1 / 77

Sophos Enterprise Solutions

Sophos Enterprise Solutions. This Seminar…. Overview Components — EM Library, Enterprise Console, Clients OS requirements and product functionality EM Library In depth Enterprise Console In depth Clients In brief. Overview. Components. EM Library (essential)

yanni
Télécharger la présentation

Sophos Enterprise Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Sophos Enterprise Solutions

  2. This Seminar… • Overview • Components — EM Library, Enterprise Console, Clients • OS requirements and product functionality • EM Library • In depth • Enterprise Console • In depth • Clients • In brief

  3. Overview

  4. Components • EM Library (essential) • Manages downloading of software from Sophos • Enterprise Console (optional — sort of) • Manages clients • Sophos Anti-Virus Clients (essential) • Client software for virus detection and disinfection

  5. Requirements — EM Library • Windows • Windows NT SP6a • Windows 2000 Professional or Server (SP3+) • Windows XP Professional (SP1+) • Windows 2003 Server • Requires MMC 1.2 • IE 5.5 SP2 or above

  6. Requirements — Enterprise Console • Windows 2000 (SP3+) or 2003 Server • If managing more than 10 PCs • Windows 2000 (SP3+) or XP (SP1+) Professional • If managing up to 10 PCs • May be used to define and export policies, regardless of PCs managed

  7. Function — EM Library • Downloads package updates from Sophos to a library according to a schedule • Default is c:\program files\sophos enterprise manager\library shared as SophosEM • Library can be remote or local • Optionally publishes packages to make them available to child libraries

  8. Function — EM Library • Pushes updates to Central Installation Directories (CIDs) • CIDs can be on remote servers (e.g. unix) • CIDs can be published via a web server • Clients check CIDs for updates and download as required

  9. Function — Enterprise Console • Deploy software to clients • Monitor status of client installations • Organise clients into groups • Define and apply updating and anti-virus polices to groups of PCs • Report on alerts etc.

  10. 1. EM Library pulls updates from Sophos according to schedule Clients Sophos Databank at sophos.com Library maintained by EM Library OS X OS X OS X 2. EM Library pushes updates to central installation directories (CIDs) Mac OS X 10.2+ CID on AppleShare compatible share 2000/XP/2003 CID on samba share 2000/XP/2003 CID on Windows share 2003 2003 2000 2003 2000 2000 2003 2000 XP XP XP XP 3. Clients check CIDS according to their schedule and pull updates from CIDs 2000/XP/2003 CID on Apache 2000/XP/2003 CID on IIS 95/98/Me CID on Windows share ME 98 95

  11. How does Enterprise Console fit in? • Not required to provide updates to clients • May be used to manage clients

  12. Documentation • Sophos enterprise solutions installation advisor • Sophos Anti-Virus Startup Guide • Knowledgebase • Ignore docs with references to Remote Updates, SAVAdmin • Look for EM Library v1.2, Enterprise Console 1.0, Clients 4.5 or 5.0 • http://www.oucs.ox.ac.uk/viruses/sophos/antivirus as a starting point

  13. Questions?

  14. EM Library

  15. Installation • Download required network installer from micros.oucs • Before installation on Domain Controller • Optionally create domain a/c with admin privileges • http://www.sophos.com/support/knowledgebase/article/2522.html • Global credentials used to access and update CIDs (Can be altered for individual CIDS) • Run installer • Server: es10sfx.exe (unpacks to \sec10) • Workstation: run es10wssfx.exe – if you run setup.exe from unpacked files it will fail (tells you only server supported!)

  16. Installation • To install EM Library only • \sec10\Serverinstaller\EMConsole\setup.exe • Post Installation • Patch MSDE 2000 engine (use MBSA to determine appropriate patches) • Not required if only installing EM Library (MSDE installed by Enterprise Console only) • Note EM Library creates share for EM Library installation files • Default is C:\Program Files\Sophos Enterprise Manager\console\bin\inst shared as EMLibInstaller

  17. Configuring EM Library

  18. Create Library • Location for downloaded files from Sophos • Local or remote • Prompts for installation path and library share name • Defaults are C:\Program Files\Sophos Enterprise Manager and SophosEM • Prompts for path and share name for Central Installation Directories • Default C:\Program Files\Sophos Sweep for NT shared as Interchk

  19. Create Library

  20. Create network account • Used to update library files • May need to use pre-created domain account on a domain controller • Unclear whether you need to pre-create account if installing on member server in a domain • http://www.sophos.com/support/knowledgebase/article/2522.html • On standalone server you can choose option to create account

  21. Create Network Account

  22. Select Parent

  23. Select Parent • Source of files to download to library • Can be Sophos databank or another library • Will generally be the Sophos databank • Credentials available from ITSS restricted facilities web page • https://register.oucs.ox.ac.uk:6123/cgi-bin/diagonalley/index • Under Sophos EM Library Update Service • Do not divulge these to anyone except ITSS!

  24. Select Parent

  25. Schedule Downloads

  26. Schedule Downloads • Sets up schedule for downloading from Sophos or parent library • Generally set up new schedule and accept defaults • Downloads updates once every hour (random offset) • Downloads can also be triggered manually via EM Library

  27. Schedule Downloads

  28. Schedule Downloads

  29. Select Packages

  30. Select Packages • Default view shows only the current versions of the new Sophos clients

  31. Select Packages • Uncheck options to see more packages

  32. Download Packages

  33. Download packages • Triggers initial download of packages to populate both library and central installation folders (CIDs) • Default CID already set up for each package • If you want to move CIDs (e.g. to linux box) you can do this before downloading • …or later

  34. Download Packages • Can also be used at any time to trigger manual update of packages

  35. Configuring Packages

  36. Configuring Packages • Subscribed • Will be downloaded according to schedule • Unsubscribed • Will not be downloaded • Right-click to subscribe • Published • Available to child libraries • Right-click to publish

  37. Configuring Central Installations

  38. Configuring Existing CIDs • Can alter location of CID (e.g. to a different server) • Can alter credentials to access CID • Can change updating schedule (default is to update immediately after library is updated) • Can locate CIDs on other servers, so long as the location is accessible from Windows box (e.g. via Samba)

  39. Configuring Central Installations • Right-click to configure existing CIDs

  40. Add additional CIDs • Packages/subscribed and right-click on chosen package • Configure options as per configuring existing CIDs

  41. CIDs — Additional Information • Note special requirements for CIDs for the following clients (see manuals) • Mac OS X • Netware • Unix • We will cover some of these points in more detail in future seminars • Manually update a CID via right-click/Update CID

  42. CID Anatomy

  43. CID Anatomy • cidsync.upd • Clients use this to check synchronisation status • Includes details of all files (including ides) • Binary file, generally updated by EM Library • rms folder is optional • Remote management components used by Enterprise Console • Need to tell installer not to use it (default is to install rms) • More on this in the next seminar…

  44. EM Library — Tools/Options • Console Options • Display, refresh etc. • Security • Who can run EM Library • Effectively adds and removes users or groups from the EMLibrary Users group • Notifications • Method (Email, Event Log, Network Messaging) • What is notified

  45. EM Library — Scripts • \\server\SophosEM\bin\EMLexp.exe (C:\Program Files\Sophos Enterprise Manager\Library\bin\EMLexp.exe) • Export library settings to XML file • Import library settings from XML file • Trigger manual update of a library • NB File may require editing before import to different server (see http://www.sophos.com/sophos/docs/eng/manuals/eml_men.pdf)

  46. EM Library — Scripts • Manual update of child library via batch file • http://www.sophos.com/sophos/docs/eng/manuals/eml_men.pdf) • Page 48

  47. Questions?

  48. Sophos Enterprise Console

  49. Enterprise Console • Install using network installers as per EM Library • Manage clients in a controlled environment, e.g. college or department • Remote installation and updating of Sophos • Status of Sophos on machines • Reporting • Apply Policies for updating and A-V engine • Apply via Enterprise Console • Or export to files for inclusion in CIDs

  50. Console View

More Related