Gordon's WebLog

For many years the company that I work for has been using McAfee anti virus software and a system called EpoOrechestrator to deliver daily virus definitions files to networked computers and laptops. In addition our main domain controllers use Symantec anti virus software.

In recent weeks we have been investigating alternative software and a decision was taken to replace McAfee with Sophos - the main advantage being that whereas McAfee relied on individual computers to request definition files (once per day) Sophos is able to push the files out to all connected machines.

April 25th 2006 saw the installation of Sophos on our network. The first problem was that the enterprise management suite would not run on the server that had been allocated so the server had to be upgraded to Windows 2000 together with various service packs and a new network card driver.

Whilst this was taking place all the local computers were visited and the McAfee software uninstalled. This was, of course, a necessary step as it is not a good idea to have more than one anti virus suite running on a machine, and in addition, whilst Sophos was able to be installed, it was not able to be activated.

Once that had been finished the enterprise management suite was installed with very little difficulty and various installation programs for several operating systems were downloaded from the Sophos site.

Then the big moment arrived when it was set to discover networked computers and actually install the client software on each of them.

After about half an hour quite a few of the machines received and activated the remotely installed client software - without any intervention on the part of the administrator or the user. Even machine at another of our offices on the domain were able to be configured remotely.

Of course, there are always difficulties in the networked installation of any new software, and Sophos is no exception. Whilst quite happy to install software on Windows NT/2000/XP, it resolutely refused to install on earlier windows operating systems, which needed manual installation. The same applied to our remote laptop users who were sent CDs containing the installation program together with instructions and access passwords so that they could either update from our network server or from the Sophos web site direct.

One major problem was that Sophos tried to install itself onto the domain controllers which use Symantec. This caused our server monitoring software to generate hundreds of warning messages, until remedial action was taken - still, at least it showed that the monitoring service was working.

As I write this the system is still in its early days, but so far all seems good.