When will *Enterprise* Sophos 7.3.12 be updated *from Sophos*?

---

maser wrote:

We have machines with 7.3.12 installed -- the Enterprise version -- that get it's updates from Sophos directly.

When now trying to run "Scan local drives" a box pops up that says:

Sophos Anti-Virus error

Threat data is too old.  Please update Sophos Anti-Virus

*When* will Sophos be providing the automatic update for 7.3.12 users to 8.0.*something*?

I'm assuming this error messages means all of the 7.3.12-running computers are actually *not* protected?

This seems pretty serious.   If Sophos is still holding back the 8.0.x automatic upgrades (and 7.3.12 is now "insecure"), they are doing a serious disservice to it's customers!

---

7.3.12 is the product version, not the threat data version.  If you aren't able to download automatic updates of threat data, that is indeed a serious issue.  The 7.3.12 product itself should still be functioning just fine -- and it won't be long now until the forced upgrade to v8 happens.

Someone from support would probably be able to help you further on this issue, as well as take immediate action to try and solve your update failure issues.

So, here we heard this:

The Sophos Escalation Team's response to this question is that they don't know when SAV7 will auto-update to SAV8 (no ETA) because of outstanding technical issues.

Stuff like this just thrills me to no end.  

How is/was the *home* version of Sophos able to update to SAV8, but the Enterprise version -- which gets it's updates from Sophos -- not be able to perform the same update?

Hello Steve,

I'm neither Sophos nor a lawyer so it's actually none of my business - just wondering why you use the SA version and also update from Sophos directly? Is it a Mac-only environment?

How is/was the *home* version of Sophos able to update to SAV8, but the Enterprise version -- which gets it's updates from Sophos -- not

The AutoUpdate component is the same for managed and SA builds (and the following applies to a site's Update Manager - SUM - as well). When updating from Sophos it looks for some hardcoded, (SAV-)version dependent bootstrap information (what stuff do you have for Mac SAV 7). The server examines the credentials and decides whether the client is entitled to download at all and if, which version and components to return (in form of a catalog). When a new version is available it is

• not presented to all credentials at the same time - this is to distribute the load on the network over a certain period
  
• for the first weeks presented only when specifically requested (AutoUpdate does this when the version has already been upgraded, SUM can be instructed by an administrator to request the new version) - this is to allow sites some control over the rollout of new versions

Clearly as long as the "old" version is not actually retired it must be returned to all clients not explicitly requesting the new one. If a site has elected to stay at the old version for yet some time and clients occasionally update from Sophos (because it is configured as Secondary) the would suddenly upgrade - only to be forced to downgrade when they return to their home network. Thus as long as the old version is available to sites (and 7.3.12 is) it has to be assumed that it is not desired that a client is force-upgraded by a download from Sophos.

Having said this, in order to use a new version on SA clients updating from Sophos only before the old one is retired it has to be installed manually (on Windows there's a hack making AutoUpdate look for the new version and it might be that something similar is possible on the Mac, but I don't know).

Christian      

Yes, we are a Mac-only environment for our campus-wide Anti-Virus solution (we have punted to Microsoft Forefront for Windows to save some money...)

Your argument is valid -- only if Sophos did not already have a track history of having automatic version updates distributed from Sophos (4.9 was auto-updated to 7 back in 2009...)

The fact that "7.3.14" was released (and subsequent e-mails I got from Sophos Support last night) indicates that they have/had problems allowing the from-Sophos update to work and the hopes will be that the 8.0.8 will be deemed good enough to allow that automatic update stream to turn on...