This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is the basic difference between Message Relay and Update Manager?

One of our clients has a message relay set up , but as i read online a message relay is required for large no of endpoints. They have around 500 endpoints.

Should a branch location have an update manager or message relay set up or both ? Does update manager have anything to do with policies or it just updates from Sophos.



This thread was automatically locked due to age.
Parents
  • Hello Kandarp Desai1,

    the basic difference
    is that a SUM provides an update source and a Message Relay facilitates communication between endpoints and management server.

    As far as management (i.e. definition and assignment of policies) is concerned a SUM doesn't have its hands in it. It downloads updates from either Sophos or an upstream SUM and deploys them to the desired CIDs.
    Whether a branch location should have a SUM and/or Message Relay depends. A SUM saves WAN bandwidth and normally boosts update speed for the endpoints, this might or might not be of importance. A Message Relay bundles the communication and thus reduces the number of connections to the management server.

    Feel free to ask if you need more details

    Christian   

  • Thanks for the reply Christian,

    Now i seem to have got it, that the Update manager basically saves on Internet bandwidth, where as message relay reduces the load on management server as the load is shared with the PC where MR is installed. Hope my understanding is correct on a basic level.

    Also, regarding the policy updates, as you said UM has nothing to do with it. So then how do the endpoints get the policy changes etc if not thru UM, is it directly from management server?

    And how does the out of network guys get the policy updates?

  • Hello Kandarp Desai1,

    policy updates are distributed by the management component (RMS - using ports 8192 and 8194), if there is no Message Relay the endpoints connect directly to the management server. For out of network guys these ports must be (directly or indirectly) reachable by the endpoints. For most policies it's possible to incorporate them into the CIDs but this is rarely used as a CID can contain only one policy of each type.

    Christian   

Reply Children
No Data