Sophos Central - VDI non-persistent Desktops "An attempt to protect a computer failed"

Starting on Jan 17th, 2023, we started receiving alerts from Sophos Central randomly for various VDI desktops.  Originally, my thought was the version of Sophos running on the VDIs needed to be updated, but that didn't resolve the issue.  Essentially, if we use the legacy option of the "golden image prep" or the new switch, both seems to break updates.  Not sure why it started on that date, but curious if anyone else in the community has this issue.  

What we'll see in Sophos Central is that any new VDI desktop will show it is connect, but after about 1 hour, it will change to "Failed to Protect".  The odd part is the Sophos "Update" button doesn't work and the update date never changes from the "golden image".  It is connecting to Sophos Central, as we'll see an updated comment, but it doesn't appear to be updating.  

Originally, we also were seeing 503 errors on our clients, when connecting, and that seems to have resolved itself.  We did make a change on our Message Relay server, increasing the TCP connections, which may have helped.  However, it still remains an issue of any new desktops failing to update.  

Curious if anyone else in the community has had any issues?

Chris



Edited TAGs
[edited by: Gladys at 3:13 PM (GMT -8) on 2 Mar 2023]
Parents
  • Following up again today, in case anyone else is following this thread or has a similar issue.  

    As of today (Feb 6, 2023), the issue still persists.  We are running Vmware Horizon using Instant Clones.  Sophos support recommends using the legacy method for the base image, which doesn't resolve the issue.  Currently, we are experiencing the following:

    1.  The "Update" button in Sophos doesn't work.  

    2. Sophos Central will show the non-persistent VDI desktop is "Re-protected", but after an hour, will have a message "Failed to Protect".  

    This is very similar to the article listed by  ; however, I'm in a different region.  So far, my alternative method has been working, but it is adding additional load to the system.  

    Chris

Reply
  • Following up again today, in case anyone else is following this thread or has a similar issue.  

    As of today (Feb 6, 2023), the issue still persists.  We are running Vmware Horizon using Instant Clones.  Sophos support recommends using the legacy method for the base image, which doesn't resolve the issue.  Currently, we are experiencing the following:

    1.  The "Update" button in Sophos doesn't work.  

    2. Sophos Central will show the non-persistent VDI desktop is "Re-protected", but after an hour, will have a message "Failed to Protect".  

    This is very similar to the article listed by  ; however, I'm in a different region.  So far, my alternative method has been working, but it is adding additional load to the system.  

    Chris

Children