Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 2677 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint Detection Engine expired

wzie

G'day

We are using an offline/air gapped endpoint config and have a manual process to update the IDEs on each the clients (no Enterprise Console). A couple machines were missed and we now have their detection data older (4.74) than what is available from the oldest on the Sophos IDE page (4.77).

Anybody have a process to get the clients updated again to the latest version of the detection engine/IDEs? We tried just extracting the IDEs to C:\Program Files (x86)\Sophos\Sophos Anti-Virus, but then you end up with 1000+ IDEs...

Thanks

:26897


This thread was automatically locked due to age.
Parents
  • 0

    Hello wzie,

    it is recommended that you update the software (which also updates the detection data) at least every three months. You have no console at all or just none in your air-gapped network?

    Anyway, IMO the easiest procedure would be (you could also use it for IDE-only updates):

    1. Install SEC
    2. Subscribe to the desired version, wait for the CID to get populated
    3. Copy the contents of the CID (\\Server\SophosUpdate\CIDs\S000\SAVSCFXP) to a folder on a USB stick or CD/DVD (make sure no update of the CID is in progress)
    4. Insert the medium on the client, configure the folder as update location and request an update

    Steps 1 and 2 (if at all) and the configuration on the client (unless the device letter changes) are needed only once

    HTH

    Christian

    :26901
Reply
  • 0

    Hello wzie,

    it is recommended that you update the software (which also updates the detection data) at least every three months. You have no console at all or just none in your air-gapped network?

    Anyway, IMO the easiest procedure would be (you could also use it for IDE-only updates):

    1. Install SEC
    2. Subscribe to the desired version, wait for the CID to get populated
    3. Copy the contents of the CID (\\Server\SophosUpdate\CIDs\S000\SAVSCFXP) to a folder on a USB stick or CD/DVD (make sure no update of the CID is in progress)
    4. Insert the medium on the client, configure the folder as update location and request an update

    Steps 1 and 2 (if at all) and the configuration on the client (unless the device letter changes) are needed only once

    HTH

    Christian

    :26901
Children
No Data