Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 12662 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint protection on Exchange - questions

D_M

I'll be reading the documentation where I may very well find the answers to all or some of the questions below, but some seem important enough to ask here directly.

1. Does Sophos Endpoint Protection, when installed on an Exchange server (2007 SP2 - to be upgraded to SP3), automatically detect certain files that should be excluded from a file-level virus scan, the Exchange .edb database for example?

Other products that I've worked with supposedly did this.

2. When used in conjunction with PureMessage, should Endpoint protection be installed first and then PureMessage second?

I was going to ask a couple questions specifically about PureMessage - but there may be a specific forum for them so I'll look for that first.

Many thanks in advance!

:29091


This thread was automatically locked due to age.
  • 0

    Hello D_M,

    like your second post this one should have been placed on the Gateway board.

    I've no experience with PureMessage but with reading docs :smileywink:), so this is just how I understand it. The Release Notes say (under Additional Information): When you install PureMessage, Sophos Anti-Virus is also installed (if not already present) and on-access virus scanning starts automatically. However, PureMessage excludes certain Microsoft Exchange and IIS folders from virus scanning as recommended by Microsoft. (later in the paragraph there's a link to a detailed article - which is apparently missing).

    Thus no need to install Endpoint first. There's an intricacy though which is IMO not very clearly addressed: If you install Endpoint first, which you'll only do if you have SEC, not only won't the exclusions be set (see PureMessage for Microsoft Exchange: no exclusions are applied if the PureMessage computer is managed by Enterprise Console) - as the AV policy from SEC is applied - but you'd also have to configure the updating policy accordingly (Installing Enterprise Console and PureMessage for Microsoft Exchange on same network). So I'd go with the first sentence of the first article which says: Typically PureMessage is installed on a computer which is not managed by Enterprise Console

    HTH

    Christian

    :29143
  • 0

    Thanks for your response.

    I've installed Pure Message to test this.

    When I look at the list of excluded files, etc., under "Configure" and then "On-demand extensions and exclusions", I see no exclusions listed.

    Note: this is not in the PureMessage interface but rather in the SES+C interface.

    Is that normal?

    Either the establishment of an exclusions list failed, or the default exclusions for Exchange are simply not listed in user interface?  

    :29527
  • 0

    Hello D_M,

    if you do a managed install (i.e. if you don't just run the PureMessage installer but first install Endpoint from the CID - or using Protect Computers) the exclusions will not be set (I assumed this is clear from both what I said and the linked articles) but the SEC group's policy applies. Note there's neither a "transfer" of settings from a client to SEC (what you see in the AV-policy in SEC is what has been set - by you or defaulted - in SEC, in case the client has different settings you'll just see Differs from policy) nor any client-application/feature/role detection and corresponding customization of policies (automatically) done by SEC. 

    Christian     

    :29545
Unfiltered HTML