Sophos Anti-Virus SBE: configuring computers running Windows XP SP2 or Windows 2003 SP1

Windows XP Service Pack 2 (SP2) and Windows 2003 Service Pack 1 (SP1) enhance the Windows Firewall and enable it by default. The DCOM security structure is also changed.

The following changes must be made on all Windows XP SP2 and Windows 2003 SP1 computers running Sophos Anti-Virus Small Business Edition (SBE):

1. In order to allow Sophos Anti-Virus SBE messages through the Windows Firewall, you must add a program exception:
   C:\Program Files\Sophos\Remote Management System\RouterNT.exe
   to all Windows XP SP2 and Windows 2003 SP1 computers on which the Windows Firewall is enabled.
2. The Sophos AutoUpdate Agent service must be set to run as LocalSystem.

A further change may be needed where a Windows XP SP2 or Windows 2003 SP1 computer is running the Sophos Control Center, as File and Printer Sharing must be enabled in the Windows Firewall settings. However, Windows usually enables this automatically if a share already exists when SP2 is installed, or if a share is subsequently created.

What to do

1. Open the Windows Firewall dialog box.
   
   
2. Add the program exception in the Windows Firewall:
   • Select the Exceptions tab
   • Click 'Add Program'
   • Click 'Browse'
   • Browse to C:\Program Files\Sophos\Remote Management System\RouterNT.exe and select it (the .exe file extension may not be visible)
   • Click 'OK' twice to confirm.
   If required, on the Exceptions tab, check 'Display a notification when Windows Firewall blocks a program'.
   
   
3. Set the Sophos AutoUpdate Agent service to run as LocalSystem and restart it:
   • Open 'Services'
   • Double-click 'Sophos AutoUpdate Agent'
   • Select the Log On tab
   • Click 'Local System account'
   • Click 'OK'
   • Right-click 'Sophos AutoUpdate Agent'
   • Select 'Restart'.

These changes can be made individually at each computer, or deployed as part of group policy in Active Directory.