Antivirus and Security Software from Sophos

Psst, Mac user! We have a free Mac anti-virus just for you.

Online support

Product maintenance

Contact support

Support services

Resource centers

UK IT Security Events

Get the low-down on our cup winning security solutions to provide you with a defence dream team

Using ExportConfig.exe to create XML configuration files

The command-line utility ExportConfig.exe enables you to retrieve policies from the Console and save them as XML configuration files. These XML configuration files can be used to centrally configure unmanaged computers, or to implement features not available from the console.

    Known to apply to the following Sophos product(s) and version(s)
    Enterprise Console 3.0
    Enterprise Console 3.1.0
    Enterprise Console 3.1.1
    Enterprise Console 4.0.0
    Enterprise Console 4.5.0
    Enterprise Console 4.7.0
    Sophos Enterprise Manager 4.7.0
    ExportConfig
    • On a server running Enterprise Console 3.x
      • ExportConfig.exe is available in the TOOLS folder on the Sophos Anti-Virus Network Install CD, or in the unpacked TOOLS folder (for example) C:\sec31\Tools\. You must place ExportConfig.exe in C:\Program Files\Sophos\Enterprise Console before performing the procedure below.
    • On a server running Enterprise Console 4.x
      • ExportConfig.exe is available in the C:\Program Files\Sophos\Enterprise Console\ folder.
    • On a server running Enterprise Manager 4.x
      • ExportConfig.exe is available in the C:\Program Files\Sophos\Enterprise Manager\ folder.
    NOTE: The "Program Files" folder is "Program Files (x86)" on Windows 64-bit.

    What to do

    NOTE: Policy names are case sensitive.

    1. Check that you are logged on as a member of the Sophos Console Administrators group. (By default, the user who installed Enterprise Console is in this group.)
    2. Run a command prompt and move to the directory as defined above.
    3. Type exportconfig.exe to show the usage options.
    4. Specify the type of policy you want to retrieve (this option is required):
      • An updating policy is indicated by the parameter '-type AU'
      • An anti-virus and HIPS policy is indicated by the parameter '-type SAV'
      • A firewall policy is indicated by the parameter '-type SCF'
      • An application control policy is indicated by the parameter '-type SAC'
      • A data control policy is indicated by the parameter '-type DATC'
      • A device control policy is indicated by the parameter '-type DEVC'
      • A tamper protection policy is indicated by the parameter '-type TP'
      • A legacy updating policy is indicated by the parameter '-type LEGAU'
    5. By default, you export your Default policy. To retrieve a named policy use the '-policy' parameter, followed by the policy name. (Do not use this parameter for a Default policy.)
    6. Also specify the location of the XML file to save the policy in. Use the '-output' parameter followed by the location and filename.

      If your policy name has a space in it, you must enclose it in inverted commas. For example, if your policy name is 'A Policy', you must use "A Policy".

      • The updating policy file should be called 'sauconf.xml'
      • The anti-virus and HIPS policy file should be called 'savconf.xml'
      • The firewall policy file should be called 'SCFCidConfig.conf'*
      • The application control policy file should be called 'savconfappc.xml'1
      • The data control policy file should be called 'savconfdatac.xml'**1
      • The device control policy file should be called 'savconfdevc.xml'**
      • The tamper protection policy file should be called 'savconftp.xml'***
      • A legacy updating policy file should be called 'sauconf.xml'.

      Notes:
      * the firewall policy can only be exported this way in Enterprise Console 4 or later or in Enterprise Manager. In Enterprise Console 3, please use the 'Export Policy' button in the firewall setting dialog
      ** these policies are only available in endpoint software 9 or later and Enterprise Console 4 or later or Enterprise Manager.
      ***the tamper protection policy is only available in endpoint software 9 or later and Enterprise Console 4.5 or later or Enterprise Manager.
      1 these policies are not available in Enterprise Manager.

      Examples:
      exportconfig -type AU -policy "A Policy" -output c:\temp\sauconf.xml
      exportconfig -type SAV -output c:\temp\savconf.xml
      exportconfig -type SAC -policy "Another Policy" -output c:\savconfappc.xml

      The example commands will export a named updating policy called 'A Policy', the default anti-virus policy, and an application control policy called 'Another Policy'.

    7. Place the xml files in the appropriate directories

    When you have generated the XML files, place them in the following directories for the appropriate operating system(s) and product versions. The updating directories are listed below:

    On... Endpoint Security and Control 8
    (Sophos Anti-Virus)    		 Endpoint Security and Control 8
    (Sophos Anti-Virus with Sophos Client Firewall)    		 Endpoint Security and Control 9 or later
    Windows 2000+ \\SERVER\InterChk\ESXP \\SERVER\Interchk\SAVSCFXP \\SERVER\SophosUpdate\CIDs\[serial number]\
    Windows NT \\SERVER\InterChk\ESNT n/a n/a
    Windows 95/98

    \\SERVER\InterChk\ES9X

    n/a

    n/a

    • Put savconf.xml in the savxp folder
    • Put sauconf.xml in the sau folder
    • Put SCFCidConfig.conf in the scf folder
    • Put savconfappc.xml in the savxp folder
    • Put savconfdatac.xml in the savxp folder
    • Put savconfdevc.xml in the savxp folder
    • Put savconftp.xml in the savxp folder
    • Put legacy updating.xml in the sau folder

    Next step

    Now you must use ConfigCID.exe to ensure that networked computers update with the new configuration.

    If you need more information or guidance, then please contact technical support.