We're about to deploy Sophos clients out to 4,000+ machines throughout our company. Since I haven't had anything to do with the server/config setup, if there is anything that we should be concerned about that will prevent the client from working with the KBOX?

0 Comments   [ - ] Hide Comments


Please log in to comment

Community Chosen Answer



There's a bug in the 5.3 agent that causes the agent not to restart properly on XP machines.  I haven't been able to duplicate it, but it happened on a machine that had Sophos on it.  It's something that should be fixed in 5.4. 

As far as I can tell, it's only a cosmetic error. It doesn't do any damage.

Answered 10/30/2012 by: jknox
Red Belt

  • Is the the ampagent.exe error on shutdown?
    • That's when it's been reported with Sophos. The bug doesn't specify when it happens, only that the agent doesn't restart properly.
  • So what do you mean cosmetic error? What will it do differently that I'll notice?
    • Perhaps bad wording. It will show an error, but once the computer is restarted, there is no effect past that.
  • This is only one time - after install?
    • For at least one instance, it's occasionally on shutdown. I haven't been able to replicate it, so I'm not sure.
Please log in to comment
Answer this question or Comment on this question for clarity



I suggest checking the Sophos logs before deploying Sophos everywhere. I found that our McAfee antivirus was preventing watchdog.exe (part of the old kace agent) from running on Windows XP machine, it was a simple change but it took production down on machines that were loggining. I'd also suggest making exceptions for the kace agent process (ampagent), the Dell/kace directories in program files, documents and settings and programdata before you deploy sophos.



Answered 10/30/2012 by: ms01ak
Tenth Degree Black Belt

  • Thanks for the ideas - very valid concerns - having my network team look into adding excepts now :)
  • Good suggestion, could be related to my comment about the agent.
Please log in to comment

Paranoia is your friend in this case. Which is something we've opted for in our sophos and kace environment. Got it on about 2000 machines. 

What we did was ensure that hips and file scans excluded all kace folders, ie the appdata\dell\kace and program files directories also.

And also, you know, small batch testing would be a good way to go too... just saying...

Also the kusrinit files in sys32 are now exceptions also.



Answered 11/14/2012 by: Roonerspism
Second Degree Brown Belt

Please log in to comment