Force clients to request policy updates

Hello Cameron,

making the clients request the policies should be possible as per Jak's suggestion in 'Scripted push of the "Comply with Policy" task'. Regrettably SHIGGS didn't tell whether they've tried and if it worked. If I understand you correctly you want that the machines request the latest policies (as fast as possible) in the maintenance window. The procedure would be - stop the Agent service, clear the AdapterStorage, start the service and check for the storage to get be filled again.

HTH

Christian

This appears to be working on the computers I have tested so far. Thank you very much for your reply! I will try to remember to update regarding future success or failure of this implementation.

-Cameron

Hello again,

I have another question regarding the policies. Are these computers vulnerable to infection when transferring policies, or when the Sophos Agent service starts and no policies are found because I deleted them? Or am I correct to assume that the other portions of the program (e.g. Sophos Antivirus service) will continue to run using the policies loaded in memory? I want to make sure on-access scanning is enabled during the process of policy updates.

Thank you for your time!

Sincerely,

-Cameron

Hello Cameron,

as you seem to be testing anyway you could do the following to put your mind at ease :smileyhappy::

- stop the services (including AV)

- clear the adapter storage

- shut down the computer and take it off-net

- boot and check the settings

- additionally use a copy of EICAR on a removable medium to verify protection

Or the short version:

- stop the Agent only

- clear the adapter storage

- unplug the computer

- restart the Agent

- check settings (optionally verify with EICAR

- restart the AV service and check again

Christian