If the Protect Computers Wizard fails to install Sophos Endpoint Security and Control on computers, it could be because:
Sophos Antivirus Is Active But On-access Scanning Is Not Running
If the service is not there, running the Sophos Anti-Virus.msi from the share adds it: Open Windows Services by clicking 'Start', 'Run', and typing services.msc Right Click on Sophos Anti-Virus service and select Properties Click the Log On tab. Sophos Home Premium has one of the shortest feature lists in the antivirus world, but poke around in the web-based Settings menus for a while and you'll find one unusual extra: a simple parental.
- Sophos Enterprise Console does not know which operating system the computers are running. This is probably because you did not enter your username in the format domainuser when finding computers.
- Automatic installation is not possible on that operating system. Perform a manual installation. For instructions, see the Sophos Enterprise Console advanced startup guide.
- The computers are running a firewall.
- “Simple File Sharing” has not been turned off on Windows XP computers.
- The “Use Sharing Wizard” option has not been turned off on Windows Vista computers.
- You selected to install a feature that is not supported on the computers’ operating systems.
For a full list of requirements for the Sophos Endpoint Security and Control features, see the system requirements page on the Sophos website.
Sophos Live Protection uses in-the-cloud technology to instantly decide whether a suspicious file is a threat and take action specified in the anti-virus and HIPS policy.
Live Protection improves detection of new malware without the risk of unwanted detections. This is achieved by doing an instant lookup against the very latest known malicious files. When new malware is identified, Sophos can send out updates within seconds.
To take full advantage of Live Protection, you must ensure that the following options are enabled.
Enable Live Protection: If on-access scanning on an endpoint computer has identified a file as suspicious, but cannot further identify it as either clean or malicious based on the threat identity (IDE) files stored on the computer, certain file characteristics such as checksum are sent to Sophos to assist with further analysis. The in-the-cloud checking performs an instant lookup of a suspicious file in the SophosLabs database. If the file is identified as clean or malicious, the decision is sent back to the computer and the status of the file is automatically updated.
Sophos Protection
Enable Live Protection for on-demand scanning: If you want on-demand scans to use the same in-the-cloud checking as on-access scanning, select this option.
Automatically send file samples to Sophos: If a file is deemed potentially malicious but cannot be positively identified as malicious based on its characteristics alone, Live Protection allows Sophos to request a sample of the file. When Live Protection is enabled, if this option is enabled and Sophos does not already hold a sample of the file, the file is submitted automatically. Submission of such sample files helps Sophos to continuously enhance detection of malware without the risk of false positives.
Sophos Rating
If you use a Sophos web filtering solution, for example the WS1000 Web Appliance, you do not need to do anything - Sophos domains are already trusted.