Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 9886 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upgrade from Endpoint UTM to Endpoint Standard with EC

ChrisBKA

Hi all,


i have to migrade a customer from UTM Endpoint Protection to the good old Enpoint Standard with EC ...

EP 10.3

EC: 5.3.0

Here is what i've done yet:


1- Install EC und configure updates etc. (GPO, FW def and stuff which is important according to the deployment guides...)

2- Install the first client computer from EC (which had never installed any sophos AV before) - worked like a charm ...

3- tried to migrate a client pc from EC  on which UTM Endpoint Protection was installed before...
 - also worked, this one received the "disable tamper protection"-command from the UTM ... 

4- tried many other clients - a few worked a few not. :-(

Coming to my questions:

1.
Is there a way to do scripted disabling of tamper protection with or without providing the password !?

2.
Why are the Clients telling the EC that everything is fine .... including updates and stuff ... but it very is NOT , cause the client is telling the user that no updates could be performed ? This only happens while this  "sophos Management Communications System" is still installed.

Im really stuck at the moment, cause i have aprox. 30 Cleints left which won't install at all
and a few on which this update issue still persists...

Any  ideas?

Thanks in Advance,

Chris



This thread was automatically locked due to age.
  • 0

    Hello Chris,

    I'm just an EC guy - might be that RMS dismisses the AutoUpdate error for MCS. Anyway please see ERROR: Download of Sophos Management Communications System Endpoint failed ... (which implies that you have to uninstall the UTM managed version first). As to TP I'd be surprised if you could script it, should be done from the UTM WebAdmin interface. (and yes, following the Disable Tamper Protection on the endpoint link you a directed back to the main article).

    What is won't install at all - using Protect Computers from SEC while UTM Endpoint is still installed? If Protect fails but at least the install has started there should be a Sophos ES setup.log in %windir%\Temp\ with the details of the failure. 

    Christian

  • 0 in reply to QC

    Hi Christian,

    many thanks for your reply.

    After using "Protect Computers" from the EnterpriseConsole the client could behave like:

    1. Install the new AutoUpdate (so the Updatepath in the Client changes) and The EP Client Changes from "UTM" to the Standard Installation (Displayed above the Version information on the dashboard) but nothing else

    2. Nothing happens and an error will be reported to the EC (this is "Won't install at all)

    3. Again nothing happens and another error will be reported (this is "Won't install at all)

    Another thing is, that the Clients didn't accept that "Turn off TP" Command from the UTM when you Turned it off for a whole group. Even when i tried this for single clients - no change of TP on the EP

    .... i think i have to solve it by hand ... even if i don't want this... Thanks in advance for some furhter ideas...,

    Cheers Chris

  • 0 in reply to ChrisBKA

    Hello Chris,

    no change of TP on the EP
    The How to has a (actually two) note in the from the UTM section stating: Locally Sophos Endpoint Security and Control will still show Tamper Protection as enabled however the uninstaller will allow the software to be removed so I guess there is no visible indication on the endpoint.

    Nothing happens and an error will be reported to the EC
    what is nothing? Apparently the endpoint version is installed together with the SEC management component (RMS instead of MCS). So what else do you expect to happen (in order to verify that the endpoints are up to date go to the Endpoints view in the console, tab Anti-Virus details and check the Detection data and IDEs columns)? What is the error that is reported?

    by hand
    more or less - the endpoint version can't "upgrade" a UTM or Cloud version so you have to uninstall first. A scripted uninstall should work for the UTM version alike though.  

    Christian