Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 5182 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I verify a remote user is receiving definition updates?

Bryan Gritton

Hello.

I have an offsite user who says Sophos endpoint is complaining that it cannot update.  I have the primary update source configured as our on-premise server, and Sophos as the secondary.  What should happen is if the primary server is unavailable, the endpoint should get new definitions from the secondary source automatically.

I want to verify the user is getting current anti-virus definitions.  How can I verify this?

Here is the configuration of our updates.

Here is the user's updating failed error.



This thread was automatically locked due to age.
Parents
  • 0

    Hello Bryan Gritton,

    the endpoint is managed, i.e. the RMS component is installed. RMS can only be updated from a "friendly" CID (i.e. originating from the on-premise server). Therefore it's not possible to update the RMS component from Sophos, and Updating: failed is the result even though all other components have updated fine.

    verify the user is getting current anti-virus definitions
    please see the How to check ... article for the official way. Another one is to open View product information → Anti-virus and HIPS → expand  + Software, the number of Detection identities should be the same as for an onsite machine (note: minimum interval for updates from Sophos is one hour, so it could lag behind).

    Christian

Reply
  • 0

    Hello Bryan Gritton,

    the endpoint is managed, i.e. the RMS component is installed. RMS can only be updated from a "friendly" CID (i.e. originating from the on-premise server). Therefore it's not possible to update the RMS component from Sophos, and Updating: failed is the result even though all other components have updated fine.

    verify the user is getting current anti-virus definitions
    please see the How to check ... article for the official way. Another one is to open View product information → Anti-virus and HIPS → expand  + Software, the number of Detection identities should be the same as for an onsite machine (note: minimum interval for updates from Sophos is one hour, so it could lag behind).

    Christian

Children
No Data
Unfiltered HTML