Hello everyone,
I am one of the principle engineers that works on SURF and I wanted to take a few minutes to explain why we are so excited to bring this tool to all Sophos Customers.
How it Started
SURF started out as a special program within Support where we looked at what tools or processes would have the most impact on support workflows.
One of the main time sinks was extracting information out of the files in the SDU. For anyone whose looked at one, an SDU can be a daunting thing. There are a lot of files in there and reams of information. The problem was that finding a lot of that information was very labour intensive.
So, SURF was born.
The Concept
SURF stands for Sophos Universal Reader and Finder.
The idea was that we could automate all the clicks and tabulation that support engineers were doing to gather basic information about a system from the SDU.
Stuff like, what OS was running, what services were registered and in what state, NICs, RAM, the environment variables and, most importantly, the current versions of the Sophos products and their configuration. Why make someone repeat these steps in every case they were processing when a program could do it faster and more accurately.
How We Did It
SURF was a collaboration between all parts of Support. There were three principle people working on the project, but we solicited ideas and feedback from all engineers. We wanted this tool to be intuitive, simple, and something that made things easier for engineers.
The first version of SURF was for the endpoint product only. We had set out to achieve a goal and we did it, but there was so much more we wanted to do.
Phase 2 - Aggregating Knowledge
We had this nifty tool that we had taught to look through files and extract data for us. It was useful in its own right, but it sparked so many more ideas about what we could automate.
The first one was collecting knowledge about common issues from experienced engineers and sharing that with all users of SURF.
This spawned the Issues Detection engine. In collaboration with our Endpoint Development team, we created an engine that consumes json rules that allows it to look at specific files for specific conditions and render a judgement based on the triggers outlined in the rule. This let us create and publish these rules to all engineers and allowed us to more effectively identify and resolve common issues. Since it was done with the Endpoint team, we were also able to build that same engine into the Endpoint Self Help which meant that rules developed and tested in SURF could be published into an Endpoint where an issue could be detected before a customer ever called support.
Phase 3 - Making it actually Universal
We had been ambitious in our naming scheme... or perhaps a little bit assertive.
SURF wasn't really Universal yet. It could only read endpoint logs. An entire half of the Support organization wasn't able to use it.
So we set out to add the SFOS CTR into SURF. It was a fair amount of effort, but we added it in and expanded our ability to find issues into our SFOS support cases.
SURF 2.0 - A New Generation
SURF had been working for a few years and we had been getting feedback from the users. Fixing issues, improving elements, and making things all around better. However, we were running into some limitations based on the decisions we had made back in the initial stages of SURF's development. Specifically, how we built the UI.
It was becoming burdensome to add in new UI elements and iterating new things was taking more and more time.
So, we did a blank page rewrite of the UI and went to a more modern style of having a strict separation between the UI plane and the data plane. We chose WPF and used the same base style and formatting as the Endpoint Self Help tool to provide a consistent theme. This opened us up to much faster iteration of features and more efficient system resource usage.
Now, It's Available for You
After all these years, we've finally achieved one of our original goals and released SURF to all Sophos Customers. We want this tool to be helpful and useful for you. So you can investigate and solve any issues as quickly as possible and keep up to date with how things are working in your environment.
From the SURF team, we hope you find SURF an invaluable tool in your toolbelt.
Please, provide us with any and all feedback - we want to make SURF the best it can be.
Sincerely,
The SURF Development Team