Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 396 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help with Updating

apeeler

I have roughly 800 PC's on my network. At the moment they all get their updates from our primary server at our corporate office. When they update it takes up nearly 100% bandwidth. I need to set up a network share with the files necessary to allow half of those PC's to update from another server in a different location. My question is what are the files needed to be in place for updating? and whats the easiest way to get them over to my secondary location?

Thanks,

Alaina

:13717


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    You have a couple of options open to you, I'll assume that you are using SEC 4.0 or later.  Which option you choose could depend on your network configuration.

    1. Install a Sophos Update Manager (SUM) at each site.  

    These can be configured to create a local distribution location at the site.  

    In Enterprise Console you would then configure the machines at each site to update from their local update location.

    2. The SUM at your main site could push a distribution location to the remote locations.  

    The preferred method would be to install a "child" SUM at each site for a few reasons:
    1. This will cause the fewest files to be transferred over the network.  As the same files that comprise the different subscriptions will be shared and therefore only sent over the network once.

    2. This method scales the best, if you have many remote sites, the time taken to push a distribution location to each site could take quite a while and they are only pushed one at a time, so it could hold-up updates.

    3. The remote SUM can update from either a HTTP or UNC location, so if ports to be opened are a concern you can host a "warehouse" with a webserver so the child SUM only needs to be able to connect to port 80 as an example.


    The downsides of using a SUM rather than pushing a remote distribution are:
    1. You need a Windows machine at the remote location to install the remote SUM.  If you push a distribution location you only need a file server you could push the files to, this could therefore be and OS that supports a file share.  
     

    Hope that helps you decide what is best for you.

    Regards,

    Jak

    Edit, it is worth mentioning that you can also configure a Sophos Message Relays (http://www.sophos.com/support/knowledgebase/article/14635.html ) so all the management traffic (RMS traffic) goes via a certian machine on the network before ariving at the management server.  So you could install a "child" SUM at a site and also make it a message relay.  This way all the clients at the site could update from the local server and also send all managament traffic to the main SEC server via the message realy also installed on the SUM machine.  Something to think about.  

     

    :13729
Reply
  • 0

    Hi,

    You have a couple of options open to you, I'll assume that you are using SEC 4.0 or later.  Which option you choose could depend on your network configuration.

    1. Install a Sophos Update Manager (SUM) at each site.  

    These can be configured to create a local distribution location at the site.  

    In Enterprise Console you would then configure the machines at each site to update from their local update location.

    2. The SUM at your main site could push a distribution location to the remote locations.  

    The preferred method would be to install a "child" SUM at each site for a few reasons:
    1. This will cause the fewest files to be transferred over the network.  As the same files that comprise the different subscriptions will be shared and therefore only sent over the network once.

    2. This method scales the best, if you have many remote sites, the time taken to push a distribution location to each site could take quite a while and they are only pushed one at a time, so it could hold-up updates.

    3. The remote SUM can update from either a HTTP or UNC location, so if ports to be opened are a concern you can host a "warehouse" with a webserver so the child SUM only needs to be able to connect to port 80 as an example.


    The downsides of using a SUM rather than pushing a remote distribution are:
    1. You need a Windows machine at the remote location to install the remote SUM.  If you push a distribution location you only need a file server you could push the files to, this could therefore be and OS that supports a file share.  
     

    Hope that helps you decide what is best for you.

    Regards,

    Jak

    Edit, it is worth mentioning that you can also configure a Sophos Message Relays (http://www.sophos.com/support/knowledgebase/article/14635.html ) so all the management traffic (RMS traffic) goes via a certian machine on the network before ariving at the management server.  So you could install a "child" SUM at a site and also make it a message relay.  This way all the clients at the site could update from the local server and also send all managament traffic to the main SEC server via the message realy also installed on the SUM machine.  Something to think about.  

     

    :13729
Children
No Data