Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 0 subscribers
  • Views 20600 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SPX Virtual Email Appliance on Hyper-V

SGICT

**Sophos don't support Hyper-V at time of writing, so any issues and you're on your own and I take no liability/warranty on this.**

For those who require to run Sophos SPX Virtual Email Appliance on Microsoft Hyper-V platform can do so very easily.

1) Download ESXi 4.1 images of the virtual appliance from Sophos trial section or if you have a live Virtual appliance(s) running then export those as .vmdk

2) On any windows machine, install XenConvert. I did this on a 2k8 R2 Enterprise box using the 64 bit version.

3) Run XenConvert

4) Select convert from "VMWare Virtual Hard Disk (VMDK)"

5) Select convert to "XenServer Virtual Hard Disk (VHD)" - Ignore it says XenServer

6) Select both of the Sophos VMDK files (Base and Opt). You'll have to run through the process twice as you can only do one file at a time.

7) You may receive errors during the process - ignore them

8) Build a new Hyper-V machine

9) Add 2 IDE controllers - first as the base.vhd and second as the opt.vhd

10) Remove the network card and add a legacy one instead.

Notes:

Hyper-V may assign the VHDs as Dynamic disks, for performance I suggest converting them to fixed size.

Assign 4 CPUs rather than the default 1.

If the appliance hangs on the white screen of Sophos booting then the opt.vhd file hasn't converted correctly or not present.

:25979


This thread was automatically locked due to age.
  • 0
    Do you have performance stats available? How many messages are you procesing per day? Apart from the 4 Cpus, how much RAM have you allocated. Is this in production? Sorry about the questions, very intersted.
    :26081

    ==

    When in doubt, Script it out.

  • 0

    More than happy to answer questions on this.

    To start with Sophos are planning to support Hyper-V next year, Q1 hopefully, it maybe worth holding out till then unless you have to install on Hyper-V asap - like we did.

    We've been running the system for the last couple weeks, very stable.

    We've allocated 2gb to start with but have increased it to 3gb, no real reason other than simply there should the appliance need it - the host has 72gb so doesnt make much difference for us.

    We have put a dedicated NIC in the physical that only this appliance uses. Whilst I believe it would be absolutely fine sharing a NIC, we didn't want to take any chances seeing this is unsupported.

    It turns over approximately 200 emails on a day to day basis and blocks over a 1000 spam connections, again on a daily basis. The system will be more heavily used in the next few months as we'll expand from 40 users to 100, maybe more.

    We have noticed the time in which an encrypted email is generated and sent to the receipient can be slow. Sometimes its near instant and others can take upto 15 minutes. At this stage I have not looked into the matter further so it could be an appliance setting rather than a conflict/issue with Hyper-V. This could be an issue though as the company wishes to encrypt every email leaving the network so the overhead is going to greatly increase very soon. On the other hand I do wonder whether the backoff timers are to blame.

    Just to add the virtual machine is on a 6 disk, 10k rpm Raid 10 config and not noticed any performance issues.

    :26111
  • 0

    Just to add when running the virtual appliance on Hyper-V you will get System Status error on a process health.

    For us it occurs daily at 13:12 but it is down to the appliance not finding the VMTools application so it can be safely ignored.

    Ideally to save Sophos a headache, you should turn off alerting to Sophos by System -> Alerts and Montioring -> untick "Appliance Support Alerts".

    I would like to thank Donald Tibbetts at Sophos Technical Support for helping us

    :26167
  • 0

    Please note since the update of 3.7.2.1, you must use DHCP to assign an IP address to the virtual appliance if you're using it on Hyper-V platform.

    If you wish to have a static IP (which is usually the case) then you must reserve the IP on your DHCP server to the appliance's MAC address.

    For those who dont have a DHCP server on the same network as the appliance then sadly you're stuck for the time being until Sophos support Hyper-V.

    :26811
  • 0

    For those using the virtual appliance on Hyper-V. We've tested the update of 3.7.4.0 tonight and seems to be fine.

    However, before this update we've noticed upon reboot the appliance loses it's default gateway, even via DHCP allocation, so you need to edit the network settings on the virtual console each time.

    Thanks

    :29187
  • 0

    Has anyone else managed to get this to work?  I am using the Web Applicance, as I assume the process is the same?

    I have tried the conversion process, and it starts, to boot, but keeps hanging at the white loading screen, then just reboots after a few minutes.

    Which version of XenConvert did you use?  I tried version 2.3.1, but anything newer and they have removed the ability to convert from VMDK to VHDs.

    I tried another conversion app as well, and had the same problem, I know this isn't officially supported, but would be grateful of any help.

    :40323
Unfiltered HTML