Download presentation
Presentation is loading. Please wait.
1
Sophos Enterprise Solutions
2
This Seminar… Overview –Components — EM Library, Enterprise Console, Clients –OS requirements and product functionality EM Library –In depth Enterprise Console –In depth Clients –In brief
3
Overview
4
Components EM Library (essential) –Manages downloading of software from Sophos Enterprise Console (optional — sort of) –Manages clients Sophos Anti-Virus Clients (essential) –Client software for virus detection and disinfection
5
Requirements — EM Library Windows –Windows NT SP6a –Windows 2000 Professional or Server (SP3+) –Windows XP Professional (SP1+) –Windows 2003 Server Requires MMC 1.2 IE 5.5 SP2 or above
6
Requirements — Enterprise Console Windows 2000 (SP3+) or 2003 Server –If managing more than 10 PCs Windows 2000 (SP3+) or XP (SP1+) Professional –If managing up to 10 PCs –May be used to define and export policies, regardless of PCs managed
7
Function — EM Library Downloads package updates from Sophos to a library according to a schedule –Default is c:\program files\sophos enterprise manager\library shared as SophosEM –Library can be remote or local Optionally publishes packages to make them available to child libraries
8
Function — EM Library Pushes updates to Central Installation Directories (CIDs) –CIDs can be on remote servers (e.g. unix) –CIDs can be published via a web server Clients check CIDs for updates and download as required
9
Function — Enterprise Console Deploy software to clients Monitor status of client installations Organise clients into groups Define and apply updating and anti-virus polices to groups of PCs Report on alerts etc.
10
Library maintained by EM Library Sophos Databank at sophos.com 1. EM Library pulls updates from Sophos according to schedule 2000/XP/2003 CID on Windows share 95/98/Me CID on Windows share Mac OS X 10.2+ CID on AppleShare compatible share 2000/XP/2003 CID on IIS 2000/XP/2003 CID on samba share 2000/XP/2003 CID on Apache 2. EM Library pushes updates to central installation directories (CIDs) OS X XP 2000 2003 9598 ME XP2000 2003 3. Clients check CIDS according to their schedule and pull updates from CIDs XP2000 2003 XP 2000 2003 Clients
11
How does Enterprise Console fit in? Not required to provide updates to clients May be used to manage clients
12
Documentation Sophos enterprise solutions installation advisor Sophos Anti-Virus Startup Guide Knowledgebase –Ignore docs with references to Remote Updates, SAVAdmin –Look for EM Library v1.2, Enterprise Console 1.0, Clients 4.5 or 5.0 http://www.oucs.ox.ac.uk/viruses/sophos/antivirus as a starting pointhttp://www.oucs.ox.ac.uk/viruses/sophos/antivirus
13
Questions?
14
EM Library
15
Installation Download required network installer from micros.oucs Before installation on Domain Controller –Optionally create domain a/c with admin privileges http://www.sophos.com/support/knowledgebase/article/2522. html Global credentials used to access and update CIDs (Can be altered for individual CIDS) Run installer –Server: es10sfx.exe (unpacks to \sec10) –Workstation: run es10wssfx.exe – if you run setup.exe from unpacked files it will fail (tells you only server supported!)
16
Installation To install EM Library only –\sec10\Serverinstaller\EMConsole\setup.exe Post Installation –Patch MSDE 2000 engine (use MBSA to determine appropriate patches) –Not required if only installing EM Library (MSDE installed by Enterprise Console only) –Note EM Library creates share for EM Library installation files Default is C:\Program Files\Sophos Enterprise Manager\console\bin\inst shared as EMLibInstaller
17
Configuring EM Library
18
Create Library Location for downloaded files from Sophos Local or remote Prompts for installation path and library share name –Defaults are C:\Program Files\Sophos Enterprise Manager and SophosEM Prompts for path and share name for Central Installation Directories –Default C:\Program Files\Sophos Sweep for NT shared as Interchk
19
Create Library
20
Create network account Used to update library files May need to use pre-created domain account on a domain controller Unclear whether you need to pre-create account if installing on member server in a domain –http://www.sophos.com/support/knowledgebase/articl e/2522.html On standalone server you can choose option to create account
21
Create Network Account
22
Select Parent
23
Source of files to download to library Can be Sophos databank or another library –Will generally be the Sophos databank Credentials available from ITSS restricted facilities web page –https://register.oucs.ox.ac.uk:6123/cgi- bin/diagonalley/indexhttps://register.oucs.ox.ac.uk:6123/cgi- bin/diagonalley/index –Under Sophos EM Library Update Service –Do not divulge these to anyone except ITSS!
24
Select Parent
25
Schedule Downloads
26
Sets up schedule for downloading from Sophos or parent library Generally set up new schedule and accept defaults Downloads updates once every hour (random offset) Downloads can also be triggered manually via EM Library
27
Schedule Downloads
29
Select Packages
30
Default view shows only the current versions of the new Sophos clients
31
Select Packages Uncheck options to see more packages
32
Download Packages
33
Download packages Triggers initial download of packages to populate both library and central installation folders (CIDs) –Default CID already set up for each package If you want to move CIDs (e.g. to linux box) you can do this before downloading –…or later
34
Download Packages Can also be used at any time to trigger manual update of packages
35
Configuring Packages
36
Subscribed –Will be downloaded according to schedule Unsubscribed –Will not be downloaded –Right-click to subscribe Published –Available to child libraries –Right-click to publish
37
Configuring Central Installations
38
Configuring Existing CIDs Can alter location of CID (e.g. to a different server) Can alter credentials to access CID Can change updating schedule (default is to update immediately after library is updated) Can locate CIDs on other servers, so long as the location is accessible from Windows box (e.g. via Samba)
39
Configuring Central Installations Right-click to configure existing CIDs
40
Add additional CIDs Packages/subscribed and right-click on chosen package Configure options as per configuring existing CIDs
41
CIDs — Additional Information Note special requirements for CIDs for the following clients (see manuals) –Mac OS X –Netware –Unix We will cover some of these points in more detail in future seminars Manually update a CID via right- click/Update CID
42
CID Anatomy Top LevelPurpose cid\ setup.exeMain setup file cidsync.updUsed to check synchronisation status sau\AutoUpdate files cidsync.updUsed to check synchronisation status sauconf.xmlOptional file to configure updating policy rms\Remote Management System files cidsync.updUsed to check synchronisation status savxp\Sophos Anti-virus files cidsync.updUsed to check synchronisation status savconf.xmlOptional file to configure A-V policy
43
CID Anatomy cidsync.upd –Clients use this to check synchronisation status –Includes details of all files (including ides) –Binary file, generally updated by EM Library rms folder is optional –Remote management components used by Enterprise Console –Need to tell installer not to use it (default is to install rms) –More on this in the next seminar…
44
EM Library — Tools/Options Console Options –Display, refresh etc. Security –Who can run EM Library –Effectively adds and removes users or groups from the EMLibrary Users group Notifications –Method (Email, Event Log, Network Messaging) –What is notified
45
EM Library — Scripts \\server\SophosEM\bin\EMLexp.exe (C:\Program Files\Sophos Enterprise Manager\Library\bin\EMLexp.exe) –Export library settings to XML file –Import library settings from XML file –Trigger manual update of a library –NB File may require editing before import to different server (see http://www.sophos.com/sophos/docs/eng/man uals/eml_men.pdf)
46
EM Library — Scripts Manual update of child library via batch file –http://www.sophos.com/sophos/docs/eng/man uals/eml_men.pdf)http://www.sophos.com/sophos/docs/eng/man uals/eml_men.pdf –Page 48
47
Questions?
48
Sophos Enterprise Console
49
Enterprise Console Install using network installers as per EM Library Manage clients in a controlled environment, e.g. college or department –Remote installation and updating of Sophos –Status of Sophos on machines –Reporting Apply Policies for updating and A-V engine –Apply via Enterprise Console –Or export to files for inclusion in CIDs
50
Console View
51
Viewing Computers Actions/Find Computers –Relies on Microsoft networking (browse masters etc.) –Windows XP firewall likely to cause problems File/Import computers from file –File format (text file) [] ||name1 ||name2 –Netbios or DNS names –See help for full information (testing shows that you may need to include OS)
52
Organising Computers — Groups Need at least one group in order to define policies Move PCs from Unassigned into groups
53
Configuring Policies Updating and Anti-virus policies Policies may be different for each group Updating policy has different sections for each OS –At least one section must be configured Updating policy must be set before protecting PCs via Enterprise Console Use Comply with… to enforce policies
54
Updating Policy Need to specify at least –Primary source (for updates) –Credentials (if required) Can specify other items –How often client checks for updates
55
Updating Policy
56
Anti-virus policy E.g. scheduled and on-access scanning
57
Protect Computers — Prerequisites Need access to clients via file share –XP or other personal firewall –May prefer to install from client Need account with admin credentials on clients Need same account credentials to exist on server (does not need to be admin) –Don’t have to be logged in as this account –Suspect non-domain issue Must configure Updating Policy on group before protecting
58
Protect Computers — Wizard
59
Enterprise Console and Firewalls 3 services on client (see Appendix B) Using TCP 8192-8194 Connections may be initiated by server or clients Be wary of firewalls at both ends Only applies for management of machines –Scheduled client updates are always initiated from the client end
60
Policies Can be applied via Enterprise Console Can also be applied using files –Sauconf.xml (Updating policy) in sau folder –Savconf.xml (A-V policy) in savxp folder Useful for clients not managed by Enterprise Console –Web-based CIDs
61
Policies Export group policies from Enterprise Console using exportconfig.exe –\sec10\tools or \sec10ws\tools More detail in next seminar
62
Questions?
63
Sophos Clients
64
Client Installation Sophos AutoUpdate installed first –Configured with source of Sophos files –Credentials to access files Sophos AutoUpdate –Fetches and installs other components using source and credentials Management Components –Optional (default install from CID includes these) –Enterprise Console will install them; can be turned off using other installation methods
65
Client Components on Windows XP ComponentPurposeServices Sophos AutoUpdate Updating Sophos 1. Sophos AutoUpdate Service Sophos Anti- Virus Virus Detection1. Sophos Anti-Virus 2. Sophos Anti-Virus status reporter Sophos Remote Management System Enterprise Console Management 1. Sophos Agent 2. Sophos AutoUpdate Agent 3. Sophos Message Router
66
Client Configuration Groups created –SophosAdministrator –SophosPowerUser –SophosUser Automatically puts members of Administrators into SophosAdministrator, etc. Restricts access to configuration options
67
Group Restrictions Member of SophosAdministrator group
68
Group Restrictions Member of SophosUser group
69
Client Installation and Configuration To be continued…
70
Questions?
71
Appendix A — EM Library Default Shares –C:\Program Files\Sophos\Enterprise Manager\console\bin\inst (EMLibInstaller) Installation files for EM Library –C:\Program Files\Sophos Enterprise Manager\Library (SophosEM) Library –C:\Program Files\Sophos Sweep for NT (Interchk) Client software Central Installation Directories
72
Appendix A — EM Library Services created when Library is created –Sophos EMLibUpdate Agent –Sophos Enterprise Manager Scheduler
73
Appendix A — EM Library Users created (optional) –EMLibUser1 (can specify alternative account) –Member of Administrators Groups created –EMLibrary Users –Members of existing Administrators group are made members automatically
74
Appendix B — Enterprise Console Shares created –None known Services created –Sophos Agent –Sophos AutoUpdate Agent –Sophos Certification Manager –Sophos Management Service –Sophos Message Router
75
Appendix B — Enterprise Console Groups created –Sophos Console Administrators –Members of existing Administrators group are made members automatically –Must be a member of this group in order to run Enterprise Console
76
References Sophos enterprise solutions installation advisor –http://www.sophos.com/misc/sophos_es_support_pac k.chmhttp://www.sophos.com/misc/sophos_es_support_pac k.chm Sophos Anti-Virus Startup Guide –http://www.sophos.com/sophos/docs/eng/instguid/esa v_sen.pdfhttp://www.sophos.com/sophos/docs/eng/instguid/esa v_sen.pdf Sophos EM Library Manual –http://www.sophos.com/sophos/docs/eng/manuals/em l_men.pdfhttp://www.sophos.com/sophos/docs/eng/manuals/em l_men.pdf
77
References Sophos Enterprise Console Manual –http://www.sophos.com/sophos/docs/eng/man uals/sec_men.pdfhttp://www.sophos.com/sophos/docs/eng/man uals/sec_men.pdf OUCS Guide to Installing and Configuring EM Library and Automatic Client Updating –http://www.oucs.ox.ac.uk/viruses/sophos/ente rprise/http://www.oucs.ox.ac.uk/viruses/sophos/ente rprise/ –Refer to references section for more links
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.