How to prepare Endpoint Security and Control for inclusion in a disk image

  • Article ID: 28591
  • Rating:
  • 13 customers rated this article 2.3 out of 6
  • Updated: 10 Dec 2015

Important: The recommended procedure for inserting Sophos Anti-Virus into a disk image is described in the knowledgebase article Sophos Anti-Virus for Windows 2000+: incorporating Sophos Anti-Virus current versions in a disk image, including for use with cloned virtual machines 

The article on this page should only be used if you have already worked through the procedures in the above article, and it did not solve the issues you are experiencing. The method outlined in this article does not work for including the Sophos Patch Agent in a disk image. Please see the a fore mentioned article for including Sophos Patch Agent in your disk image. Sophos does not recommend including Sophos Encryption products in disk images.

Only applies to endpoints managed by Sophos Enterprise Console.  For cloud managed endpoints please see KB120560

Applies to the following Sophos product(s) and version(s)
Sophos Endpoint Security and Control

What To Do

You create a disk image by installing the Sophos software that you wish to include on the disk image and then removing all components except Sophos AutoUpdate. This will ensure that when the image comes online, the latest version of each component is automatically downloaded and installed from the update location you configure.

Important: Always ensure that the Sophos installer package you use to create the image is less than six months old.  Where the operating system is Windows Vista or Windows 7, you may need to modify the path slightly, e.g. in step 6, if you are running Vista, substitute 'ProgramData' for 'Program Files'.

  1. Install Endpoint Security and Control to a client machine as if it was a fresh install. Ensure that it is set to update from the location you will eventually want your cloned computers updating from.

  2. After the initial update has finished, stop the Sophos AutoUpdate service and set it to disabled. (This prevents an update starting during the procedure. The service will restart automatically at the end of the procedure.)

  3. Browse to C:\Program Files\Sophos\Remote Management System.

  4. Copy the following files to an different location (anywhere outside the Sophos folder will do):
    • cac.pem
    • mrinit.conf

  5. Go to 'Add/Remove Programs', and check if the following components are listed:
    • Sophos Network Access Control
    • Sophos Client Firewall

  6. If the above component are not listed go to step 7.  If they are listed open the registry editor and export the follow key to a safe location as a .reg file:
    • 32-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\AutoUpdate\Products
    • 64-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\AutoUpdate\Products

  7. Go to 'Add/Remove Programs', and remove the following components :
    • Sophos Network Access Control (if installed)
    • Sophos Client Firewall (if installed)
    • Sophos Anti-Virus
    • Sophos Remote Management System (RMS)

  8. If you did not need to export the registry key in step 6 go to step 9.  If you needed to export the key: import the key back into the registry by double-clicking the .reg file.

  9. Reboot the system to finalize the removal.

  10. Open the cache folder found in the following location:
    (Windows 2000/2003/XP) C:\Program Files\Sophos\AutoUpdate\
    (Windows Vista/7/2008) C:ProgramData\Sophos\AutoUpdate\

  11. Delete the contents of the cache folder.

  12. Find and delete the status.xml file from the following location:

    (Windows 2000/2003/XP) C:\Program Files\Sophos\AutoUpdate\data\status\
    (Windows Vista/7/2008): C:\ProgramData\Sophos\AutoUpdate\data\status\

  13. Browse to C:\Program Files\Sophos\.

  14. Create a new folder named Remote Management System .

  15. Move the files you copied to a new location in step 4 (cac.pem, and mrinit.conf) to the folder you just created.

  16. Open Windows Services (Start | Run | type services.msc and press the Enter key).

  17. Set the Sophos Autoupdate Service to 'Automatic' but leave the service stopped.

  18. Now take the image.

After installing the image, once the new computer is booted up, AutoUpdate will update from the server it is configured to update from. The installer will then run and download and re-install the remaining components from the update location.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent