Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 19901 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Air-gapped Network Configuration

garryb73

Hello,

I am trying to configure an air-gapped solution and am getting the following problem.

I currently have a live server configured to download and deploy to my network, but need another solution for my air-gapped network.  I have therefore created a new Windows 2008 server on the air-gapped network and followed the instructions in the sophos article 64899

1. Install Enterprise Console on one of the servers in the air gap to centrally manage and update the endpoint computers in the air gap.

  1. Follow the instructions in the Quick Startup Guide to install the management software and cancel the installer when it reaches the Download Security Software wizard.
  2. Create a new folder on the desktop to be used as your update source. Call this folder Update Source and share the folder as SophosUpdateManager.
  3. Ensure that the update manager is not currently an performing an update, otherwise the files copied in the step below will be incomplete and you will have a folder that appears corrupt to the air-gapped update manager. You can view update activity with the Logviewer.exe program. Note: If an update is in progress when copying the files you will see the error could not create catalogue sdds.local when configuring the air-gapped update manager.
  4. Copy the Warehouse directory from the non-air-gapped network onto a removable storage device or CD and submit this medium to your required verification:- On the non-air-gapped network, the Warehouse directory containing the packages is as follows.
    • Windows Server 2000/2003: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Update Manager\Warehouse
    • Windows Server 2008: C:\Program Data\Sophos\Update Manager\Update Manager\Warehouse
  5. Paste the Warehouse directory to the folder Update Source (i.e., the one you created in step 2 above), which is on the desktop in the air-gapped network.
  6. On the air-gapped Update Manager, on the 'Sources' tab, set the primary source to be the UNC path to the 'SophosUpdateManager' share, e.g., \\servername\SophosUpdateManager
  7. Configure your software subscriptions to use the appropriate packages.
  8. Once your update manager has downloaded the packages, deploy them to the air-gapped network.

I have done as above, however when I recheck my subscriptions I get no available software.  Thus I am unable to deploy the software to the clients on this network.

The update manager was disable on both servers during the transfer of the warehouse, I have also included the CIFS in the transfer. 

I have checked the logviewer and cannot see any errors.

Can anyone point me to what is going wrong.

Thanks

Garry

:36645


This thread was automatically locked due to age.
  • 0

    OK, found the problem.

    In update manager I had failed to select the software in the Software subscrition window.

    I am now able to downlaod the binaries.

    :36689
  • 0

    Ah, I see, Garry. The misunderstanding occurred in posts 4 and 5 - when I said open the Recommended subscription I meant this window and I did not get it that when you said when you check the subscriptions you referred to the Subscriptions tab in Configure update manager. :smileyvery-happy:

    Anyway - glad to hear it works (and please consider marking your post as solution)

    Christian

    :36693