This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

reboot after deploy

rino19ny over 11 years ago

when deploying the av to clients, where is the setting to force the computer to install after deployment is done?

i have seen this option with kaspersky but i'm unable to find it in the enterprise console.

This thread was automatically locked due to age.

0 jak over 11 years ago

There is no option in the push from SEC to force a restart but in most cases typically all functionality works before you restart. If memory serves, the firewall and full disk encryption are exceptions (not sure if you're using the firewall or encryption), and for certain hooks to be loaded into all existing running processes: New ones would get them. It is for this reason that a reboot is requested but most of the time it's not 100% essential. The target OS also plays a part, so I guess it is easier to to say restart to ensure 100% coverage.
You can perform a pull install, by running setup.exe as part of a script/batch file, and at the end of the install that could call a restart
These article may prove useful for the "pull"/scripted approach:
http://www.sophos.com/en-us/support/knowledgebase/12570.aspx
http://www.sophos.com/en-us/support/knowledgebase/13090.aspx
Regards,
Jak
:50478
Cancel
Vote Up 0 Vote Down

Cancel
0 rino19ny over 11 years ago

hi,
twice i've deployed it and twice it mentions that a restart is reqquired for updates blah, blah.. that shows in the console.
i only have AV and none of the firewall and encryption yet.
anyway, i will do another push to another client and see since i've made registry changes to the server to correct that error that is always appearing (http://www.sophos.com/en-us/support/knowledgebase/40909.aspx)
:50488
Cancel
Vote Up 0 Vote Down

Cancel
0 rino19ny over 11 years ago

just to update, it does require a restart after deployment. please see screenshot.
:50492
Cancel
Vote Up 0 Vote Down

Cancel
0 jak over 11 years ago

It will always report a restart is required, which is true to give you 100% protection and that all functionaility works. I suspec that if you run eicar (http://www.eicar.org/85-0-Download.html) on a computer that hasn't restarted it will be detected. What I'm saying is, it's not crucial in most cases that the restart has to be peformed straight away but it depends on the components and features you want working until you do.
Regards,
Jak
:50494
Cancel
Vote Up 0 Vote Down

Cancel
0 rino19ny over 11 years ago

actually right after it was installed it does started working and blocking malicious websites. that's very good.
so long as it will keep receiving updates i think i'm fine with a delayed restart.
:50496
Cancel
Vote Up 0 Vote Down

Cancel
0 jak over 11 years ago

It will keep updating fine.
As one example of why a restart is recommended at the end of the install for the AV component....
Sophos uses the AppInit_DLLs key to inject a dll into processes as they start, this hook is used for data contol, buffer over-run and a few other things.
If you install SAV for the first time, browsers are typically open, lots of processes that would be hooked are already running, these processes would therefore not get the hook as they have alrady started pre Sophos. The simplest way to cover all processes is to request a restart of the computer as it's the only way to guarantee 100% coverage without being very specific in the messaging.
This is just one example.
Regards,
Jak
:50502
Cancel
Vote Up 0 Vote Down

Cancel