Your SlideShare is downloading. ×
Sophos Small Business Solutions 2.0 upgrade guide
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Sophos Small Business Solutions 2.0 upgrade guide

655
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
655
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SMALL BUSINESS SOLUTIONS 2.0 Upgrade guide Describes upgrading to the new versions of: Sophos Control Center Sophos Anti-Virus Sophos Client Firewall Document date: September 2006
  • 2. About this guide This Sophos Small Business Solutions 2.0 upgrade guide describes the procedure for upgrading from Sophos Control Center version 1 to Sophos Control Center version . In particular, it  Tells you about new features in Sophos Small Business Solutions.  Outlines the procedure for upgrading to Sophos Control Center version .  Guides you through the upgrade step by step.  Details post-upgrade tasks. You can find details of all other configuration options of Sophos Control Center, that are not covered in this guide, in Sophos Control Center Help. Sophos documentation is published at www.sophos.com/support/docs and on the Sophos Install CD. 
  • 3. Contents About this guide ............................................................................................ 1 Sophos Small Business Solutions overview ..............................................4  What’s new in Sophos Small Business Solutions? ...................................6  System requirements ..................................................................................9 4 Preparing to upgrade ...............................................................................1 5 Upgrading Sophos Control Center .........................................................15 6 Upgrading computers on the network ...................................................17 7 Upgrading computers manually .............................................................0 8 Upgrading computers not on the network ............................................. 9 Firewall configuration .............................................................................4 10 Checking computers are protected .......................................................6 11 Setting up scanning for potentially unwanted applications ................8 Glossary .......................................................................................................1 Appendix 1. Upgrading an additional Sophos Control Center console .. Appendix . Proxy details ...........................................................................5 Appendix . Changing the download folder .............................................6 Appendix 4. Protecting computers with the firewall.................................7 Technical support .......................................................................................8 . 
  • 4. Sophos Small Business Solutions 2.0 upgrade guide 1 Sophos Small Business Solutions overview The new edition of Sophos Small Business Solutions comprises three products: Sophos Security Suite, Sophos Computer Security, and Sophos Anti-Virus. The table below shows which software is included in each product. Product Sophos Sophos Sophos Security Suite Computer Anti-Virus Software Security Sophos Control Center    Sophos Anti-Virus    Sophos Client Firewall   Sophos PureMessage  Sophos Control Center enables you to centrally deploy, update, and monitor anti-virus and firewall software on your computers, thus protecting them against viruses, worms, Trojans, spyware, hackers, and potentially unwanted applications (PUAs). Sophos Anti-Virus (for Windows 98/Me/000 and later, and Mac OS X) detects and eliminates viruses, worms, Trojans, and spyware on your computer or network. Sophos Anti-Virus 6 for Windows 000 and later also detects and removes potentially unwanted applications such as adware, dialers, remote administration tools, and hacking tools. Sophos Client Firewall (for Windows 000 and later) can limit access to the company network or the internet to specifically permitted applications or classes of applications. It proactively locks down computers, protecting networks against internet worms, hackers and the risk of virus infection from unprotected computers, especially those that connect directly to the internet. 4
  • 5. Sophos Small Business Solutions 2.0 upgrade guide Sophos PureMessage (for Windows/Exchange) provides integrated gateway and messaging protection from viruses, spyware, and spam. It scans all inbound, outbound, and internal email messages and Exchange message stores and includes threat reduction technology to protect against new or unknown email-borne threats. To learn more about Sophos security software, refer to the respective Help or user manual. To learn more about threats, go to www.sophos.com/security. 5
  • 6. Sophos Small Business Solutions 2.0 upgrade guide 2 What’s new in Sophos Small Business Solutions? Sophos Control Center 2.0  Support of the latest versions of anti-virus and firewall software The new version of Sophos Control Center includes the ability to install, configure, and monitor Sophos Anti-Virus 6 and Sophos Client Firewall for Windows 000 and later. Using Sophos Control Center, you can also configure and monitor the latest versions of Sophos Anti-Virus for Windows 98/Me and Mac OS X (versions 4.6 and 4.8 respectively). You will have to install or upgrade Sophos Anti-Virus on Windows 98/Me and Mac OS X computers manually as described later in this guide. 6
  • 7. Sophos Small Business Solutions 2.0 upgrade guide  Central scanning of computers Sophos Control Center allows you to set up scheduled scanning of the computers on your network. Scheduled scanning on computers is available on all Windows platforms; it is not available in Sophos Anti-Virus for Mac OS X.  Centralized detection and cleanup of potentially unwanted applications Sophos Control Center displays detected potentially unwanted applications and provides a link to the Sophos website where you can obtain more detailed descriptions of threats. From Sophos Control Center, you can also authorize detected applications or remove them from the computers.  Centralized cleanup of networked computers With Sophos Control Center, you can centrally clean up computers that are infected with a virus or have unwanted applications on them.  Reporting and notifications Sophos Control Center now allows you to generate summary reports, including any notifications of errors, and email them to others.  Managing via Terminal Services or Citrix It is possible to manage Sophos Control Center via Terminal Services and/or Citrix.  Launching PureMessage If PureMessage console is installed on the same computer as Sophos Control Center, you can launch PureMessage console from Sophos Control Center. 7
  • 8. Sophos Small Business Solutions 2.0 upgrade guide Sophos Anti-Virus 6 for Windows 2000 and later  Detection and cleanup of potentially unwanted applications Sophos Anti-Virus 6 can scan for potentially unwanted applications, prevent them from running on and clean them from your computer or network. Potentially unwanted applications detected by Sophos include a wide range of programs that perform actions such as displaying advertising, tracking websites visited, or changing the configuration of a computer. Sophos Client Firewall for Windows 2000 and later Sophos Client Firewall can limit access to the company network or the internet to specifically permitted applications or classes of applications. It proactively locks down computers, protecting networks against internet worms, hackers and the risk of virus infection from unprotected computers, especially those that connect directly to the internet. Sophos PureMessage 2.6  Extended reporting functionality PureMessage .6 provides reports for SMTP, NNTP, and Exchange Information Store scanning (earlier versions of PureMessage provided only SMTP reports). PureMessage provides the following reports: message categorization, quarantine database size, quarantine folder size, top virus and spam recipients, top viruses, and spam score range volumes. For a full list of features in each application, refer to the respective Help or user manual. 8
  • 9. Sophos Small Business Solutions 2.0 upgrade guide 3 System requirements Sophos Control Center and server components Operating system requirements:  Windows 000 with Service Pack  (SP) or later  Windows XP Professional (SP1 or later)  Windows Server 00  Windows Small Business Server 00 Sophos recommends that a server operating system is used, that is, Windows 000 Server (SP or later), Windows Server 00, or Windows Small Business Server 00. Sophos Control Center is not supported on 64-bit versions of Windows. Disk space and memory:  1 GB of free hard disk space, 56 MB of RAM Sophos Anti-Virus Operating system requirements:  Windows 98 SE or Me with Internet Explorer 5.5 or later  Windows 000 Professional or Server (SP or later)  Windows XP Home or Professional (SP1 or later)  Windows Server 00  Windows Small Business Server 00  64-bit versions of Windows  Mac OS X 10. or later 9
  • 10. Sophos Small Business Solutions 2.0 upgrade guide Disk space and memory:  Windows 98 SE or Me: 90 MB of free hard disk space. Minimum 48 MB of RAM, recommended 64 MB  Windows 000 Professional or Server, XP Home or Professional, Server 00, and 64-bit versions of these platforms: 10 MB of free disk space. Minimum 18 MB of RAM, recommended 56 MB  Mac OS X: 70 MB of free hard disk space. 18 MB of RAM Sophos Client Firewall If you want to protect Windows 000 or later computers with Sophos Client Firewall, you should uninstall any other firewall software first (with the exception of Windows Firewall, which will be disabled automatically when Sophos Client Firewall is installed). Sophos Client Firewall is available only for Windows 000 and later workstation operating systems, that is, Windows 000 Professional and Windows XP, including -bit Windows XP on 64-bit computers. Sophos Client Firewall is designed to run on workstations connected to an Ethernet-based LAN (local area network) or the internet. You should not install Sophos Client Firewall on the computer where Sophos Control Center is installed. Sophos Client Firewall requires:  Minimum 100 MB of free hard disk space  Minimum 0 MB of RAM  Sophos Anti-Virus version 6 or later Sophos Client Firewall is not supported on:  Server operating systems (for example, Windows 000 Server or Windows Server 00)  64-bit versions of Windows Sophos Client Firewall does not support IPv6. It lets IPv6 packets through. 10
  • 11. Sophos Small Business Solutions 2.0 upgrade guide PureMessage 2.6 SMTP-only version Operating system requirements:  Windows 000 Server or Professional with SP or later and with Microsoft Internet Information Server (IIS)  Windows Server 00 with IIS  Windows XP Professional with SP1 or later and with IIS Disk space and memory:  140 MB of free hard disk space, 56 MB of RAM Microsoft Exchange version Operating system requirements:  Windows 000 Server with SP or later; Windows Server 00  Exchange 000 Server with SP; Exchange Server 00 Disk space and memory:  140 MB of free hard disk space, 56 MB of RAM 11
  • 12. Sophos Small Business Solutions 2.0 upgrade guide 4 Preparing to upgrade Before you upgrade Sophos Control Center, and subsequently upgrade the software on your networked computers managed by it, make sure that you meet the following prerequisites:  You have met all the hardware and software requirements listed in Chapter .  You are an administrator on the computer where you are upgrading Sophos Control Center.  Simple File Sharing is disabled on all Windows XP computers. For more information, refer to www.sophos.com/support/knowledgebase/article/87.html.  You have removed any other vendor’s firewall software, except Windows Firewall, from all Windows 000/XP computers on which you want to install Sophos Client Firewall. If you have Windows XP SP workstations on which you don’t want to install Sophos Client Firewall, or Windows Server 00 SP1 computers, and these computers have Windows Firewall turned on, you must do the following:  Enable File and Printer Sharing for Microsoft Networks. To find out how to do this, refer to www.sophos.com/support/knowledgebase/article/178.html.  Make sure TCP ports 819, 819 and 8194 are open.  Add the following program exception: C:Program FilesSophosRemote Management System RouterNT.exe To find out how to do this, refer to www.sophos.com/support/knowledgebase/article/1075.html.  Restart the computers for the changes to take effect. It is recommended that you back up your existing version of Sophos Control Center prior to upgrading it. 1
  • 13. Sophos Small Business Solutions 2.0 upgrade guide After completing the Sophos Control Center Installation Wizard, you will need to either log off from the computer where you upgraded Sophos Control Center and then log on again, or restart the computer. You must restart each computer where you have installed Sophos Client Firewall, to activate the firewall. Before you upgrade Sophos PureMessage If you use Sophos PureMessage and want to upgrade it to version .6, follow this procedure: 1. Upgrade Sophos Control Center to version , as described in Chapter 5. . Upgrade Sophos Anti-Virus on your networked computers. For instructions, see Chapter 6. . Make sure that Sophos Anti-Virus on the server where PureMessage is installed has been upgraded to version 6. To check which Sophos Anti-Virus version is installed, open the Sophos Anti-Virus user interface and from the Help menu select About. The version number is on the first line. 4. Upgrade Sophos PureMessage to version .6. For instructions, see the Sophos PureMessage Upgrade Guide. It is important that you follow this upgrade order, to keep your version of PureMessage up to date. In the new version of Sophos Small Business Solutions, spam rules are no longer downloaded via Sophos Control Center but directly from Sophos. In Sophos Control Center, an alternative source for updates is set to From Sophos (in the Configure updating dialog box, Alternative source tab), thus ensuring that you receive the latest spam rules as soon as they are released. The From Sophos option also helps you keep computers that are not always connected to your company network (for example, laptops) up to date with the latest security software and updates. The checklist on the next page describes the upgrade tasks. 1
  • 14. Sophos Small Business Solutions 2.0 upgrade guide Sophos Control Center upgrade checklist No. Task Instructions Relevant for * Com- pleted 1 Create a valid, complete Your system SAV, SCS, SSS backup documentation  Upgrade Sophos Control Chapter 5 SAV, SCS, SSS Center  If relevant, upgrade Appendix 1 SAV, SCS, SSS an additional Sophos Control Center console 4 Upgrade computers on Chapter 6 SAV, SCS, SSS the network 5 If required, manually Chapter 7 SAV, SCS, SSS upgrade computers that were not upgraded in Step 4 6 Upgrade Sophos Sophos PureMessage SSS PureMessage Upgrade Guide 7 Upgrade computers not Chapter 8 SAV, SCS, SSS on the network 8 Configure the firewall Chapter 9 SCS, SSS (optional) 9 Check that networked Chapter 10 SAV, SCS, SSS computers are protected 10 Set up scanning for Chapter 11 SAV, SCS, SSS potentially unwanted applications (PUAs) * Sophos Small Business Solutions products: SAV - Sophos Anti-Virus, SCS - Sophos Computer Security, SSS - Sophos Security Suite 14
  • 15. Sophos Small Business Solutions 2.0 upgrade guide 5 Upgrading Sophos Control Center To upgrade Sophos Control Center, do the following: 1. Log on as an administrator or domain administrator, as appropriate, at the computer where Sophos Control Center version 1 is installed. . Close all open Sophos applications, if any. . Insert the Sophos Install CD. The CD should auto-run. If the CD does not auto-run, browse to the CD and double-click Launchcd.exe. On the Upgrading page of the Sophos CD Viewer, click the Upgrade button. Alternatively, download the Sophos Control Center Installer from the Sophos website as follows: Go to www.sophos.com/support/updates and enter the username and password supplied to you by Sophos. Follow the links to download the installer for your Sophos Small Business Solutions product, and then run the installer. 4. On the Welcome page of the Sophos Control Center Installation Wizard, click Next. 5. On the License Agreement page of the wizard, read the license agreement. If you agree to the terms of the agreement, click I accept the terms in the license agreement. Click Next. 6. On the Destination Folder page, you see the folder where Sophos Control Center will be installed. By default, the new version of Sophos Control Center is installed in the folder C:Program FilesSophosSCC, with your settings retained. Then the installer deletes the old installation folder C:Program FilesSophosControl Center. If you want to change the destination folder, click the Change button and browse to the new folder. Click Next. 7. On the Setup Type page, leave Complete selected and click Next. 8. On the Ready to Install the Program page, click Install. 15
  • 16. Sophos Small Business Solutions 2.0 upgrade guide 9. When upgrade is complete, you are prompted to log off or restart. Click Yes or Finish. The installer has now upgraded Sophos Control Center, retaining your settings. If you have a remote management console and want to upgrade it, go to Appendix 1. For instructions on how to upgrade your networked computers, proceed to Chapter 6. 16
  • 17. Sophos Small Business Solutions 2.0 upgrade guide 6 Upgrading computers on the network When you log on to the computer after the upgrade, Sophos Control Center starts and the Sophos network protection wizard appears. The wizard guides you through the process of protecting computers on your network with the latest security software. Complete the wizard as follows: 1. On the Welcome page of the wizard, click Next. . On the Initializing installation page, wait while Sophos Control Center performs initial setup tasks. After the initial setup is complete, the Next button becomes available. Click Next. . On the Select software page, select the software for the operating systems running on your computers. The options Windows 2000 and later and Windows 98 and Me are selected by default. Sophos Control Center always provides protection for Windows 000 and later. You cannot alter this setting. If you do not have Windows 98 or Me computers, clear the Windows 98 and Me check box. If you have Mac OS X computers, select the Mac OS X check box. This will enable you to install anti-virus software on the computers later. 4. On the Sophos download account details page, the username and password, previously supplied to you by Sophos, are displayed. Click Next. If you use a proxy server to access the internet, see Appendix . By default, Sophos software and updates are downloaded to the folder ServernameSophos, where Servername is the name of the computer that is running Sophos Control Center. If you want to change the location where software and updates are downloaded before they are installed (for example, if you do not have enough free disk space in the default location), see Appendix . 17
  • 18. Sophos Small Business Solutions 2.0 upgrade guide 5. On the Windows user account details page, enter the details of the administrator account valid on all computers on the network, to enable Sophos Control Center to install software on these computers. 6. On the Protect computers page, wait for the computers to be located. Only Windows 000 and later computers will be listed on this page, since automatic installation or upgrade is not possible on Windows 98/Me or Mac OS X computers. If you had hidden computers in the previous version of Sophos Control Center, they will now appear in the list of computers. Select the type of protection you want to install on the computers. Anti-virus software is selected for installation on all the computers by default. If you do not want to install anti-virus software on a computer, clear the Anti-virus check box next to that computer. To select or clear all the Anti-virus check boxes in the list, select or clear the check box in the Anti-virus column heading. Sophos Client Firewall can be installed only on workstations running Windows 000 or later. You cannot install it on servers or the computer that is running Sophos Control Center. The firewall requires Sophos Anti-Virus. You must restart each computer where you have installed Sophos Client Firewall, to activate the firewall. You can choose to install the firewall later. For instructions, see Appendix 4. If you want to install the firewall now, select the Firewall check boxes next to the computers where you want to install it. Click Next. 7. On the Download progress page, a progress bar is displayed. After the wizard finishes downloading the software and preparing it for installation, the Next button becomes available. Click Next. 18
  • 19. Sophos Small Business Solutions 2.0 upgrade guide 8. If there are computers listed on the Computers you must protect manually page, click Print to print a list of the unprotected computers. Alternatively, click Save as to save a copy of the list, or make a note of the computers. Click Next. 9. On the last page of the wizard, click Finish. After you close the wizard, Sophos Control Center will install the software automatically on as many of the selected computers as possible. You will see the computers, with information about their status, listed in Sophos Control Center. 10. Go to each computer on the list of unprotected computers and install Sophos Anti-Virus and (if your license includes it) Sophos Client Firewall as described in Chapter 7. 19
  • 20. Sophos Small Business Solutions 2.0 upgrade guide 7 Upgrading computers manually If some of your networked computers were not upgraded automatically, go to each computer, log on as an administrator, and upgrade the security software as follows. You will need to restart each Windows computer on which you have manually upgraded the software. Windows 2000 or later computers If your license includes Sophos Client Firewall, browse to the updates folder (by default, ServernameSophosSAVSCFXP, where Servername is the name of the computer that is running Sophos Control Center) and run setup.exe. To install Sophos Client Firewall as well as Sophos Anti-Virus, in the Setup dialog box, select the Install Sophos Client Firewall check box and click OK. The firewall can be installed only on workstations running Windows 000 or later; it cannot be installed on computers running server operating systems. You should not install the firewall on the computer that is running Sophos Control Center. Sophos Client Firewall requires Sophos Anti-Virus. If your license does not include Sophos Client Firewall, browse to the updates folder (by default, ServernameSophosSAVSCFXP, where Servername is the name of the computer that is running Sophos Control Center) and run setup.exe. Windows 98/Me computers Browse to the updates folder (by default, ServernameSophosES9x, where Servername is the name of the computer that is running Sophos Control Center) and run setup.exe. 0
  • 21. Sophos Small Business Solutions 2.0 upgrade guide Mac OS X computers Copy the installation package Sophos Anti-Virus.mkpg from ServernameSophosESOSX to the computer where you want to install Sophos Anti-Virus. Then double-click Sophos Anti-Virus.mkpg. After the upgrade is complete, you will be able to manage the computers from Sophos Control Center. For instructions on how to upgrade single computers (that is, computers that are not connected to your company network), proceed to Chapter 8. 1
  • 22. Sophos Small Business Solutions 2.0 upgrade guide 8 Upgrading computers not on the network To upgrade security software on single computers that are not connected to your company network, do as follows. 1. Have your download username and password to hand. These will be in an email sent to you by Sophos. . Make sure that you are logged on to the computer as an administrator. . You can either upgrade Sophos Anti-Virus from the Sophos Install CD or download the installer from the Sophos website. To upgrade from the Sophos Install CD, insert the CD. The CD should auto-run. If the CD does not auto-run, browse to the CD and double-click Launchcd.exe. On the Upgrading page of the Sophos CD Viewer, follow the link Upgrade Sophos Anti-Virus on a single computer and click Install. To upgrade from the Sophos website, go to www.sophos.com/support/updates and enter the username and password supplied to you by Sophos. Follow the links to download the standalone installer for Sophos Anti-Virus for your operating system, and then run the installer. 4. Complete the Sophos Anti-Virus installation wizard. For Windows 000 and later, if you want to set up scanning for potentially unwanted applications, Sophos recommends that you begin by using a scheduled (on-demand) scan to detect potentially unwanted applications. This lets you deal safely with applications that are already running on a computer. You can then enable on-access detection to protect the computer in future. For instructions on how to set up an on-demand scan and deal with potentially unwanted applications, see Sophos Anti-Virus Help. 
  • 23. Sophos Small Business Solutions 2.0 upgrade guide 5. After you have installed Sophos Anti-Virus on the computer, and if your license includes Sophos Client Firewall, install the firewall. You can either install the firewall from the Sophos Install CD or download the installer from the Sophos website. To install from the Sophos Install CD, in the Sophos CD Viewer, on the Installation page, follow the link Install Sophos Client Firewall on a single computer and click Install. To install from the Sophos website, go to www.sophos.com/support/updates and enter the username and password supplied to you by Sophos. Follow the links to download the standalone installer for Sophos Client Firewall, and then run the installer. 6. Complete the Sophos Client Firewall installation wizard and restart the computer, to activate the firewall. 7. To get started with the firewall, follow instructions in the Sophos Client Firewall Standalone Startup Guide. 
  • 24. Sophos Small Business Solutions 2.0 upgrade guide 9 Firewall configuration When you first install the firewall, it is enabled and uses a set of default (or factory) settings. What are the factory settings? By default, the firewall:  Applies rules without asking the user at each computer for confirmation, that is, works in non-interactive mode (thus allowing your computer users to work uninterrupted).  Allows all outbound traffic (no application checksums are calculated).  Blocks all unauthorized inbound traffic.  Allows file and print sharing.  Allows basic networking functions. If you want to have greater control over the configuration of the firewall, you can configure it by creating custom rules. Configuring the firewall by creating custom rules 1. On the Configuration menu, click Configure firewall. The Configure firewall wizard starts. . On the Enable firewall page of the wizard, make sure that the Turn on the firewall check box is selected. Click Next. . On the Protection type page, select Custom settings. 4. On the File and print sharing page, select Allow file and print sharing if you want to allow other computers on the local area network to access printers and shared folders on your computer. 4
  • 25. Sophos Small Business Solutions 2.0 upgrade guide 5. On the Rules for network traffic page, select one of the following options:  Block inbound and allow outbound traffic  Block inbound and outbound traffic If you select this option, the firewall will block all outbound traffic, except for the applications you specify by clicking the Trust button to the right of this option. For a “trusted” application, all network activity is allowed.  Create custom rules This option gives you full control over the firewall settings. You can create custom rules for all traffic using the advanced firewall configuration editor. This is an advanced option, and you should only use it if you understand the effects of the changes you make. To open the Advanced firewall configuration dialog box, click Customize to the right of the Create custom rules option. For full details of all the firewall options, see Sophos Client Firewall Help. 5
  • 26. Sophos Small Business Solutions 2.0 upgrade guide 10 Checking computers are protected Your computers are fully protected if on-access scanning is running, the firewall is enabled (if installed), and the computers are up to date. To see if computers are protected, check the computer list in Sophos Control Center. The firewall-related information such as the firewall status will only appear in Sophos Control Center if you are using the Sophos Security Suite or Sophos Computer Security product. In the Up to date column, the word “Yes” shows that Sophos protection is up to date on that computer. A clock icon and the word “No” shows that it is not. To sort the list of computers according to whether they are up to date or not, click on the Up to date column heading. For advice on what to do if computers are out of date, see Sophos Control Center Help, the section “How do I update computers?” In the Anti-virus column, the word “Active” shows that on-access scanning is protecting the computer. A grayed-out shield and the word “Inactive” shows that it is not. As long as your users’ computers are protected by on-access scanning, you do not normally need to run on-access scanning on your file server. For advice on what to do if computers are not protected by on-access scanning, see Sophos Control Center Help, the section “How do I configure scanning?” If the software is not installed on the computer, you will see “Not installed” displayed in the Anti-Virus column. 6
  • 27. Sophos Small Business Solutions 2.0 upgrade guide For advice on what to do if computers are not protected by the anti-virus software, see Sophos Control Center Help, the section “How do I protect new computers?” In the Firewall column, the word “Active” shows that firewall is protecting the computer. A grayed-out firewall icon and the word “Inactive” shows that it is not. If the software is not installed on the computer, you will see “Not installed” displayed in this column. For advice on what to do if computers are not protected by the firewall, see Sophos Control Center Help, the section “How do I configure the firewall?” In the Central configuration column, the word “Ok” shows that the computer complies with the anti-virus, updating, and firewall configuration that is set centrally via Sophos Control Center. The word “Changed” and a yellow alert icon show that it does not. For more information about the statuses that are displayed, refer to Sophos Control Center Help, the section “How do I monitor protected computers?” 7
  • 28. Sophos Small Business Solutions 2.0 upgrade guide 11 Setting up scanning for potentially unwanted applications By default, Sophos Anti-Virus detects viruses, Trojans, spyware, and worms. You can also configure it to detect potentially unwanted applications (PUAs). This option applies only to Sophos Anti-Virus running on Windows 000 or later. Sophos recommends that you begin by using a scheduled scan to detect potentially unwanted applications. This lets you deal safely with applications that are already running on your network. You can then enable on-access detection to protect your computers in future. Step 1 Run a scheduled scan of the computers. 1. In Sophos Control Center, on the Configuration menu, click Configure scanning. . In the Configure scanning settings dialog box, in the Scheduled scanning panel, click Add to create a new scan, or select a scan in the list and click Edit to edit it. . In the Scheduled scan settings dialog box, click Configure (at the bottom of the page). 8
  • 29. Sophos Small Business Solutions 2.0 upgrade guide 4. In the Scanning and cleanup settings dialog box, click the Scanning tab. In the Other scanning options panel, make sure that Scan for potentially unwanted applications is selected. Click OK. When the scan is carried out, Sophos Anti-Virus may report some potentially unwanted applications. You can either authorize the applications or remove them from the computers. Step 2 Authorize applications you want to use. 5. On the Configuration menu, click Configure scanning. 6. In the Configure scanning settings dialog box, click Authorize applications. 7. In the Authorize applications dialog box, in the Known applications list, select the application you want to authorize. Click Add to add it to the list of authorized applications. Repeat for each application you want to authorize. Click OK. 8. If you cannot see the application you want to authorize, click New entry. In the Add new application dialog box, follow the link to Sophos list of potentially unwanted applications. Find the application you want to authorize and enter its name in the Name field. Click OK. 9
  • 30. Sophos Small Business Solutions 2.0 upgrade guide Step 3 Clean up applications you do not want to use. 9. In the Summary of threats pane, click the Potentially unwanted applications link. The Resolve alerts and errors dialog box appears, with the Application alerts tab displayed. 10. On the Application alerts tab, select the check box for each application you want to remove, or click Select all, and then click Cleanup. To fully clean some applications consisting of several components from a computer, you may need to restart the computer. If this is the case, a message will appear on the affected computer, giving an option to restart the computer immediately or later. The final cleanup steps will be performed after the computer is restarted. Step 4 Enable on-access scanning for potentially unwanted applications. 11. If you want to enable on-access scanning, in the Configure scanning settings dialog box, click On-access. In the On-access scan settings dialog box that appears, under Scanning options, select Scan for potentially unwanted applications. Click OK. Some applications “monitor” files and attempt to access them frequently. If you have on-access scanning enabled, it detects each access and sends multiple alerts. 0
  • 31. Sophos Small Business Solutions 2.0 upgrade guide Glossary Cleanup A process that eliminates threats on your computer. In particular, it removes a virus from a file or boot sector, or potentially unwanted application from the computer. However, it does not undo any actions the virus or application has already taken. Potentially unwanted application (PUA) A program that is not inherently malicious, but is generally considered unsuitable for the majority of business networks. Potentially unwanted applications perform actions such as displaying advertising, tracking web sites visited, or changing the configuration of a computer. They include a wide range of programs such as adware, dialers, remote administration tools, and hacking tools. Sophos Control Center management console User interface from which you can protect and manage computers on your network Sophos Control Center management server A component that enables the downloading and distribution of Sophos security software and handles messaging 1
  • 32. Sophos Small Business Solutions 2.0 upgrade guide Appendix 1. Upgrading an additional Sophos Control Center console If you use an additional (remote) Sophos Control Center management console and want to upgrade it, do as follows: 1. Log on as an administrator at the computer where the remote Sophos Control Center console is installed. . Close all open Sophos applications, if any. . Insert the Sophos Install CD. The CD should auto-run. If the CD does not auto-run, browse to the CD and double-click Launchcd. exe. On the Upgrading page of the Sophos CD Viewer, follow the Upgrade an additional Sophos Control Center link, and then click the Install button. Alternatively, download the Sophos Control Center Installer from the Sophos website. Go to www.sophos.com/support/updates, enter the username and password supplied to you by Sophos, follow the links to download the installer for your Sophos Small Business Solutions product, and then run the installer. 4. On the Welcome page of the Sophos Control Center Installation Wizard, click Next. 5. On the License Agreement page of the wizard, read the license agreement. If you agree to the terms of the agreement, click I accept the terms in the license agreement. Click Next. 6. On the Destination Folder page, you see the folder where Sophos Control Center will be installed. If you want to change the destination folder, click the Change button and browse to the new folder. Click Next. 
  • 33. Sophos Small Business Solutions 2.0 upgrade guide 7. On the Setup Type page, select Management Console Only, and then click Next. 8. On the Management Service page, you see the name of the computer where Sophos Management Service is running (usually the computer where Sophos Control Center is installed).You can change the name of the computer by clicking Change and browsing to the computer. Click Next. 
  • 34. Sophos Small Business Solutions 2.0 upgrade guide 9. On the Ready to Install the Program page, click Install. 10. When the upgrade is complete, you are prompted to log off or restart. Click Yes or Finish. You have upgraded the Sophos Control Center remote management console. For instructions on how to upgrade your networked computers, go to Chapter 6. 4
  • 35. Sophos Small Business Solutions 2.0 upgrade guide Appendix 2. Proxy details If you use a proxy server to access the internet, you must enable Sophos Control Center to download updates via the proxy. You can do so after you started Sophos Control Center for the first time after the upgrade, using the Sophos network protection wizard. 1. On the Sophos download account details page of the wizard, click the Advanced button. . In the Advanced settings dialog box, click the Proxy tab. . Select the Access the internet via proxy check box and type the proxy address and port number. 4. Type the username and password for an account that has access to the proxy. You can enter these details later, if you want to. To do this, in Sophos Control Center, on the Action menu, click Configure updating. In the Configure updating dialog box, click the Proxy tab, and enter the details there. 5
  • 36. Sophos Small Business Solutions 2.0 upgrade guide Appendix 3. Changing the download folder By default, Sophos software and updates are downloaded to the shared folder ServernameSophos, where Servername is the name of the computer that is running Sophos Control Center. The subfolders where software for each operating system is downloaded and from which it is then installed and updated are as follows.  Sophos Anti-Virus and Sophos Client Firewall for Windows 000 and later: ServernameSophosSAVSCFXP  Sophos Anti-Virus for Windows 98/Me: ServernameSophosES9x  Sophos Anti-Virus for Mac OS X: ServernameSophosESOSX You can change the location where software and updates are downloaded before they are installed (for example, if you do not have enough free disk space in the default location). You can do so after you started Sophos Control Center for the first time after the upgrade, using the Sophos network protection wizard. To change the download location, follow these steps: 1. On the Sophos download account details page of the wizard, click the Advanced button. . In the Advanced settings dialog box, click the Download folder tab. . In the Location field, click the drop-down arrow and select the location you want to use, or type the new location. The folder must be shared. 4. Enter the details for the write-access account which will be used by Sophos Control Center when placing files in the folder. You must create this account yourself. 5. Enter the details for the read-access account which will be used by each computer on the network when fetching files from the folder. You must create this account yourself. Click OK. 6
  • 37. Sophos Small Business Solutions 2.0 upgrade guide Appendix 4. Protecting computers with the firewall If you haven’t installed the firewall when upgrading protection on the computers and running the Sophos network protection wizard, you can install it on your computers as described below. You should not install Sophos Client Firewall on the computer where Sophos Control Center is installed. Sophos Client Firewall can be installed only on workstations running Windows 000 or later; it cannot be installed on computers running server operating systems. The firewall requires Sophos Anti-Virus. You must restart each computer where you have installed Sophos Client Firewall, to activate the firewall. To install the firewall: 1. In Sophos Control Center, in the computer list, highlight the computers where you want to install the firewall. On the menu bar, open the Tools menu and select Add firewall to protected computers. The Firewall installation wizard starts. . On the Windows user account details page of the wizard, enter the details of an administrator account you will use to install the firewall on your networked computers. Click Next. . On the Install Sophos Client Firewall on workstations page, select the computers where you want to install the firewall. Click Next. You will see the firewall being installed on the computers. 4. On the Computers you must protect manually page, you will see a list of computers, if any, that require manual installation of the firewall. Click Print to print the list. Complete the wizard. 5. Go to each computer on the printed list, log on as an administrator, and install Sophos Client Firewall as follows. Browse to the updates folder (by default, ServernameSophosSAVSCFXP), and run setup.exe. In the Setup dialog box, select the Install Sophos Client Firewall check box and click OK. 7
  • 38. Sophos Small Business Solutions 2.0 upgrade guide Technical support For technical support, visit www.sophos.com/support. If you contact technical support, provide as much information as possible, including the following:  Sophos software version number(s)  Operating system(s) and patch level(s)  The exact text of any error messages 8
  • 39. Sophos Small Business Solutions 2.0 upgrade guide Copyright 006 Sophos Group. All rights reserved. noninfringement, or arising from a course of dealing, No part of this publication may be reproduced, stored usage or trade practice. Moreover, DOC software is in a retrieval system, or transmitted, in any form or provided with no support and without any obligation by any means, electronic, mechanical, photocopying, on the part of Washington University, UC Irvine, recording or otherwise unless you are either a valid Vanderbilt University, their employees, or students licensee where the documentation can be reproduced to assist in its use, correction, modification, or in accordance with the licence terms or you otherwise enhancement. A number of companies1 around the have the prior permission in writing of the copyright world provide commercial support for DOC software, owner. however. DOC software is YK-compliant, as long as the underlying OS platform is YK-compliant. Sophos and Sophos Anti-Virus are registered trademarks of Sophos plc and Sophos Group. All Washington University, UC Irvine, Vanderbilt other product and company names mentioned University, their employees, and students shall have no are trademarks or registered trademarks of their liability with respect to the infringement of copyrights, respective owners. trade secrets or any patents by DOC software or any part thereof. Moreover, in no event will Washington University, UC Irvine, or Vanderbilt University, their employees, or students be liable for any lost revenue Copyright and licensing information for or profits or other special, indirect and consequential ACE™, TAO™, CIAO™, and CoSMIC™ damages. The ACE14, TAO15, CIAO16, and CoSMIC17 web ACE , TAO , CIAO , and CoSMIC (henceforth 1   4 sites are maintained by the DOC Group18 at the referred to as “DOC software”) are copyrighted Institute for Software Integrated Systems (ISIS)19 by Douglas C. Schmidt5 and his research group6 at and the Center for Distributed Object Computing Washington University7, University of California8, of Washington University, St. Louis 0 for the Irvine, and Vanderbilt University 9, Copyright development of open-source software as part of the ©199–005, all rights reserved. open-source software community1. By submitting comments, suggestions, code, code snippets, Since DOC software is open-source10, free software, techniques (including that of usage), and algorithms, you are free to use, modify, copy, and distribute– submitters acknowledge that they have the right to perpetually and irrevocably–the DOC software source do so, that any such submissions are given freely code and object code produced from the source, and unreservedly, and that they waive any claims as well as copy and distribute modified versions to copyright or ownership. In addition, submitters of this software. You must, however, include this acknowledgethat any such submission might become copyright statement along with code built using DOC part of the copyright maintained on the overall software. body of code, which comprises the DOC software. You can use DOC software in commercial and/or By making a submission, submitter agree to these binary software releases and are under no obligation terms. Furthermore, submitters acknowledge that the to redistribute any of your source code that is built incorporation or modification of such submissions using DOC software. Note, however, that you may is entirely at the discretion of the moderators of not do anything to the DOC software code, such as the open-source DOC software projects or their copyrighting it yourself or claiming authorship of the designees. DOC software code, that will prevent DOC software T h e n a m e s AC E , TAO, C I AO, Co S M I C , from being distributed freely using an open-source WashingtonUniversity, UC Irvine, and Vanderbilt development model. You needn’t inform anyone that University, may not be used to endorse or promote you’re using DOC software in your software, though products or services derived from this source we encourage you to let us11 know so we can promote without express written permission from Washington your project in the DOC software success stories1. University, UC Irvine, or Vanderbilt University. DOC software is provided as is with no warranties Further, products or services derived from this source of any kind, including the warranties of design, may not be called ACE, TAO, CIAO, or CoSMIC nor merchantability, and fitness for a particular purpose, may the name Washington University, UC Irvine, 9
  • 40. Sophos Small Business Solutions 2.0 upgrade guide or Vanderbilt University appear in their names, without express written permission from Washington University, UC Irvine, and Vanderbilt University. If you have any suggestions, additions, comments, or questions, please let me know. Douglas C. Schmidt The ACE home page is http://www.cs.wustl.edu/ACE.html References 1. http://www.cs.wustl.edu/~schmidt/ACE.html . http://www.cs.wustl.edu/~schmidt/TAO.html . http://www.dre.vanderbilt.edu/CIAO/ 4. http://www.dre.vanderbilt.edu/cosmic/ 5. http://www.dre.vanderbilt.edu/~schmidt/ 6. http://www.cs.wustl.edu/~schmidt/ ACE-members.html 7. http://www.wustl.edu/ 8. http://www.uci.edu/ 9. http://www.vanderbilt.edu/ 10. http://www.the-it-resource.com/Open-Source/ Licenses.html 11. mailto:doc_group@cs.wustl.edu 1. http://www.cs.wustl.edu/~schmidt/ ACE-users.html 1. http://www.cs.wustl.edu/~schmidt/ commercial-support.html 14. http://www.cs.wustl.edu/~schmidt/ACE.html 15. http://www.cs.wustl.edu/~schmidt/TAO.html 16. http://www.dre.vanderbilt.edu/CIAO/ 17. http://www.dre.vanderbilt.edu/cosmic/ 18. http://www.dre.vanderbilt.edu/ 19. http://www.isis.vanderbilt.edu/ 0. http://www.cs.wustl.edu/~schmidt/ doc-center.html 1. http://www.opensource.org/ . mailto:d.schmidt@vanderbilt.edu . http://www.dre.vanderbilt.edu/~schmidt/ 40