It'd still require some manual housekeeping. But I'd recommend that you first make yourself familiar with the product, it's features (and limitations) and the current installation before considering AD sync.

    Apart from the manuals on the Sophos site there's the knowledgebase and this forum. As you're new to Sophos it's probably not that easy to use search effectively - so feel free to post your further questions here.

    Christian

    :56424
Reply
  • 0

    Hello JonPinball,

    if it's possible to apply Protect Computers to the "other" endpoints from the server you want to keep this will consolidate your endpoints. How to redirect Windows endpoints to a new management server describes an alternative method.

    Whether you want one or more UNC update locations depends on the available bandwidth, security (e.g. whether SMB/NetBIOS is acceptable over the site links), and reliability and availability of the connections.

    lots of stale objects

    You can synchronize with AD, it has some advantages but some drawbacks as well. It'd still require some manual housekeeping. But I'd recommend that you first make yourself familiar with the product, it's features (and limitations) and the current installation before considering AD sync.

    Apart from the manuals on the Sophos site there's the knowledgebase and this forum. As you're new to Sophos it's probably not that easy to use search effectively - so feel free to post your further questions here.

    Christian

    :56424
Children
No Data
Unfiltered HTML