Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 11 subscribers
  • Views 775 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Updating Query

Jack Williman

I have a couple of queries, firstly, how does Sophos Central Endpoint authenticate the device to allow updates? In the Enterprise Console on-premise client you would have to specify updatemanager details to allow the client to authenticate against the CID. Is this done on a licensing basis\if there is a client in the console now?

 

Have we lost the functionality for a second update source, for example can we have an on-site Update Cache and another update source of Sophos for the device to fail over to if the Update Cache is unreachable?

 

Does Sophos Central Endpoint create any local accounts like SEC did or is this no longer required?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Jack Williman,

    I'm not a Central user, still on SEC. Nevertheless at least a partial (but hopefully correct) answer.

    AFAIK Central uses tokens for authentication. The customertoken maps to a customer/license, ALUpdate downloads the applicable components, MCS (the RMS equivalent) registers the device that gets its unique ID assigned that is subsequently used for communication - and I assume updating as well. Perhaps someone with better knowledge will give you the details. 

    A device will try to update from several caches eventually falling back to Sophos if need be.

    To be exact it's not SEC but SESC (the endpoint product) that creates the SophosSAU account. As this account is only needed for network access when updating from a UNC path it's not needed for Central.

    Christian

Reply
  • 0

    Hello Jack Williman,

    I'm not a Central user, still on SEC. Nevertheless at least a partial (but hopefully correct) answer.

    AFAIK Central uses tokens for authentication. The customertoken maps to a customer/license, ALUpdate downloads the applicable components, MCS (the RMS equivalent) registers the device that gets its unique ID assigned that is subsequently used for communication - and I assume updating as well. Perhaps someone with better knowledge will give you the details. 

    A device will try to update from several caches eventually falling back to Sophos if need be.

    To be exact it's not SEC but SESC (the endpoint product) that creates the SophosSAU account. As this account is only needed for network access when updating from a UNC path it's not needed for Central.

    Christian

Children
  • 0 in reply to QC

    Christian is correct. 

    Central updating is done through the token system. As for the second part of the question - how does the endpoint know what Update Caches it can talk to - those are transmitted down through policy. The endpoint is assigned to one or more Update Caches and given information to validate and authenticate against those Caches. It will then attempt to contact them during operation. If it can't, it will default to attempting to directly contact Central for updating.

    I hope that clarifies the situation for you Jack.

    If you have any further questions or concerns - please let me know.

     

    Richard

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Unfiltered HTML