This section lists changes that have been made since the release of Sophos Enterprise Console 5.2.0.
For new SEC 5.2.1 customers support for Windows 2000 computers from Enterprise Console 5.2.1 will cease at end-December 2013.
Existing customers upgrading to SEC 5.2.1, depending on their license, can subscribe to SAV 10.0 before end-December 2013 in order to continue protecting Windows 2000 computers. For information about platform retirements, see http://www.sophos.com/en-us/support/knowledgebase/119018.aspx.
A new filter has been added in the computer list view, that allows you to filter computers by alert name. Wildcards can be used to specify alert names.
A new entry showing the last logged-on user for each computer has been added in the computer list view and the Computer details dialog box. Note that this can be disabled if there are privacy concerns over the data. For more information, see http://www.sophos.com/en-us/support/knowledgebase/119239.aspx.
Sophos is introducing new software packages and is retiring some of the existing ones and the use of fixed versions. The Software Subscription dialog box will no longer display fixed packages, nor any of the following labeled packages:
For more information about available software packages, see http://www.sophos.com/en-us/support/knowledgebase/112580.aspx.
After upgrading to Enterprise Console 5.2.1, the SUMInstallSet admin share (\\Servername\SUMInstallSet on the computer where Enterprise Console management server is installed) will contain the version of SUM shipped with Enterprise Console (1.4.2). In previous Enterprise Console releases, the share contained only the version of SUM shipped with the version of Enterprise Console that was originally installed.
You can upgrade to Enterprise Console 5.2.1 directly from:
To upgrade from Enterprise Console 4.x or Enterprise Manager 4.7, you must upgrade to Enterprise Console 5.1 first.
For more information about upgrading, see the Sophos Enterprise Console upgrade guide.
For operating system requirements and supported SQL Server versions, see http://www.sophos.com/en-us/support/knowledgebase/113278.aspx.
If you don't have a supported SQL Server version (SQL Server 2005 Express or later) already installed, the Enterprise Console installer attempts to install SQL Server 2008 R2 Express Edition with Service Pack 1 (SP1).
The installer also attempts to install the following software (unless already installed):
You will need to have the following software installed:
For more information about installing required system software, refer to the Enterprise Console startup documentation published at http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx.
Enterprise Console requires certain ports to be open. For more information, go to http://www.sophos.com/en-us/support/knowledgebase/38385.aspx.
In addition to this, you will need around 200 MB - 350 MB per endpoint product you are downloading from Sophos. For example, if you download three security software products - for Windows 2000 and later, Mac and Linux - then around 700 MB would be required.
If you want to install Sophos Update Manager on a computer other than the one where Enterprise Console is installed, you will need at least:
Minimum database size
The computer where you place the database (which may be the same computer as the computer where Enterprise Console is installed or a different one) needs a minimum of 1 GB disk space for data.
Maximum database size
This section lists issues fixed since the release of Sophos Enterprise Console (SEC) 5.2.0.
Database queries have been optimized to improve the response.
The integrated purge task is executed periodically in the context of the database account set during the installation. In Enterprise Console 5.2.0, the database account did not have sufficient rights to all SophosSecurity stored procedures involved in the purge task execution. As a result, multiple error log entries were generated by each purge task execution. This problem has been resolved in Enterprise Console 5.2.1. For existing SophosSecurity installation, the upgrade process will ensure that the necessary access rights are set.
For distributed installations of Enterprise Console (with SQL Server on a different server) the Sophos Management Service may not start if the "SOPHOS" database instance was created by PureMessage for Microsoft Exchange, or if the chosen SQL Server instance has TCP/IP protocol disabled.
To work around this problem, do the following.
For information on how to prevent other users from logging on to the server during the upgrade, see http://support.microsoft.com/kb/186504/en-us.
This issue does not appear when upgrading from Enterprise Console 5.1 to Enterprise Console 5.2.1 or from Enterprise Console 5.2.0 to Enterprise Console 5.2.1.
To work around this issue, do either of the following:
For more information about issues with upgrading to Enterprise Console 5.2.1, see http://www.sophos.com/en-us/support/knowledgebase/114627.aspx.
For more information and instructions on how to enable deployment, see http://www.sophos.com/en-us/support/knowledgebase/118354.aspx.
When creating an Update Manager distribution, you cannot reference new shares named SophosUpdate because "SophosUpdate" is a reserved share name used for the default share.
Workaround: When creating new shares, use other names such as "Update".
In updating policies, when you are selecting a primary or secondary update location, the drop-down list shows the default share paths only in NetBIOS format, for example \\Server\SophosUpdate, although you may need to use the Fully-Qualified Domain Name form, for example \\server.de.acme\SophosUpdate.
Workaround: Type the FQDN path into the server location update path field.
To work around this problem, do one of the following.
Do not synchronize any Active Directory groups that contain machines which have identically-named computers; Manage the computers manually.
When a Firewall policy is applied, all application rules are removed and then re-added. During this time, if an application that is allowed by the new policy tries to make an outbound connection, the application is blocked until the new policy is applied completely.
If an endpoint registers with an SWA (SWA1), then with a different SWA (SWA2), and then returns to SWA1, it does not re-register. Its cloud URL remains as if it was registered with SWA2. Inside the user's organization it would communicate with SWA1 and outside the organization it would communicate through the cloud with SWA2.
For release notes for managed endpoint software, follow these links:
Before using Sophos Reporting Interface, read the Sophos Reporting Interface user guide.
Sophos documentation is published at www.sophos.com/en-us/support/documentation.aspx.
You can find technical support for Sophos products in any of these ways:
Copyright © 2013 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.