Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 15862 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom Standalone Mac Installer

Carob

Hello.  I'm hoping someone can help with a question or two.

In the past we have created custom install packages for our Mac clients.  A "managed" version that after install reports back to our server for updates, has our server as the primary location and Sophos as the secondary, etc and an "unmanaged" version that only has Sophos as the primary update location as well as a few custom preference settings.  This had been done using the SUM tool but I've been told that product no longer works for version 9.x.  I can use the .mpkg file from our server as the "managed" version installer but nobody can tell me how to create the custom "unmanaged" version.

I feel there must be a way to acomplish this but don't know how.  I find it odd that Sophos would remove the abilities of the SUM tool without having something to take its place.  SUM still works and downloads data but only downloads old data.

Can someone tell me how we are supposed to continue offering the "unmanaged" version to our users?  I know Sophos has the stand-alone version of the products available on the website for download but that isn't configured the way we could like it for our customers.  If there was a way to modify the settings inside ofthat package perhaps that might work but I don't know if that's possible either.

Any help is greatly appreciated.

Thanks!

:44747


This thread was automatically locked due to age.
  • 0

    Hello Carob,

    please see Re: SEC 5.2.1 and Sophos for MAC OS X Preview (9.0.3) and Re: Mac OS - pre-configuring Autoupdate for version 9.0.x (you might want to read some of the other posts in these threads as well).

    I can use the .mpkg file from our server as the "managed" version installer

    As far as I understand doing it this way the Macs will communicate with the management server, appear in the Unassigned group and subsequently get the the updating policy when moved to the appropriate group. Your comments are welcome.

    Christian

    :44763
  • 0

    There is always Sophos Cloud.  A computer - wherever it is in the world - can be managed.  And all updating is to Sophos servers (no central share to maintain).

    http://www.sophos.com/en-us/products/cloud.aspx

    :44767
  • 0
    QC wrote:

    Hello Carob,

    please see Re: SEC 5.2.1 and Sophos for MAC OS X Preview (9.0.3) and Re: Mac OS - pre-configuring Autoupdate for version 9.0.x (you might want to read some of the other posts in these threads as well).

    I can use the .mpkg file from our server as the "managed" version installer

    As far as I understand doing it this way the Macs will communicate with the management server, appear in the Unassigned group and subsequently get the the updating policy when moved to the appropriate group. Your comments are welcome.

    Christian

    Correct, we want the "managed" version to communicate with the server and appear in "unassigned".  No problems there.  The problem lies in being able to create the "unmanaged" version.  I have responsed to the first thread you mentioned.  Hopefully something will come of that.  The second thread seems of no help for my particular situation.

    :44791
  • 0

    There is always Sophos Cloud

    What a shameless plug :smileyvery-happy:. Seriously - Sophos Cloud is not yet a replacement for the EndUser subscriptions. And then, I don't think you'll get the Sophos infrastructure for free - i.e. transferring some of your user licenses to Cloud means extra costs.

    Christian

    :44807
  • 0

    You could say it was a plug, but then again I know a few customers who want "unmanaged" options simply because they couldn't work out how to manage lots of remote workers (or maybe just a handful), with just a laptop, working from home and hardly ever in the office and bouncing around a lot of different wifis (sales reps., health professionals on patient home visits, etc).

    To make it work it would involve RMS over WAN and message relays in DMZs with port forwarding and extra routing and firewall rules.  A lot of Windows servers with registry edits to change default broadcast addresses.  And having a failover to 'Sophos' as the secondary update source could mean computers report 'unknown' in the up-to-date column of the console so it's not ideal.  Painful for SMEs and quite often a non-starter for those who haven't the time to implement and maintain it.

    Cloud offers the ability to turn a lot of previously unmanageable installations into very simple managed ones.  The unthinkable is now possible.  Hence when someone says 'unmanaged' I'd consider do they truly mean that or is it a historical

    preconception at work?

    Just wanted to throw this idea into the ring - feel free to toss it right back out again. :smileyhappy:

    :44817
  • 0

    Hello ruckus,

    what you say is very true (and I think I've already suggested Sophos Cloud in one or two posts). I wasn't tossing it out at all - only pointing out that at this time one probably can't convince management to acquire it in addition.

    Christian

    :44821
  • 0

    Any chance to stay on topic here and help me?

    :44835
  • 0
    Carob wrote:

    Any chance to stay on topic here and help me?

    Yep, you're right.  See this article...

    http://www.sophos.com/en-us/support/knowledgebase/119744.aspx

    :44849
  • 0
    ruckus wrote:
    Carob wrote:

    Any chance to stay on topic here and help me?

    Yep, you're right.  See this article...

    http://www.sophos.com/en-us/support/knowledgebase/119744.aspx

    That looks like the only options though.  Configuring Primary and Secondary update locations.  No other options.  If that is correct, that really doesn't help here.  I'm sure the Stand-alone insataller from Sophos has Sophos configured as the Primary location anyway.  (Which is what we want.)  But, being able to set options in the software itself so that things are preconfigured after the install is what we need.  If you are familiar with how SUM worked...  same thing.

    :44851
  • 0

    No solutions here?

    Why would Sophos take away a tool that people use and not replace it with something?  I don't know how we are supposed to provide what some of our people need.  I have multiple open cases with Sophos and don't seem to be making progress on any of them.

    :44995