Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 13590 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Air-gapped SEC521 Install, unable to get endpoints to be managed or get software to them.

roberts2

I have set up and air-gapped SEC521 server, I have followed KB article 64899.

I have copied the Warehouse files over from the connected server. Because of the way we run the network I can not push software to the endpoints to update.

So then following the quick start guide for manual install it says to look in View Bootstrap locations, to install agants on the terminals, the address is something like \\server\SophosUpdate\CIDs\SAVSCFXP\S000\ But I do not have CIDs directory in that location.

So I copied the CIDs directory from the source server, and it allowed me to install the agents and the install, down load packages and seem to work, but they do not show as managed in SEC console. I have established that this is because the Parent Address in the registry is incorrect, as it has copied from the source server.

So my question is this, Ihave read on here that I should not copy the CIDs directory, so if I don't copy that directlry at what point or how is the "new"CIDs directlry created, because I do not have one.

I realise I am doing something wrong but I have read so many KB and guide articles on the Sophos site I am now at the point of giving up and using something else that will configure easier.

HELP PLEASE!

:47377


This thread was automatically locked due to age.
Parents
  • 0

    Hello roberts2,

    I'm not sure where you've made the mistake (if at all). So I'll try to rephrase the article:

    1. Install the air-gapped SEC (aSEC) up to the Download Security Software wizard (either stop at this step or cancel it)
    2. Copy over the Warehouse folder from the connected SEC to a folder/share of your choice (e.g. \\aSEC\Source\) on aSEC
    3. Resume the wizard (or View/edit Configuration) and enter \\aSEC\Source\ as location (no credentials needed), subscribe to the appropriate packages
    4. The SUM on aSEC should now start to "download" the packages and deploy to the default share \\aSEC\SophosUpdate\ 

    IIRC setting up the default share is part of the install, it should have been created in step 1. If the share does exist but is empty then either you have not subscribed to a package, the "download" failed (perhaps due to a corrupt Warehouse) or deployment wasn't successful. In any case you should see an alert or error in the Update Managers view of the console. Apart from the fact that the source is local and "off-line" it should behave exactly as your connected SEC does

    Christian

    :47379
Reply
  • 0

    Hello roberts2,

    I'm not sure where you've made the mistake (if at all). So I'll try to rephrase the article:

    1. Install the air-gapped SEC (aSEC) up to the Download Security Software wizard (either stop at this step or cancel it)
    2. Copy over the Warehouse folder from the connected SEC to a folder/share of your choice (e.g. \\aSEC\Source\) on aSEC
    3. Resume the wizard (or View/edit Configuration) and enter \\aSEC\Source\ as location (no credentials needed), subscribe to the appropriate packages
    4. The SUM on aSEC should now start to "download" the packages and deploy to the default share \\aSEC\SophosUpdate\ 

    IIRC setting up the default share is part of the install, it should have been created in step 1. If the share does exist but is empty then either you have not subscribed to a package, the "download" failed (perhaps due to a corrupt Warehouse) or deployment wasn't successful. In any case you should see an alert or error in the Update Managers view of the console. Apart from the fact that the source is local and "off-line" it should behave exactly as your connected SEC does

    Christian

    :47379
Children
No Data