Deploying Sophos into a UNIX server

Hi Sophos Team,

Recently I'm joining a project which involves with deploying Sophos Server Protection Enterprise solution in my company. I'm new to your solution, so there are some questions I want to ask

1. We are intending to use Sophos Enterprise Console to manage updates for servers. The servers we are going to deploy are Linux and UNIX servers. But as I research and read your documents, I see the guide for deploying Sophos Enterprise Console (SEC) mentions only about Window Server (in Linux/UNIX guideline, it mentions we have to install management tools just like guideline for Window Server). So can we install management tools on an UNIX server or we have to deploy standalone version for all servers if we don't have a Window Server?

Here are the documents I read (version 5.5.1)

https://www.sophos.com/en-us/support/documentation/enterprise-console.aspx#

 

2. As I read your statement for Linux/UNIX system, you mention:

After December 2019, management of Sophos Anti-Virus for UNIX via the Sophos Enterprise Console will no longer be supported. The standalone version of Sophos Anti-Virus for UNIX will continue to be available and supported. 

So it means we can just push the updates to UNIX servers but can't manage their statuses via SEC right? If we install standalone version for UNIX servers or other servers, we can't push updates or manages through SEC right?

 

3. I have read your startup guide for Enterprise Console but I'm still a bit confused with your solution. We are going to deploy on Linux and UNIX servers which hold the databases for other resources to access only. So if we deploy SEC (management tools) on a server to manage updates, we will install security software/Sophos Anti-virus software to the other servers right? we can also install that software on SEC server to protect it as well right? And if we deploy standalone version for all servers (because SEC may end supports for UNIX servers in the near feature), we have to update them manually right?

 

Hope to hear from you soon. Thank you very much for your supports!

  • Hi  

    Welcome to Sophos! Smile

    1. Sophos Enterprise Console which is used to manage the endpoints can only be installed on a Windows server. Here is a list of system requirements for Sophos Enterprise Console. Assuming you are referring to Enterprise Console Startup Guide for Linux and Unix, you will first need to install Sophos AV manually in Linux/Unix, then create a deployment package and install on the rest of the machines. 

    2. That is correct. You will not be able to manage it and push the updates via SEC. 

    3. You can install Sophos AV on any server running the supported OS irrespective of whether the management tools are installed on it or not. If the standalone version is deployed for Unix servers, you can check the autoupdate configuration for a computer by running /opt/sophos-av/bin/savsetup. 

  • In reply to Yashraj:

    Hi Yashraj,

    Thank you for your answer. But I just want to be sure that if we install standalone versions for all servers (Linux and UNIX), we have to manually update them- those servers- through a direct Internet line right?

     

  • In reply to Dan Nguyen:

    Hi Dan,

    Any policy changes you make will need to manually be done on every Linux/UNIX machine. 

    As for pulling updates, normally standalone machines will update directly from Sophos through an internet line, but they can be configured to pull updates from other locations such as an Update Manager if you were to have a SEC deployment.  If you are looking to limit internet bandwidth or restrict internet access, a workaround that may work is to have one Linux and one UNIX machine with Sophos installed that can reach out to the internet to pull updates.  Set up an SMB share for /opt/sophos-av/update/cache/Primary/ and configure the other Linux/UNIX machines update from this SMB share.