This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I configure AV

Hello,

 

What i am looking for is an AV manager a computer network that has no Internet Connection.

What I need is to be able to update the AV with updates.

I have just downloaded the free trial of Sophos Enterprise Console but unsure on how it works.

How do I upload new AV definitions?

 

Thanks



This thread was automatically locked due to age.
Parents
  • Hi,

    When you install Enterprise Console (the on-premise management console), it installs the component Sophos Update Manager (SUM).  This is responsible for downloading the software and updates and deploys them to distribution points.  By default for the default "Recommended" subscription:

    \\server\SophosUpdate\CIDs\S000\

    From there, you can go into:
    \\server\SophosUpdate\CIDs\S000\SAVSCFXP\
    and run setup.exe to protect a client (either a push from the console or a manual/scripted pull).  Switches here: https://community.sophos.com/kb/en-us/12570 

    To protect a computer without network access, you can can copy the S000 directory to the client and run the setup.exe.  You will probably want to specify:
    -mng no
    ...so as not to install the RMS component as this client will not be able to talk back to SEC I suppose.

    At the schedule you feel appropriate you could copy over the latest S000 directory from the server to he client. E.g C:\sophosupdate\S000\ and the client will pick it up on the next check.

    Without management over RMS, you are using just the defaults. You can however, if needed, use SEC to author policies for this computer, for example SAV.  Export them with ExportConfig.exe and configure the distribution point with these config files using ConfigCID.exe.  See: https://community.sophos.com/kb/en-us/13111 for details on the names of the XML files for each component.

    The easiest thing to do if you want to apply specific config might be to create a new Software Subscription, left side of the "Update Managers" view.  Call it Standalone or something.  Subscribe it to Recommended and this will then create you a specific "CID" for these clients.  E.g. \\server\SophosUpdate\CIDs\S001\  This way, any customisation you apply to it with configcid.exe doesn't touch the CIDs that maybe managed clients will use.

    Regards,

    Jak

Reply
  • Hi,

    When you install Enterprise Console (the on-premise management console), it installs the component Sophos Update Manager (SUM).  This is responsible for downloading the software and updates and deploys them to distribution points.  By default for the default "Recommended" subscription:

    \\server\SophosUpdate\CIDs\S000\

    From there, you can go into:
    \\server\SophosUpdate\CIDs\S000\SAVSCFXP\
    and run setup.exe to protect a client (either a push from the console or a manual/scripted pull).  Switches here: https://community.sophos.com/kb/en-us/12570 

    To protect a computer without network access, you can can copy the S000 directory to the client and run the setup.exe.  You will probably want to specify:
    -mng no
    ...so as not to install the RMS component as this client will not be able to talk back to SEC I suppose.

    At the schedule you feel appropriate you could copy over the latest S000 directory from the server to he client. E.g C:\sophosupdate\S000\ and the client will pick it up on the next check.

    Without management over RMS, you are using just the defaults. You can however, if needed, use SEC to author policies for this computer, for example SAV.  Export them with ExportConfig.exe and configure the distribution point with these config files using ConfigCID.exe.  See: https://community.sophos.com/kb/en-us/13111 for details on the names of the XML files for each component.

    The easiest thing to do if you want to apply specific config might be to create a new Software Subscription, left side of the "Update Managers" view.  Call it Standalone or something.  Subscribe it to Recommended and this will then create you a specific "CID" for these clients.  E.g. \\server\SophosUpdate\CIDs\S001\  This way, any customisation you apply to it with configcid.exe doesn't touch the CIDs that maybe managed clients will use.

    Regards,

    Jak

Children
No Data