Sophos Central - VDI non-persistent Desktops "An attempt to protect a computer failed"

Starting on Jan 17th, 2023, we started receiving alerts from Sophos Central randomly for various VDI desktops.  Originally, my thought was the version of Sophos running on the VDIs needed to be updated, but that didn't resolve the issue.  Essentially, if we use the legacy option of the "golden image prep" or the new switch, both seems to break updates.  Not sure why it started on that date, but curious if anyone else in the community has this issue.  

What we'll see in Sophos Central is that any new VDI desktop will show it is connect, but after about 1 hour, it will change to "Failed to Protect".  The odd part is the Sophos "Update" button doesn't work and the update date never changes from the "golden image".  It is connecting to Sophos Central, as we'll see an updated comment, but it doesn't appear to be updating.  

Originally, we also were seeing 503 errors on our clients, when connecting, and that seems to have resolved itself.  We did make a change on our Message Relay server, increasing the TCP connections, which may have helped.  However, it still remains an issue of any new desktops failing to update.  

Curious if anyone else in the community has had any issues?


Edited TAGs
[edited by: Gladys at 3:13 PM (GMT -8) on 2 Mar 2023]
Parents Reply Children
  • I did another test today, and found that even though I'm running Core 2202.4.0.4 and it shows AutoUpdate 6.14.839 installed, I'm still having the same issue.  So I believe this must still be a work in progress.  

    For now, my workaround is to have Sophos deployed via a startup script on each non-persistent VDI.  This does put a performance hit on my system, since it has to do a full install and download, compared to communicating and doing an update.