Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 33 replies
  • Answers 2 answers
  • Subscribers 16 subscribers
  • Views 63499 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MSI Installer for EndPoint Protection or Intune compatible deployment method

Sam Smith1

Hello

 

Is there any possibility of an MSI for deploying Endpoint Protection?

 

We are an MSP with a Managed Devices offering that is underpinned by Microsoft Intune.

We have been using Sophos Endpoint Protection as part of the solution and are very happy with its functionality.

Unfortunately the Endpoint Protection deployment method is proving a major barrier to wider adoption and larger deployments.

Currently we are having to install manually as part of the enrolment.

Intune only supports deploying MSI installers so we either need an MSI or an 'Intune compatible' method.

With the advent of Microsoft Autopilot, if we cannot better automate the Sophos deployments we will have to consider using Windows Defender as our protection.

 

Regards

Sam



This thread was automatically locked due to age.
Parents
  • 0

    I am certain there was a guide somewhere in the Sophos KBs which had a guide for creating a .msi from a machine that already had Sophos deployed. I created a package following the guide but since the update a few months ago the package no longer works as expected. It will install according to our deployment software but the machine doesn't actually register in the Sophos Central.

    So now we're also stuck with manually installing Sophos, which is quite crazy considering it's an enterprise product...we use neither Intune nor SCCM.

    I really do like Sophos but it shouldn't be this hard to deploy the software.

  • 0 in reply to Joni Ljungqvist

    I have to say that for the initial roll out we're just using a powershell script that calls the sophossetup.exe and doing it that way, it was easier!

     

    If you're not using intune or sccm, you could have a look at choclatey https://chocolatey.org/ - it's linux style packager manager for windows - you can create your own packages.  I've not personally tried it with sophos, but might be worth a shot.

  • 0 in reply to Joni Ljungqvist

    How does a deployment tool not have the ability to run a single exe with a few switches?  Is it having problems with the time it runs for?  Just curious.

  • 0 in reply to jak

    It can deploy the .exe, I think I just haven't figured out what switches to use as it seems to fail now during the second stage. Before there was a guide as I said to create a installer package (also a .exe) from an already installed version, this seems to have stopped working after an update some months ago.

    I need to look into it, it isn't as big of a deal as I thought though. Manual installation during imaging works fine and all devices already in the cloud are getting patched as they should.

Reply
  • 0 in reply to jak

    It can deploy the .exe, I think I just haven't figured out what switches to use as it seems to fail now during the second stage. Before there was a guide as I said to create a installer package (also a .exe) from an already installed version, this seems to have stopped working after an update some months ago.

    I need to look into it, it isn't as big of a deal as I thought though. Manual installation during imaging works fine and all devices already in the cloud are getting patched as they should.

Children
  • 0 in reply to Joni Ljungqvist

    just a quick update in case anybody else is having the same uninstall issues we have been having on Surface Pro's.  Looks like a specific DLL issue.  renaming the ResEng.dll to ResZZZ.ddl (as instructed by sophos support) suddenly makes the uninstall work, renaming it back stops the uninstall working again.  Only on surface pro's though... weird.  Tech support are still looking in to a fix.

  • 0 in reply to james cummings

    Out of interest, on these computers, what does the Powershell command get-culture return:

    E.g.

    get-culture

    LCID Name DisplayName
    ---- ---- -----------
    2057 en-GB English (United Kingdom)

Unfiltered HTML