Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 3268 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Size of Update

ZENAGUi AMINE

Good Day,

Pleae need to be informed if any light version of Sophos central are available, because the consumption result of the update file is very importante knowing that we have an limited volume internet subscription, also we would like to know the average of the amount of data consumed per month.

Best Regards,



This thread was automatically locked due to age.
Parents
  • 0

    Hello Zenagui Amine,

    Currently there are no plans of a light version of Sophos Central Endpoint Protection, likely due to the reduction of features also reducing security.  Sophos releases new threat definitions roughly every 3-4 hours and these are on average 15 KB in size.  Sophos also releases major software versions roughly once every 3-4 months and these generally vary between 100 - 400 MB.  If there is a concern on data bandwidth, you can deploy an Update Cache in your environment so one server pulls updates from Sophos and your endpoints pull updates from your server Update Cache.  More information on Update Caches can be found here: https://community.sophos.com/kb/en-us/122577

  • 0 in reply to JustanOn

    Dear Jaramillo,

    Sorry for late response, please note that wehave Sophos Entrprise console SEC 5.5 and we observe an interval of 07Gb and 10Gb of update that has been consumed, which is very important compared to an antiviral database update, knowing that in our case we have a limited satellite internet connection.

    Thanks 

  • 0 in reply to ZENAGUi AMINE

    Hello ZENAGUi AMINE,

    Central is not the ideal forum if you have SEC - Endpoint Security and Control would be the right one.

    we observe an interval of 07Gb and 10Gb of update
    I'm not sure I understand you correctly - you mean your SEC/SUM downloads 7GB to 10GB per month over a satellite link? And you are sure that it's your server that is downloading from Sophos that causes this traffic? 

    Christian

  • 0 in reply to QC

    Dear Christian,

     

    Sorry for the mistake on the choice of the forum.

     

    About a download of 07GB to 10GB, this is indicated in our UTM Sophos, But if you have any idea to verify this consumption thnks to inform us, like for exemple the size of warehousse.

  • 0 in reply to ZENAGUi AMINE

    Hello ZENAGUi AMINE,

    just to make sure I understand your setup correctly. Your site is connected to a satellite link via UTM. SEC updates from Sophos through the UTM, all endpoints update from the SEC server?

    Depending in your license and subscriptions the Warehouse should be less than 1GB, and as it hasn't to download the whole warehouse every month it should get the amount of traffic you observe - at least that's what I assume, never monitored it.

    Christian

  • 0 in reply to QC

    Dear Christian,

    Yes It correctly about the architecture, you can see in the attached file that reccurent connection are to Akamai Technologie.      

     

Reply Children
  • 0 in reply to ZENAGUi AMINE

    Hello ZENAGUi AMINE,

    it shouldn't be too hard to identify the addresses used for downloads with the information from this Content Delivery Network article. The number of connections that SEC/SUM makes naturally depends on the updating schedule - in case of threat detection data this is an interval, the default 10 minutes would result in at least 144 connections per day.
    I forgot that there's another component causing downloads, namely Patch. Looks like it'd pull more than 1GB per month (from Microsoft and cache.lumension.com).

    Christian

  • 0 in reply to QC

    Hello Christian,

    We will decrease the number of connections to once per day to limit the request, for the other component causing a download of more than 01 GB, is it possible to give us more détail ?

    Regards,

  • 0 in reply to ZENAGUi AMINE

    Hello ZENAGUi AMINE,

    once per day
    there are two schedules - the one for Threat detection data updating and the one for Software updating. For the former you can select an interval from 5 to 1440 minutes resulting in 288 to just one connection per day. While this reduces the number of connections it won't significantly reduce the volume. Please also note that the data is updated every few hours and checking just once per day causes a perhaps perilous latency. The minimum schedule for Software updating is once per week (unless you effectively turn it off with a No updates schedule). Again this would have only minimal impact on volume.

    The schedule for the PatchDataLoader has no interface, AFAIK it processes the feed every 24 hours but only some metadata is downloaded if there are no changes. The major download (500+MB) occurs on Microsoft's Patch Day when a new .cab is available. Can't say if you can disable Patch if you're not using it.

    Christian

Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML