Sophos Enterprise Console 5.5.2 is available now

Hi All,

We are pleased to announce that SEC 5.5.2 is now available for download. This article provides information regarding Enterprise Console 5.5.2. It includes product changes and guidance on how and if you should upgrade.

What's new?

  • Accessibility:
    • Compliance with the Web Content Accessibility Guidelines (WCAG) 2.1 level AA
    • Accessible using JAWS (Job Access With Speech) and NVDA (NonVisual Desktop
      Access)
  • Introduction of Multi-factor authentication
  • Sophos Credential Store
  • Retirement of Crystal Reports - replaced with Microsoft Report Viewer
  • Sophos Reporting Interface improvements
  • Changes to Role Based Administration (RBA)
  • Update to Discover Computers option
  • Support for Windows Server 2019
  • Hide computer feature 
  • Packaged with:
    • SQL Express 2017 for new installations
    • .Net Framework v4.7.2 for all instances where no existing .Net Framework v4.7.2 is detected
    • SQL Server Native Client 11 for all instances where no existing SQL Server Native Client 11 is detected
    • Microsoft Visual C++ 2017 Redistributable for all instances where no existing Microsoft Visual C++ 2017 Redistributable is detected
  • Retirements:
    • The following operating systems for the Sophos Management Service installation:
      • Windows 2008
      • Windows 2008 R2 (supported only on upgrade from a previous Enterprise Console)
      • Windows 7 (supported only on upgrade from a previous Enterprise Console)
    • The following version of SQL for the Enterprise Console databases:
      • Microsoft SQL Server 2008
  • The following customer raised issues have been fixed:
    • ONPREM-4075: Wrong SED policy is sent from SEC after upgrading to SEC 5.5.1
    • ONPREM-4862: Enhanced Tamper Protection prevents migration using Thin Installer
    • ONPREM-4079: SEC 5.5.1 - Linux/Unix and MAC Exclusions editing exclusion opens a blank text box
    • ONPREM-4107: Same path resolved to multiple normalized paths leads to errors in SEC installation
    • ONPREM-4078: SEC 5.5.1 - Exclusions not alphabetical in any of the settings
    • ONPREM-3566: Cannot save custom extensions for scheduled scans. Existing custom extensions crash the console
    • ONPREM-4126: ExportConfig\ConfigCID SAU policy export behavior
    • ONPREM-1625: SEC - Pre-req check not behaving as expected (LTSB is not present in OsSupportedTable)
    • ONPREM-1430: SEC - AD sync not protecting machines that have a logonCount of 0

Further information

  • Accessibility

    Our software is compliant with the Web Content Accessibility Guidelines (WCAG) 2.1 level AA.

    To provide access we use the Microsoft Active Accessibility (MSAA) protocol and use the standard Windows conventions for control interaction.

    Our software is accessible using JAWS (Job Access With Speech) and NVDA (NonVisual Desktop Access). We recommend that you use JAWS 2019 or later and NVDA 2019.1 or later. If you don't have JAWS or NVDA you can download them. You can find links for downloading JAWS and NVDA in related information. If you need further help with JAWS and NVDA you can contact their technical support.

    If you want to use assistive technology products with our software we recommend that you are familiar with how your chosen product works and the available keyboard commands.

    To use the Report Manager we recommend that you use Microsoft Narrator.

    JAWS and NVDA can't navigate in the report displayed in Report Viewer. They read out text only if you move the mouse pointer over objects. You can navigate in the report in Microsoft Narrator using the keyboard.

  • Introduction of Multi-factor authentication

    You can use multi-factor authentication in Sophos Enterprise Console and enroll each account used to access Enterprise Console. For further information see article Sophos Enterprise Console: Information on Multi-factor authentication.

  • Sophos Credential Store

    The Sophos Credential Store is an installed component used to securely encrypt and store the credentials used by Enterprise Console for the services and database account, along with the SUM account. For further information see article Sophos Enterprise Console: Information on the Sophos Credential Store.

  • Sophos Reporting Interface improvements

    Updated to include Computer Status data (ConnectedManagedOnAccessStateTamperProtectionStateSedStateHmpaStatePatchStateFirewallStateAppControlStateDeviceControlStateWebControlState).

  • Changes to Role Based Administration (RBA)

    • Computer search, protection and groups right split into:
      • Computer protection and groups
      • Computer search
    • New Multi-factor authentication right

  • Update to Discover Computers option

    With recent operating systems Microsoft have disabled the SMB 1.0 file sharing system. When SMB 1.0 is disabled, there is no Computer Browser service. Our Discover Computers functionality requires this service be present and running to use the Discover on the network option. When Enterprise Console is installed to such a server, this option cannot be used and will be greyed out.

  • Support for Windows Server 2019

    Installations of Enterprise Console are supported on Windows Server 2019 (Console, Server and Database). In addition any managed computer running Windows Server 2019 will report the operating system as Windows Server.

  • Hide computer feature

    A Hide computer option is now available. This can be accessed by highlighting a computer or number of computers, right clicking or clicking the Action menu and choosing the option Hide Computer. This can be used to hide rather than delete any computer in the View, for instance the computer may be decommissioned or you may have a situation where a computer has duplicate entries and you want to hide the duplicate entry. Unlike the delete option, once hidden, if the computer subsequently sends a status message to Enterprise Console it will automatically be unhidden and appear back in the View.

    Note: To unhide a computer change the View to Hidden computers, highlight the computer/s you want to unhide and right click or click the Action menu and choose the option Unhide computer.

Should you upgrade?

We recommend you upgrade to this version in order to use the new functionality or require any of the items listed above.

How to Upgrade

  1. Ensure you meet the platform requirements for this version of Enterprise Console as detailed in Sophos Enterprise Console and Sophos Central: Supported Windows Endpoint and Server Platforms.

  2. Refer to article 119105 regarding the possible upgrade paths for Sophos Enterprise Console.  You may need to upgrade to an intermediate version prior to upgrading to this release.

  3. Download the Sophos Enterprise Console 5.5.2 installer (sec_552_sfx.exe) from the download section of the website.

  4. You must run the 5.5.2 installer on computers that are configured with the following components of Sophos Enterprise Console:
    • Management Console
    • Management Server
    • Database

  5. As there are changes to the Sophos databases in this release from previous versions of Enterprise Console, if the databases are on a remote or clustered SQL server, they will need to be upgraded first. See article 33980 for information on the various database upgrade options.

  6. On the Management Server run the self extracting installer, this will extract files required for the installation to 'C:\sec_552\' by default before launching the installer.
    1. If upgrading all components ensure the following are selected.

      • Management Console
      • Management Server
      • Database

    2. If the database is remote and has already been upgraded in step 4 ensure the following are selected:

      • Management Console
      • Management Server

  7. Complete the installation wizard to perform the upgrade.

Can you use this installer for fresh installations?

Yes, you should consider Enterprise Console 5.5.2 as the latest version of Sophos Enterprise Console.  We encourage all fresh installs to use this version.

Support for Enterprise Console Tools:

The following lists the Tools associated with Enterprise Console and any actions required following the upgrade:

Tool Name Affected by Upgrade Required Action
Sophos Central Migration Tool Yes The Sophos Central Migration tool must be uninstalled and reinstalled following the upgrade.
Sophos Reporting Log Writer Yes The Sophos Reporting Log Writer service must be restarted following the upgrade.
Sophos Virtualization Scan Controller Yes The Sophos Virtualization Scan Controller tool must be reinstalled following the upgrade.

Note: Do not uninstall, the tool only requires reinstalling over the existing version.
Note: The Sophos Virtualization Scan Controller is only supported on installations of Enterprise Console using SQL 2016 and earlier.
Sophos Policy Evaluation Tool No  

Known issues

  • Extracting the installer to a destination folder containing a space will cause the install to hang when upgrading from Enterprise Console 5.5.1.

    By default the installer extracts to folder C:\sec_552. If this is changed to a location with a space, for example D:\sec 552, the installation will hang at the following point:



    The Sophos_bootstrapper <DATE TIME>.log will end with the following example line detailing the path being referenced:

    INFO : Running command line: msiexec /fv D:\sec 552\ServerInstaller\pre-reqs\551\Database64.msi

    To resolve:

    1. Open Task Manager and access the Details tab
    2. Scroll down to find the process msiexec.exe
    3. Right click the msiexec.exe process and choose End Task. The following window will appear:



      Note: 
      Make sure you choose the msiexec.exe associated with the Enterprise Console installer.
    4. Rename the folder containing the extracted installer to one that does not contain spaces
    5. Run the setup.exe from the ServerInstaller folder contained within the renamed extracted folder
  • Funny, just wrote a post today that mentions hide/unhide. Off the top of my head - I'm curious how hide behaves compared with delete, other than that you can view hidden computers but not deleted.

    And: "Unlike the delete option, once hidden, if the computer subsequently sends a status message to Enterprise Console it will automatically be unhidden" - if this is really true then 'delete' is the new feature and 'hide' does what delete did. A message from an endpoint caused it to get undeleted.

    Guess I'll have some fun tomorrow ;)

  • If you are still running SQL Server 2008 the installer first installs SQL Server Native Client 11 and requests a reboot. Only when the installer resumes it checks the SQL version and tells you it can't continue. No real harm done but, well, not really adjuvant.