Unmanaged computers questions

Hello ctavernier,

Yes you are correct, the computers imported from AD will show as "unmanaged". This means they do not have SAV installed on them, from this SEC. If some have a version of SAV installed (as you mentioned), such as standalone, or deployed form another SEC, they would still show unmanaged for this Enterprise Console.

You should be able to get the endpoints managed form the new SEC if you do a "Protect Computers" wizard, or other deployment methods. The "Protect Computers" can be manually triggered by right clicking on an unmanaged PC or by moving the PCs form unassigned to an actual group. Part of the installation triggered by using "Protect Computers" should remove the existing AV software, so you don't need to worry about that part. 

Some additional information that might help us better guide you would be:

-Is this a new SEC installation?

-What are the versions of SEC and of the client that is installed on some of the PCs?

-How the was SAV installed on the PCs that do have it already?

I hope this helps and let us know if you have any other questions.

Regards,

Voicu.

Thanks for getting back to me.

Not a new install.  We've had Sophos running for maybe 5-8 years.  The SEC is version 5.2.1 R2.

I don't have the client version but the setup.exe file is dated 2/8/2014.  Most of our installs were done off this network share.  Some of them I've been able to push out from the SEC.

So basically, I run through my "unmanged" PCs and "protect" them.  If the "protect" errors out, I guess I would go back and try it again on another day.

If I'm importing computers from my AD, I know what domain they are in but we have 3 domains that aren't imported.  Do those computers add themselves to the SEC when SAV is installed?  And if they won't update or have some other problem, I assume I should reinstall?

Sorry for jumping all over the place.  I'm just trying to wrap my head around all this.  Thanks again.

Hello ctavernier,

The automatic deployment works only on Windows PCs. In addition to that there is some preparation needed to be done in order to be able to deploy remotely from SEC. We have a very good guide that might answer most of your questions available here: http://downloads.sophos.com/tools/on-line/deployment_guide/en-us/index.html Particularly, the "Step 4", will guide you through the steps needed to prepare on the client, ahead of the automatic deployment.

In regards to the discovery/import, to briefly answer your question: we have import and sync with AD. Import is used for one-off import of PCs, sync is used to keep certain AD/SEC groups in sync. In this case any new AD PCs will get imported automatically into SEC and get the software installed and policies applied.

For more information on this please see the "Step 6" of the same guide mentioned above. This will direct you to our KB: https://www.sophos.com/en-us/support/knowledgebase/113994.aspx

If you deploy the software from the installation share, these PCs should automatically appear in SEC as managed, under unassigned PCs. If they don't, there could be number of reasons for this, usually it's a communication issue. Normally this should not be the case if the PCs were prepare for SAV deployment per "Step 4" mentioned above. (This includes mainly firewall rules for the client.)

I hope this answer your questions.

Good day,

Voicu.