In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Sophos Client Firewall installation fails when an endpoint is quarantined by Sophos NAC.

This article provides information around the Sophos Client Firewall installation when an endpoint is in quarantine. If Sophos NAC is already installed and an endpoint is in quarantine and you use Sophos Enterprise Console to install Sophos Client Firewall, the Sophos Client Firewall Installation will fail.

What to do

There are three different workarounds for this issue:

1. Using the NAC Manager, update the Sophos NAC policy so that it does not perform enforcement. Use the NAC Manager to update the policy that is applying enforcement and change the policy mode from Enforce to Report Only. This turns off enforcement so that you can complete the Sophos Client Firewall installation. You must wait until all endpoints retrieve the updated NAC policy before you attempt to install the Sophos Client Firewall. Using Sophos Enterprise Console, "Protect" the affected endpoints with Sophos Client Firewall. Once the installation is successful, update the NAC policy to change the policy mode from Report Only to Enforce.
2. Using the NAC Manager, update the policy and change the Quarantine Override to "True". This action permits the user to override quarantine on the endpoint. Have the user on each endpoint that is in quarantine check compliance. To complete this task, each user must right-click the NAC Agent icon and select Check Compliance from the menu. This action retrieves the updated policy with the Quarantine Override enabled. Have each user select Disable Agent Quarantine from the right-click menu. This action removes the endpoint from quarantine so that Sophos Client Firewall can be installed. Using Sophos Enterprise Console, "Protect" the affected endpoints with Sophos Client Firewall. Once the installation is successful, update the Sophos NAC policy to disable the Quarantine Override by changing the setting to "False".
3. Have the affected users uninstall the Sophos NAC Agent. Using Sophos Enterprise Console, "Protect" the affected computers with both Sophos NAC and Sophos Client Firewall. The "Protect" will install the Sophos NAC Agent and Sophos Client Firewall to the affected endpoints.

If you need more information or guidance, then please contact technical support.

• Article ID: 32176
• Created: 14 Dec 2007
• Last updated: 12 Nov 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement