Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1441 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No monthly update when updating directly through Sophos

Fabrice

Hello,

My first post :)

I have created a standalone installer package following KB below as some of our computers need to be installed by this way.

http://www.sophos.com/support/knowledgebase/article/67504.html

It is working fine...

Autoupdate location settings are:

* Primary update location = internal server

* Secondary update location = Sophos

We are using a message relay in our DMZ to collect information from our computers that are not always/often connected to our network.

However, i created the package in November 2011 and deployed it also in November 2011 on few computers for testing.

Updates are working well, communication with the management server through message relay, etc...

Since December, i noticed that all computers that are mainly updated from Sophos are displayed with 'Unknown' status in Sophos Console.

The detection data has not been updated to 4.72G (remains to 4.71G version) but IDEs count continue to increase.

I tried to delete status.xml file + force the update ==> same results.

Client version is 9.5.5

Is there a way to update Detection Data and Detection Engine when the main updates are provided by Sophos for some computers (due to budget constarints, we are not able to create a WebCID for the for moment)?

What is the impact to have Detection Data/Engine not updated and only IDEs detected?

Thanks by advance for your Help.

Regards,

Fabrice

:19425


This thread was automatically locked due to age.
  • 0
    Hello Fabrice,

    recent detection data/engine (not older than three months) + latest IDEs are identical in terms of protection.
    Now I guess that clients updating from Sophos come last when the monthly updates are rolled out and they likely will get 4.72 soon.

    Christian
    :19447
  • 0

    Thanks Christian for your response.

    However, i am not sure to fully understand this:

    Now I guess that clients updating from Sophos come last when the monthly updates are rolled out and they likely will get 4.72 soon

    I understand

    I have some test laptops that are continuing to update their IDEs files from Sophos but stay with previous detection engine. For the moment, i have this:

    Detection Data: 4.71G with 305 IDEs

    I understand why the status is unknown as there is no  correspondance between the information above and information inside the Packages table in Sophos db.

    But my question is... what will launch the update of detection engine (what is the trigger event in the update process)?

    Not sure to be completly clear :smileywink:

    Thanks.

    Fabrice

    :19451
  • 0

    Hi again,

    I respond myself to one of my question regarding unknown status displayed in the console.

    I added a new 'Software Subscription' with Version 9.5.5 VDL4.71G and after the creation of the new fodler, the 'impacted' computers with unknown status change to Uptodate = YES.

    Still have this question, so:

    But my question is... what will launch the update of detection engine (what is the trigger event in the update process)?

    Perhaps, it is related to this:

    http://www.sophos.com/downloads/ide/

    It displays: 'The current web version is IDEs for SAV version 201111 (4.71)'

    Thanks.

    Regards,

    Fabrice

    :19455
  • 0
    Hello Fabrice,

    a month has approx. 30.67 days :) - deploying a monthly update to all of the customers and all the distribution network in one shot would mean quite a load for a short period of time and then not much for the remaining 30 days or so. Instead deployment is staged over a few days. Not all licensees will get a new update on the same day and not all products are necessarily updated on the same day (as opposed to IDE updates which are "immediately" available). I just assume that the "CID" for stand alone clients is updated after the warehouse for the SUMs. Keep in mind that your SUM has only one version and the applicable IDEs avaiiable and that the updating mechanism is a little bit different for updating from your CIDs and from "Sophos" - and an "uplevel" client returning to its home CID would complicate things.

    Simply put - the client, when comparing its cache to the update location contents, checks whether there are only IDE additions or other changes. The latter trigger the update which installs the newer versions (data, engine, rules, ...).

    Christian
    :19461