Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 5780 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

This solution is not acceptable

Hudson

I work in a School District that is extremely understaffed.  We have 3000+ computers and 1 person to work on tech problems and one person to manage the network.  Up until this year we ran Sophos as standalone on all machines but setup the console and have managed to get 350 machines in the console.  That still leaves 2700+ computers running Sophos stand alone.  This screw up has affected the large majority of our computers and you expect us to some how go out and touch every one of these machines?  That would take our department probably a year to do.  I need to know the best ideas of what can be done to fix this.  We can not be without updated antivirus for long.  I need suggestions quick because I have people to answer to.

:32263


This thread was automatically locked due to age.
  • 0

    I know you already know this, but this is going to be extremely difficult since you do not have standardized naming.  You are going to have a do a data dump from each of your DHCP servers to get the full list.  Then, as far as I know, you are going to have to custom-write either a .bat or .vbs file that can copy the data down to each machine.

    Is everybody else getting a dial tone when you call Sophos?  This is absolutely unbelievable.  I feel for you, Hudson.  I'm sorry you're in this situation.

    :32385
  • 0
    Hudson wrote:

    I have an ftp site setup that anyone can access.  So if there is a batch file or something that I could get that could be run on all machines then that is an option.  The breakdown is probably something like 2000+ machines as standalone running with delete under on access, 500 set to deny access, 500 set to deny access and move, and 350 in console.

    Is it safe to take this request as meaning you have at least some method of centrally deploying a file? For example, a tool like Zenworks or Altiris? If you can give me a run down of any options you have for centrally performing actions on remote computers, please do and I'll see if I can figure out an option that works for your environment.

    :32393
  • 0

    There is nothing to centrally deploy files at this time.  Any thing we do takes forever to implement with our staff size.  In this past year we went from unmanaged switches to managed switches, from thick APs to Thin APs with a controller, from Sophos completely standalone to setting up console with update managers at each schools and putting in 350 computers, and from no AD servers to having the servers at each school waiting for licensing to be purchased.  But as you can see we can only do so much in the time we have and with the budget we have.  This is the most depressing thing to happen in a long time because it adds even more to our plate that is already full with school starting a month ago.  That is why it is so difficult to even imagine what is going to be required to fix this.

    :32411
  • 0
    Hudson wrote:

    There is nothing to centrally deploy files at this time.  Any thing we do takes forever to implement with our staff size.  In this past year we went from unmanaged switches to managed switches, from thick APs to Thin APs with a controller, from Sophos completely standalone to setting up console with update managers at each schools and putting in 350 computers, and from no AD servers to having the servers at each school waiting for licensing to be purchased.  But as you can see we can only do so much in the time we have and with the budget we have.  This is the most depressing thing to happen in a long time because it adds even more to our plate that is already full with school starting a month ago.  That is why it is so difficult to even imagine what is going to be required to fix this.

    That is definitely a tough position you're in.

    Do you mind sharing what your cleanup options and whether or not you use Live Protection? If Deny Access is your cleanup option, and you've enabled Live Protection, then in theory you just need to cleanup the alerts and maybe reboot a few systems. Please be sure you've gone through the advisory KBA anyhow, as you'll be able to ease your work load some through the processes and options listed there.

    :32445
  • 0

    Hi,

    I would suggest that you focus on the 2000 machines that have the clean up option set to delete. As this is the majority and the remaining machines will be easier.

    I would focus on one individual client first. Does the article 118323 resolve the issue?

    You may need to create a WebCid - KB 38238 to get the script to function correctly.

    If the above script does work, how would you normally manage these machines e.g. Install applications? Do you push them out via a application or do you get the end users to install them? You could put the script into a batch file and push this out via the method you use.

    The articles on our website are being updated. The main article is 118311

    Regards

    Gareth

    :32553
  • 0

    We are currently working on a fix for standalone users who may be affected by this, would you be able to confirm what OS and SAV versions you are using? As this may help us get a tool to you faster, thank you and we apologise for the frustrations you have with us at the moment, but the more info we have on your standalone endpoints the more robust (certainly in your instance) we can make the tools.

    :32601