Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 14659 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Clients appearing offline in SEC 5.1

Tommy123

Hi All,

I have recently installed SEC 5.1 with 10 clients on in preperation for an upgrade from 4.7 later this year. 

For some reason some clients after a period of time get a little red cross on them, these can be virtual and physical machines. The machines are not turned off and are still getting updates from the SEC.

To get them back green I can either reboot them, restart the client message router or re protect them.

Anyone else had this issue?

Thanks

Tom

:39143


This thread was automatically locked due to age.
Parents
  • 0

    Hi Tom

    you can believe me - I have had hours (if not days) with Sophos and such discussions. We have got the same situation. In our environment with approx 2000 machines, they will loose the connection to the management. I have also noticed from many other customers that they experience the same issue. The problem is that no one really finds a solution except the following:

    On a client with the problem, just check out this folder: c:\ProgramData\Sophos\Remote Management System\3Router\Envelopes

    There should be some files. Sophos stores it's messages to this router and they will be sent via Remote Management Service. If the connection breaks up and is not restarted, Sophos will wait until there are several messages in this folder and automatically reastert the service. However, in a low-configured environment with Anti Virus only, this might be a bit problematic, as only 5-10 messages are created in a day.

    On your clients you can configure via a regkey how long the service will wait until it restarts. Use this batch codes (to execute in Windows CMD) in order to wait for 30 messages in the folder until a restart is done:

    reg add "HKLM\Software\WOW6432Node\Sophos\Messaging System\Router" /v MonitorEmSender /t REG_DWORD /d 1 /f
    reg add "HKLM\Software\WOW6432Node\Sophos\Messaging System\Router" /v MonitorEmSenderMaxFailures /t REG_DWORD /d 30 /f

    Otherwise, to keep it more simple you can also restart the "Sophos Message Router" windows service on the affected machiens after they're offline

    Regards

    :39153
Reply
  • 0

    Hi Tom

    you can believe me - I have had hours (if not days) with Sophos and such discussions. We have got the same situation. In our environment with approx 2000 machines, they will loose the connection to the management. I have also noticed from many other customers that they experience the same issue. The problem is that no one really finds a solution except the following:

    On a client with the problem, just check out this folder: c:\ProgramData\Sophos\Remote Management System\3Router\Envelopes

    There should be some files. Sophos stores it's messages to this router and they will be sent via Remote Management Service. If the connection breaks up and is not restarted, Sophos will wait until there are several messages in this folder and automatically reastert the service. However, in a low-configured environment with Anti Virus only, this might be a bit problematic, as only 5-10 messages are created in a day.

    On your clients you can configure via a regkey how long the service will wait until it restarts. Use this batch codes (to execute in Windows CMD) in order to wait for 30 messages in the folder until a restart is done:

    reg add "HKLM\Software\WOW6432Node\Sophos\Messaging System\Router" /v MonitorEmSender /t REG_DWORD /d 1 /f
    reg add "HKLM\Software\WOW6432Node\Sophos\Messaging System\Router" /v MonitorEmSenderMaxFailures /t REG_DWORD /d 30 /f

    Otherwise, to keep it more simple you can also restart the "Sophos Message Router" windows service on the affected machiens after they're offline

    Regards

    :39153
Children
No Data