Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 9883 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

latest definitions for Endpoint Security and Control 10.3.1

brantgurga

Our IT outsourcing provides Sophos Enpoint Security and Control, but I don't believe it has been updating properly for some time. I contacted them, and they indicated it is updating fine. I do definitely know from the Sophos site that there is a newer 10.3.7 version engine. However, I'm unclear on the definitions. The product information version I see is:

[Anti-virus and HIPS]
-[ Software]
Sophos Anti-Virus 10.3.1
Release status Full
On-access status Enabled
Detection engine 3.50.1
Detection data 4.98G
Virus data date 2/12/2014
Items detected 6465013
Detection identities 356
HIPS rules version 10.3.33.1
HIPS configuration version 1.0.65.1
Last updated 3/1/2014 8:16:50 PM

I believe we may be updating successfully from the IT outsourcing endpoint but that endpoint is not updating. Can anybody confirm my suspicions in regards to the IDE detection data for 10.3.1 being out of date?

:52445


This thread was automatically locked due to age.
  • 0

    Looks out of date.  Compare to this screenshot of an up to date computer:

    2014-08-06_15-07-25.png

    The 'Last updated' values are when something actually installed/updated and not simply checked the parent source.  If you hover the mouse cursor over the shield...

    2014-08-06_15-31-26.png

    ...you get a date when it last checked in with the server and this doesn't mean it pulled down anything.

    Of course there is a low tech way to check, to be sure.  The IDE files below came out recently.  If you go to your AV folder do you have any of them?

    Path is:

    • 64-bit: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\
    • 32-bit: C:\Program Files\Sophos\Sophos Anti-Virus\
    IDE file nameReleased
    age-aigl.ide Couple of hours ago Wed, 06 Aug 2014 13:24
    fondu-bp.ide Earlier today Wed, 06 Aug 2014 08:54:26
    upatr-dx.ide Yesterday evening Tue, 05 Aug 2014 20:56
    zbot-isl.ide End of last week Fri, 01 Aug 2014 10:05
    age-ahtq.ide A month ago Sun, 06 Jul 2014 21:56
    :52453
  • 0

    Ironically enough now that I notified them yesterday to which they said everything was fine, I'm getting a new version pushed to me by the update mechanism. We'll see what the versioning looks like afterward.

    :52457
  • 0

    The updated engine is 10.3.7, and the definitions are updating as I'd expect now. I'm thinking they investigated despite telling me it was fine and found the distribution endpoint was indeed not updating.

    :52655