This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Solution for keeping an isolated linux machine with no network up to date

Hi, I've been looking for a while but it doesn't seem clear if everything we need is possible.

 

We need to be able to do the following:

  • Install Anti-Virus for Linux on an offline machine
  • Be able to get virus definition updates directly to that machine via USB
  • Update the Anti-Virus software offline via USB
  • Run on demand scans

The one part I can't find a clear solution for is updating the virus definitions. From what I've found it looks like we'd require an installation of the Anti-Virus on another machine that is connected to the internet and then we'd have to do the following:

  • Copy the updates from the internet connected machine under what looks like "/opt/sophos-av/update/cache/" to USB
  • Copy the files from USB to the offline machine
  • Configure savupdate to update from a local source
  • Run savupdate to update the definitions on demand

Is it possible to update the definitions this way?

 



This thread was automatically locked due to age.
Parents Reply Children
  • Hi Shweta,

     

    We don't have a product yet and the testing I have done so far has been using the free version of SAV for Linux. We are looking for a solution to carry out on demand scans on an offline machine that we can also reasonably easily keep up to date.

    Section 13.5 about configuring the client to update is what I want, but is not clear on whether I can update from a local directory. Is this possible?

  • Hi  

    The version configuration guide is Sophos Enterprise Console(SEC). In SEC, you have Sophos update manager as a component which is responsible to update the clients in your corporate network irrespective of the client operating system. The machine where Sophos update manager is installed should have internet, so it can download the update files and then client machines can fetch the data from the Sophos update manager to update them selves without internet connection.

    You can download the guide of the Sophos Enterprise console from here.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi Jasmin,

    It is not possible for the machine to have any network connectivity at all, so it will not be able to get updates directly from a Sophos Update Manager connected to the internet. To update this one machine we have to use a USB with updates on. Is it possible to copy the virus definition updates from a SUM component to USB and then to the machine?

     

  • Hi  

    Seems to be you want to install the product in the airgap network, please refer to this article which procedure for the Airgap networks.

    Just a note, in airgap network, multiple features, policies will not work as the endpoint will not be able to communicate to SEC.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link