Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 36 replies
  • Subscribers 1 subscriber
  • Views 105105 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mac OS - pre-configuring Autoupdate

QC

We have quite a number of Macs (not surprising at a university) but no official Mac support. Nevertheless we offer Sophos for Macs (in a downloadable .zip archive).  

When Sophos is installed on a Mac on our network it connects to the management server from where it gets the update policy (the CIDs contain the correct mrinit.conf for RMS to work). Of course this does not work if the Mac is used at home. For windows PCs putting sauconf.xml placed in the appropriate directory does the trick. There are some articles in the knowledgebase but usually a Mac is required with which you can configure the CID (if I understand correctly). I believe no magic is actually involved and the configuration is stored somewhere in a .plist file (XML format). I suspect that the catalogues are involved and configcid.exe does not support a CID for OSX.

Or is there a "simple" way to pre-configure autoupdate (even if it's unsupported)? sau.plist looks suspicous  :smileywink:

Christian

:518


This thread was automatically locked due to age.
Parents
  • 0

    Hello Bob,

    [can't and therefore won't comment on the App vs. Package problems when using deployment tools]

    The workflow for the managed version assumes that the endpoints can connect to the management server immediately after install. Provided that the group-assignment works the endpoint will receive the desired policies.

    kimpton mentioned mainly remote users. and I assume remote means not always able to connect via RMS. If the management server isn't (directly or indirectly) accessible from "the Internet" and the endpoint is installed "outside" it won't have an updating policy. OTOH you want to have them managed when they call in via VPN or come "inside". Neither licensing the Cloud product nor "going Cloud" might be a viable short-term option - thus the inability to pre-configure the policies is a setback. In addition the loss of the "one-way management" provided by customized CIDs is a possible drawback.

    Christian

    :53081
Reply
  • 0

    Hello Bob,

    [can't and therefore won't comment on the App vs. Package problems when using deployment tools]

    The workflow for the managed version assumes that the endpoints can connect to the management server immediately after install. Provided that the group-assignment works the endpoint will receive the desired policies.

    kimpton mentioned mainly remote users. and I assume remote means not always able to connect via RMS. If the management server isn't (directly or indirectly) accessible from "the Internet" and the endpoint is installed "outside" it won't have an updating policy. OTOH you want to have them managed when they call in via VPN or come "inside". Neither licensing the Cloud product nor "going Cloud" might be a viable short-term option - thus the inability to pre-configure the policies is a setback. In addition the loss of the "one-way management" provided by customized CIDs is a possible drawback.

    Christian

    :53081
Children
No Data