Unmanaged computers

Hello,

 

I got unmanaged computers on SEC.

SEC is on version 5.5.1 and my computers are on ESC 10.8.I try to "protect computer" with my administrator account an it stays unmanaged.

Have I something to do to repair this?

Thank you

  • Hello, There are 2 options to deploy the endpoint software, the outcome is the same:

    1. Try and push the install to a remote client from SEC, the details are here - https://community.sophos.com/kb/en-us/12455 
    2. Run the setup.exe from the distribution point manually or as part of a script. https://community.sophos.com/kb/en-us/12570

    In either case, for RMS to work, and the computer to appear as managed in SEC, ensure that port 8192 and 8194 TCP are open on the server and ideally open port 8194 on the client.

    Option 1 may require quite a lot of prep, certainly for newer OSs as they are more secure so I would favor option 2 where possible. I.e. leverage deployment tools/methods such as startup scripts or an existing management agent that's on the client already to aid with running tasks.

    Regards,

    Jak

  • Hi Demonchy,

    There may be a few causes for this.  It's possible that the push through scheduled task to endpoints may not be reaching due to Windows Firewall.  Another and more likely possibility is that Windows Firewall is managed by GPO and the endpoints cannot reach SEC on ports 8192-8194.  These are the ports used to communicate and if the endpoint cannot reach the server on these ports, it will remain unmanaged.  You can test this by using PuTTy or Telnet client on the endpoint and attempt to reach the server on 8192 and 8194.  On 8192 you should receive an IOR string and disconnect while on port 8194 it would connect with no messages.