Sophos Antivirus Deployment How-To.

2:38 PM  Guillaume  3 comments

I came across a couple of issue while test-driving Sophos Antivirus Enterprise.

Here are the correct steps to deploy Sophos to Windows machines (XP, Vista and 7):

  1. Create a GPO named Disable UAC with the following settings and apply it to your hosts (Computer Configuration):
    Computer Configuration (Enabled)\Policies\Windows Settings\Security Settings\Local Policies/Security Options\User Account Control\Policy Setting
    User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
    User Account Control: Detect application installations and prompt for elevation Disabled
    User Account Control: Run all administrators in Admin Approval Mode Disabled

  2. Create a GPO named Remote Registry Service with the following settings and apply it to your hosts (Computer Configuration):
    Computer Configuration (Enabled)\Policies\Windows Settings\Security Settings\System Services\Remote Registry (Startup Mode: Automatic)
    Allow NT AUTHORITY\Authenticated Users Read
    Allow NT AUTHORITY\Authenticated Users Start, Stop, Pause and continue
    Allow CONTOSO\Domain Admins Full Control
    Allow CONTOSO\Domain Users Read
    Allow CONTOSO\Domain Users Start, Stop, Pause and continue

  3. Create a GPO named Sophos Firewall Exceptions with the following settings and apply it to your hosts (Computer Configuration):
    Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile
    Windows Firewall: Allow inbound file and printer sharing exception Enabled
    Windows Firewall: Allow inbound remote administration exception Enabled
    Windows Firewall: Define inbound port exceptions Enabled
    Define port exceptions:
    8192:TCP:*:enabled:SophosAdmin
    8193:TCP:*:enabled:SophosAdmin
    8194:TCP:*:enabled:SophosAdmin
    Windows Firewall: Define inbound program exceptions Enabled
    Define program exceptions:
    %programfiles%\Sophos\Sophos Anti-Virus\SavMain.exe:*:enabled:SophosAV

  4. Run the following command in your logon script: "netsh firewall set service type=FILEANDPRINT mode=ENABLE"
You should now be able to deploy Sophos Antivirus seamlessly.

Namaste.

Posted in: ,,,,

3 comments:

Excellent!

Had major deployment issues with my Sophos clients lately - applied these GPO settings and off I went....just need to work out how to wipe out the old McAfee installs now ;-)

Best your blog Suggest...
To get the Kaspersky Firewall turned on, first, open the Settings window of Kaspersky Antivirus. After that, go to the Protection section that appears in the Settings Window. Then, select Firewall from the right frame and then click on it to get it turned on.

 Kaspersky Support Number UK
Kaspersky Upcoming Information UK

 Kaspersky Customer Care Number UK

I was just worried about how to get my issue fixed but, this post really helped me. I must say that writers as knowledgeable of writing and

therefore this post is written very carefully using simple and unique words. Modify Account Settings for Yahoo Mail | print copy of an email message in

AOL

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More