How to Deploy Sophos Anti-Virus Endpoint managed by UTM 9

  • N.º del artículo: 117522
  • Actualizado: 16 abr 2013

This article explains the various deployment methods of Sophos Anti-Virus available by a managed UTM 9 appliance. To install the below packages you must have sufficient administrator rights and must not rename the filename specified from the UTM.

Known to apply to the following Sophos product(s) and version(s)

UTM Managed Endpoint (Windows 2000+)
Sophos UTM v9

What To Do

There are various methods to deploy Sophos Anti-Virus Endpoint within a UTM managed environment.

Download the Endpoint installer(s) from UTM

  1. Within the UTM interface, under 'Endpoint Protection' | 'Computer Management' select the 'Deploy Agent' tab. 
  2. Then select from either the 'Slim Installation Package' or 'Full Installation Package' and download the required installer package.
    • The 'Slim Installation Package' contains Sophos AutoUpdate and Sophos Management Communications System.
    • The 'Full Installation Package' contains Sophos AutoUpdate, Sophos Management Communications System and Sophos Anti-Virus.

  3. Once the installer file has been downloaded copy the file via a network share or memory stick etc. to the endpoint requiring the Sophos Anti-Virus installation.
  4. Double click on the installer file to launch the installation wizard and follow the prompts to complete the installation.

    Note: To run the installation on the endpoint the logged on user must have sufficient administrator rights.

Copy the download link(s) available within the UTM

  1. Within the UTM interface, under 'Endpoint Protection' | 'Computer Management' select the 'Deploy Agent' tab. 
  2. Then select from either the 'Slim Installation Package' or 'Full Installation Package' and copy the required download link listed in the dark grey text box.
    • The 'Slim Installation Package' contains Sophos AutoUpdate and Sophos Management Communications System.
    • The 'Full Installation Package' contains Sophos AutoUpdate, Sophos Management Communications System and Sophos Anti-Virus.

  3. Paste the link from the UTM into an email or a file which the endpoint required can access.
  4. On the endpoint copy the link and paste into a web browser address bar and download the installer package.
  5. Once the file has downloaded, double click on the installer file to launch the installation wizard and follow the prompts to complete the installation.

    Note: To run the installation on the endpoint the logged on user must have sufficient administrator rights.

Scripted endpoint installation using Active Directory group policy

  1. Download the Installer package required as above and copy to a share accessible on your server for all your endpoints.
  2. Navigate to Start | Run and enter notepad and click ok.
  3. Once the notepad file is open, copy and paste the below into the file:

    @echo off
    SET MCS_ENDPOINT=Sophos\Management Communications System\Endpoint\McsClient.exe
    IF "%PROCESSOR_ARCHITECTURE%" == "x86" GOTO X86_PROG
    IF NOT EXIST "%ProgramFiles(x86)%\%MCS_ENDPOINT%" GOTO INSTALL
    exit /b 0

    :X86_PROG
    IF NOT EXIST "%ProgramFiles%\%MCS_ENDPOINT%" GOTO INSTALL
    exit /b 0

    :INSTALL
    pushd \\servername\share
    SophosMcsEndpoint_Q88J89F8H13B9b69e.exe -q
    Popd


  4. Amend the line pushd \\servername\share with the folder location of the installer package accessible for the clients.
  5. Amend the line below the \\servername\share with the filename of the package.
  6. Save the file as SophosEndpointInstall.bat

Logon/Logoff Script

See article 13273 for creating logon/logoff script using the above SophosEndpointInstall.bat.

Important:

  • Do not rename the filename of the package as this will cause the installation to fail.
  • The logon/logoff script will only be successful if the end user logging on/off the endpoint has sufficient administrator rights.

Startup/Shutdown Script

See article 13090 for creating a startup/shutdown script using the above SophosEndpointInstall.bat.

Important:

  • Do not rename the filename of the package as this will cause the installation to fail.
  • This maybe a preferred method of deployment as the SYSTEM account is used for deployment.

If you have further issues with the deployment see the troubleshooting article 117523.

Command line install

To run the installer from command line, see article 117630.

Further reading

 
Si necesita más ayuda, póngase en contacto con soporte técnico.

Valore el artículo

Muy malo Excelente

Comentarios