Skip to content | Change text size

ITS home
 

Sophos Installation on Windows servers and non-SOE workstations

This document provides information on installing the Sophos Sweep anti-virus product on Monash University Windows servers and (non-SOE) workstations.

Important Notes

This distribution is intended for use only on Monash University Windows computers, as installed by the provided batch file. ITS will not support its use on other machines.

The initial installation of Sophos Sweep must be performed by a staff member with Administrator-equivalent rights to the server. Once this is done, Sweep will automatically maintain itself by installing updates from the Central Installation Directories held on the ITS servers.

Installation

Please ensure that any pre-existing non-Sophos anti-virus product has been removed from the server and will not be automatically reinstalled.

The Sophos Sweep files are available from the Monash website at sophos1.its.monash.edu.au/Sophos_For_Windows_Servers.EXE (40.7M).
This is a self-extracting EXE file that will install itself.

Once installed, the product registers itself with the Sophos management system and allows centralised reporting, configuration and management.

All Sophos managed workstations receive a policy from the Sophos management server. By default all workstations receive a standard Monash policy that has been configured by the ITS Security Group. Faculties can request their own policy to be created and have that policy applied to their workstations instead of the Monash policy. There are many configurable options within the sophos policy like, file and program authorisations, file exclusions and scanning schedules. By configuring a policy it will allow all your workstations to receive the settings you have requested without having to visit any machine as the policy is pushed out via the Sophos management server.

To request a sophos policy to be applied to your workstations you will need to contact the ITS Service desk and log a call. All changes to Sophos policies need approval by the ITS Security Group.

Microsoft Exchange servers

Please notify ITS Servicedesk of the server name and IP address so that the server can be issued with an anti-virus policy that includes the correct file and directory exclusions.

Citrix metaframe servers

In order to prevent each remote access user from starting an instance of the desktop notification program, the icon AutoUpdate Monitor should be removed from the Startup group for All Users.