Sophos Central Server

Dear All;

 

I have three Hyper-V 2016 data center cluster, running all our servers VM.

I install the SVM on one of the hosts to test and I install the Sophos Guest VM Agent on one of the servers, the issues under the Sophos central the REAL-TIME SCAN NO, also as per Knowledge Base   133384 20 May 2019 “Applies to” most of the option are available for windows not for Virtual

Can someone advice please.

  • Hello Mohammed Shafiq,

    most of the option are available for windows not for Virtual
    with Sophos for Virtual Environments scanning is offloaded to the SVM. No components other than the Agent (essentially it provides just file-scanning) are installed on the GVMs thus most of the options don't apply. Runtime Protection refers to ransomware protection, exploit prevention/mitigation and Malicious Traffic Detection, Real-time scanning - Internet to web traffic - none of these components is installed on a GVM.

    It's not clear what you mean by REAL-TIME SCAN NO, could you perhaps post a screenshot where you see the issue?

    Christian   

  • In reply to QC:

    Hi Christian;

    under Sophos Central , Server Protection - Dashboard , Servers: summary ,Server Protection - Server Report ,Real-time scan no with read color.

    with regards to "No components other than the Agent "  When we install the SVM on hyper-v no license are detected but when you install the GVMs on windows Server and reboot the license are assigned as one professional?? professional License meaning these components are available.

    regards.

     

  • In reply to Mohammed Shafiq:

    Hello Mohammed Shafiq,

    you can see the Security VM and the Summary shows a number of connected GVMs?

    Christian

  • In reply to QC:

    Hi Christian;

    when you press on SVM it show one vm protected only with no details only the VM name ??

    did you have any step by step document to install the full protection on servers instead of using the security VM??

    Regards.

  • In reply to Mohammed Shafiq:

    Hello Mohammed Shafiq,

    I'm not using Central so I can't say what you're supposed to see but at least the number should match the number of installed GVMs.  The Help suggests though that clicking on the number just shows the list of GVMs:

    Connected Guest VMs. You see this only if the server is a host with a Sophos Security VM. It shows the number of guest VMs connected to the Security VM. Click the number to see a list of the guest VMs.

    Please see also the SVE Documentation.

    install the full protection
    basically it's just downloading and running the installer. Please see here for automated deployment.

    Christian

  • In reply to QC:

    hi Christian;

     

    Thank you so much for your support.

    what about the Server Protection - Policies best practices , also i case i change some thing how i can go back to defaults.

    Regards.

  • In reply to Mohammed Shafiq:

    Hello Mohammed Shafiq,

    one way is to leave the Base Policies alone and make changes with additional policies only. Certain policies (dunno if it applies to all) provide a Use recommended settings.

    Christian