Sophos Enterprise Manager release notes

Version numbers

Sophos Enterprise Manager 4.7.0
Sophos Update Manager for Windows 1.2.1

Important notes

  • Sophos Reporting Interface is not supported for use with Enterprise Manager.
  • Downgrading from Enterprise Manager to older versions of Enterprise Console, for example, 3.1, is not supported.
  • Downgrading from Enterprise Console to Enterprise Manager is not supported.

System requirements

Supported operating systems and SQL Server versions

For operating system requirements and supported SQL Server versions, see http://www.sophos.com/support/knowledgebase/article/113278.html.

Hardware requirements

  • Processor: 2.0 GHz Pentium or equivalent.
  • Memory: 1 GB RAM.
  • Disk space: 1.5 GB for complete Enterprise Manager installation without SQL Server 2008 Express; 1.8 GB for complete Enterprise Manager installation with SQL Server 2008 Express.

    In addition to this, you will need around 200 MB - 350 MB per endpoint product you are downloading from Sophos. For example, if you download three security software products - for Windows 2000 and later, Mac and Linux - then around 700 MB would be required in the Documents and Settings folder.

Minimum database size

You will need a minimum of 1 GB disk space for data.

Maximum database size

For Microsoft SQL Server 2008, there is no limit apart from that set by the administrator.

Software requirements

  • At least Internet Explorer 7 or later

To enable Enterprise Manager to communicate with managed workstations, open ports 8192 and 8194 on the computer where Enterprise Manager is installed. To enable Sophos Update Manager to download security software from Sophos, open port 80 on the computer where Enterprise Manager is installed.

Known issues

Installation

  • (WKI 65133) Windows installer returns error 1618 after SUM self-update error (error 4294967295). This happens when the SUM self-update runs and VCRedist or another installation is running at the same time and taking a long time to complete. Workaround: Wait for the installation to finish and try again.
  • (DEF 58819) Enterprise Manager installs Microsoft .NET Framework 3.5 Service Pack 1 as a prerequisite, because of which you may experience issues with components related to Exchange Web services including the following:
    • Outlook Web Access
    • Office Communications Server integration
    • Outlook Address Book
    • Out of Office notifications
    To resolve these issues, install the update for .NET Framework provided in Microsoft Knowledge Base article 959209 (http://support.microsoft.com/kb/959209).
  • (DEF 56630) If an Internet connection is present, the included Microsoft .NET 3.5 SP1 installer will download the latest .NET installer, even if unnecessary. This can take a long time. Workaround: disable internet access during installation.
  • (DEF 50935) Installing SQL Server Express 2008 SP1 on Windows 7 or Windows 2008 R2 as part of Enterprise Manager installation may fail, showing "InstallShield Wizard Interrupted" and error "Microsoft SQL Server 2008 Express Edition installation failed. Re-run Enterprise Manager setup when this error has been rectified." This is a SQL Server Express 2008 bug.

    To work around this problem, re-attempt installation of Enterprise Manager. For more information, see http://www.sophos.com/support/knowledgebase/article/110615.html.

Downgrading

  • (SUG 71703) If you were previously using Enterprise Console and its Data Control functionality, after uninstalling Enterprise Console and installing Enterprise Manager, Data Control will still be visible on endpoint computers in the Sophos Endpoint Security and Control user interface, although it will not function.

General

  • (DEF 69950) If you uninstall Sophos TDL3 Rootkit Cleanup Tool version 1.1 on a computer with Sophos Endpoint Security and Control 9.7 installed, Sophos Anti-Virus will fail to perform a system memory scan reporting the following error: “Scanning ‘Memory’ returned SAV Interface error 0xa0040202: Scan failed.”

    This issue does not arise if you use Sophos TDL3 Rootkit Cleanup Tool version 1.2 or later, available for downloading from the Sophos website.

    To work around this issue, remove any installations of Sophos TDL3 Rootkit Cleanup Tool 1.1 prior to installing Sophos Endpoint Security and Control 9.7 on computers. Do not install Sophos TDL3 Rootkit Cleanup Tool 1.1 on computers running Sophos Endpoint Security and Control. Use Sophos TDL3 Rootkit Cleanup Tool 1.2 or later instead.

    If you have encountered this issue, see http://www.sophos.com/support/knowledgebase/article/113403.html.

  • (DEF 61278) Default distribution share reserved name SophosUpdate

    When creating an Update Manager distribution, you cannot reference new shares named SophosUpdate because "SophosUpdate" is now a reserved share name used for the default share.

    Workaround: When creating new shares, use other names such as "Update".

    In updating policies, when you are selecting a primary or secondary update location, the drop-down list shows the default share paths only in NetBIOS format, for example \\Server\SophosUpdate, although you may need to use the Fully-Qualified Domain Name form, for example \\server.de.acme\SophosUpdate.

    Workaround: Type the FQDN path into the server location update path field.

  • (DEF 58734) When finding new computers on the network using "Import from Active Directory", Enterprise Manager may fail to differentiate between multiple computers with the same name, and may switch them between groups alternately. This situation may arise where identically-named computers are situated on different domains or sub-domains.

    To work around this problem, do one of the following.

    • Ensure that Sophos RMS (Remote Management System) is installed and running on all identically-named computers before attempting to find them from Enterprise Manager.
    • Eliminate duplicate computer names on your network.

Device control

  • Camera devices are not blocked using device control. By default, these devices cannot have data written to them using Windows Explorer.

Sophos Client Firewall

  • (DEF 22335) An allowed application is blocked temporarily by Sophos Client Firewall.

    When a Firewall policy is applied, all application rules are removed and then re-added. During this time, if an application that is allowed by the new policy tries to make an outbound connection, the application is blocked until the new policy is applied completely.

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2011 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.