We have recently moved onto a new network comprising of a SBS 2008 server with 20 Windows 7 32-bit clients. There is also a Windows 7 64-bit client and a Vista SP2 32-bit client in the office too. We have migrated the Sophos Enterprise Console, SUM and the PureMessage installation directly from our older SBS 2003 server. Everything has gone ok except for Sophos Endpoint install on each new client which at the moment is in complete disarray. As of writing we have stand alone installations which means my organisation can't centrally manage security across our network.
From the start what has happened is my IT firm, with no prior experience of deploying Sophos endpoint on a Windows 7 client network, has tried to push each client through the enterprise console. This of course went and failed because they needed to start the remote registry service prior to installation. They decided due to time constraints to install each client from the network share. Adding each computer to the enterprise console shows each computer, despite that they all have endpoint installed, as unprotected.
I have downloaded the advanced startup guide and followed the instructions to the letter for a Windows 7 install on a test machine. Before I go on any further I must say how ridiculous it is to have to disable UAC (albeit temporarily), the firewall, 128-bit encryption, enable some firewall rules and remote registry on each and every computer we want to protect. That's a lot of configuration to work around our small network let alone a bigger one. Is this going to improve in future releases?
I have observed that the client will install correctly but does not report back to enterprise console. The error message is eventually "fffffffd This computer is not yet managed. It is protected but has not yet reported back its status."
Any suggestions or advice from anybody with a similar setup? Any indications on whether the upcoming enterprise console 4.5 is going to be any kinder to us?
This thread was automatically locked due to age.
