Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1235 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise design

theshadow

Hi All,

I want to discuss something with the community about a hypothetical solution.

Let's say I have a company with a Main Location and 5 Branch Locations, what would be the best way to implement

Sophos Enterprise? Do I need a management console on all locations to minimize traffic from Branch to Main location,

or can I have a management console on the main location and central update options on the branch locations.

Is there any documentation of designing complex Sophos environments.

Any comments are welcome. Cheers.

:21301


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    You don't mention the total number of clients but I'll assume you're not over 25K. :)  The number of clients per site would also be interesting to know and may change the way you approach the config at each site.  Maybe a differnt approach would be needed for a 2000 site vs a 10 user site.

    • I would suggest if you need to consolidate, to save on editing multiple policies in multiple consoles, etc. a single SEC server at the main site would be ideal.
    • Install a SUM at each site, this can either pull updates from Sophos (could have a better link than to come back to the main site?) or from the main site and make an update location available at each location for the local clients.
    • If you "need" relays, this really depends on the number of clients you're managing but it may make sense to install a message relay at each site also. /search?q= 21239  is relevant and worth a look.
    • You could install a remote management console at each site to delegate admin duties to admins or local helpdesk staff using role based administration. If the links are really poor that might be a stretch, in which case you could "share" SEC out using something like Citrix or Remote Desktop Services in 2008R2.  This could even make the console available in a browser if you really needed it.

    Hope it helps..

    Regards,

    Jak

    :21305
Reply
  • 0

    Hi,

    You don't mention the total number of clients but I'll assume you're not over 25K. :)  The number of clients per site would also be interesting to know and may change the way you approach the config at each site.  Maybe a differnt approach would be needed for a 2000 site vs a 10 user site.

    • I would suggest if you need to consolidate, to save on editing multiple policies in multiple consoles, etc. a single SEC server at the main site would be ideal.
    • Install a SUM at each site, this can either pull updates from Sophos (could have a better link than to come back to the main site?) or from the main site and make an update location available at each location for the local clients.
    • If you "need" relays, this really depends on the number of clients you're managing but it may make sense to install a message relay at each site also. /search?q= 21239  is relevant and worth a look.
    • You could install a remote management console at each site to delegate admin duties to admins or local helpdesk staff using role based administration. If the links are really poor that might be a stretch, in which case you could "share" SEC out using something like Citrix or Remote Desktop Services in 2008R2.  This could even make the console available in a browser if you really needed it.

    Hope it helps..

    Regards,

    Jak

    :21305
Children
No Data