Hello, first post. We are in the process of deploying Sophos Endpoint to our Active Directory domain. In addition we have 5 computers in a workgroup that act as time clocks. I have installed the standalone AV on the first one and supplied the credentials for the software to update directly to Sophos. Because these computers are in public areas and connected to the internet, we have the firewall locked down so only traffic to the timeclock servers is permitted.
Long story short the standalone computers will not update Sophos AV over the internet. Viewing the firewall traffic, I can see the computer trying to update to 192.204.11.48. I added an exception for http traffic to that IP address and now the workstation updates to Sophos just fine. My concern is there may be more than one update server or the IP address for Sophos may change. Is there a documented range of server update IP range of IP addresses I can define on my firewall? Thank you. mark
This thread was automatically locked due to age.
