Notes
· When installing Sophos, ensure you are logged in as the Domain
Administrator
· Any existing anti-virus software must
be removed before installing Sophos Anti-virus
|
| Creating
the Auto-Update Account |
|
|
This is done
once at the primary domain controller. From then on, the account should
be available throughout the domain
1. Create a domain user account called SWEEPUPD
with a password of sophosservice
2. Deselect User must change password at next
logon
3. Select User cannot change password
4. Select Password never expires
5. Click Add and highlight the user
and select user rights from the
policies menu
6. Select Show advanced user rights
7. From the drop down rights box
choose Log on as a service
8. Click Add
9. Click Show Users
10. Select the SWEEPUPD account
from the list
11. Click Add
12. Click Ok
13. Click Ok
14. Exit User Manager for domains
|
| Creating
the NT Central Installation Directory (CID) |
|
|
This needs
to be done on the BDC/PDC/Server/s of the customer's choice
1. Insert
CD
2. Click Quick Installation from
the splash screen
3. Click next at the set-up screen
4. Choose central installation/upgrade
5. Click next
6. Select source folder (should be entered by default)
7. Select destination folder (defaults to c:\program files\sophos
sweep for nt\ntinst\i386\)
8. Click next
9. Select auto-upgrade
10. Select Prevent Removal
11. Click next
12. Select Non-Interactive
13. Deselect Allow users to postpone auto-upgrade
14. Change the Auto-Update frequency
to daily
15. Click next
16. Click finish
17. Click Ok
|
| Server
Installation |
|
|
This needs
to be done on the CID machines
1. Find
the setup.exe installed in the CID
(to c:\program files\sophos sweep for nt\ntinst\i386\)
2. Click next
3. Select the source and destination folders (defaults are fine)
4. Deselect Enable InterCheck Client
5. Select Enable InterCheck Server
6. Scheduled network access should
be deselected
7. Click next
8. Select Auto-Upgrade
9. Deselect Prevent-Removal
10. Click next
11. Now enter the details of the Auto-Update
account configured earlier
12. Click next
13. Deselect Interactive
14. Select Non-Interactive and disable
Allow users to postpone auto-upgrade
15. Change the Auto-Update frequency to
Every 240 Minutes
16. Click next
17. Click Finish to complete the
installation
18. When installation is complete click exit
19. Ensure that the InterChk share
exists by using Windows NT explorer to navigate to c:\program
files\ and the share symbol should be underneath the folder
sophos sweep for
NT
|
| Installing
on Windows NT/2000 PC's |
|
|
This is a
client installation and should be performed on PC's using NT/2000 as the
operating system
1. Click
network neighborhood
2. Browse to the CID of the server and double click setup.exe
3. Click next
4. Enter the source and destination install directory (defaults are
fine)
5. Click next
6. Check Enable InterCheck Client
7. Deselect Enable InterCheck Server
and Scheduled network access
8. Click next
9. Check Auto-Upgrade and prevent
removal
10. Click next
11. Enter the Auto-Update account details
12. Click next
13. Deselect Interactive
14. Check Non-interactive and disable
Allow users to postpone auto-upgrade
15. Change the Auto-Update frequency
to Daily
16. Click next
17. Click Finish
18. When the installation is complete Click Run
SWEEP
19. Click the IC Client Tab
20. Click the Loud speaker Icon
21. Select the InterCheck Logging
tab
22. Deselect Disable InterCheck Logging
23. In the Path to InterCheck Server
enter \\<servername>INTERCHK\COMMS
24. Click Ok
|
| Creating
the Win95/98 Central Installation Directory (CID) |
|
|
This needs
to be done once at each site from a client PC using Windows 95/98 as the
operating system
1. Login
to the domain as the administrator from
a Windows 95/98 machine
2. Insert CD
3. Click Quick Installation from
the splash screen
4. Click next at the set-up screen
5. Choose central installation/upgrade
6. Select InterCheck for Windows 98/95
and Intercheck Monitor
7. Click next
8. Enter the UNC path to the InterCheck server folder e.g. (\\<servername>\Interchk)
9. Click next
10. Enter source and destination folder (defaults are fine)
11. Click next
12. Select yes to create the destination
folder
13. Select auto-upgrade
14. Select Prevent Removal
15. Click next
16. Select Non-Interactive
17. Deselect Allow users to postpone auto-upgrade
18. Click next
19. Click finish
20. Click Ok
|
|
Installing
on Windows 95/98 PC's
|
|
|
This is a
client installation and should be performed on PC's using 95/98 as the
operating system
1. From
the run dialog enter the following \\<servername\interchk\w95inst\setup.exe
-inl -a
2. Click Ok
3. When installation has finished it warns about restarting the computer
4. Once restarted SAV will scan the computer for viruses and
completes the installation
|
| Testing
the installation |
|
1. On the
workstations, run the tools\savtest\savtst32.exe
from the Sophos installation CD
2. Select file and then on
access test, SAV should display the virus found message
|
|
Auto-Update
IDE batch software
|
|
|
This needs
to be done on the CID's
1. Create
a directory in the c drive called autoide
2. Copy the sget program into the
directory
3. Copy pkunzip into the directory
4. Create the update.bat script
(as below)
5. Enter the at command below at a dos prompt window
|
| AT
COMMAND |
|
at
\\<machinename> 01:00 /interactive /every:m,t,w,th,f,s,su "c:\autoide\update.bat"
Type AT at the prompt to check that
it is installed.
To delete this in the event of an error type AT
x /delete, (x is the entry number shown)
An alternative
to typing the AT command at DOS is to use the inbuilt Task Scheduler in
Windows NT
This is found in c:\winnt\tasks
Ensure that you are logged on as Administrator
Add a task so that it looks as shown below
Ensure that the password is the Administrator password
Ensure that FULL CONTROL is allowed in File Permissions
|
| UPDATE.BAT
SCRIPT |
|
ping
www.fastfreenet.com
@echo off
cd c:\autoide
c:\autoide\sget -i -l=c:\autoide\ http://www.sophos.co.uk/downloads/ide/ides.zip
IF NOT EXIST c:\autoide\ides.zip goto downloadfailed
IF NOT EXIST
c:\autoide\lastides.zip goto unzipides
fc /l c:\autoide\lastides.zip c:\autoide\ides.zip > c:\autoide\comp.txt
find "no differences encountered" c:\autoide\comp.txt >nul
if %errorlevel% EQU 1 goto levelone
if %errorlevel% EQU 0 goto same
:levelone
REM Files Are Different
del c:\autoide\lastides.zip
goto unzipides
:same
del c:\autoide\ides.zip
del c:\autoide\comp.txt
goto end
:unzipides
del c:\progra~1\sophos~1\ntinst\i386\*.ide
del c:\progra~1\sophos~1\w95inst\*.ide
c:\autoide\pkunzip -e c:\autoide\ides.zip c:\progra~1\sophos~1\ntinst\i386\
c:\autoide\pkunzip -e c:\autoide\ides.zip c:\progra~1\sophos~1\w95inst\
start /wait c:\progra~1\sophos~1\ntinst\i386\setup.exe -update -ni
start /wait c:\progra~1\sophos~1\w95inst\setup.exe -update -ni
rename c:\autoide\ides.zip lastides.zip
del c:\autoide\comp.txt
date /T > c:\autoide\lastupdated.txt
goto end
:downloadfailed
ECHO SOPHOS FAILED TO DOWNLOAD IDES
ECHO ADMINISTRATOR, PLEASE RUN UPDATE MANUALLY
ECHO YOUR VIRUS DATABASE IS OUT OF DATE.
ECHO TYPE C:\AUTOIDE\UPDATE.BAT
PAUSE
:end
Notes: -
The first highlighted line ping www.fastfreenet.com
initialises the ISDN line
The second highlighted line date /T > c:\autoide\lastupdated.txt
puts the time and date into a file called lastupdated.txt which can be
viewed to check that it has been working.
To see how up to date the Sophos is on a system, Search for *.ide
files.
Look at the latest date and compare to a working system
|
| SAV
Admin Tool |
|
The SAVAdmin tool is a utility that can centrally
control the network in terms of anti-virus protection. By default, everything
that can be seen in network neighborhood should appear in SAVAdmin. However,
details of SAV installations, version numbers etc. cannot be displayed for
win 98/95 machines. To view these details, you must (from the CID machine)
1. Insert CD and select Advanced options
2. Click Useful tools and utilities and
select SAVAdmin
3. Select Install SAVAdmin and click
Ok
4. Click Unzip
5. Click Ok
6. Copy the savagent and run95sag
exe's into the C:\program files\sophos
sweep for nt folder
Notes: -
Sophos is best installed without intercheck client on print servers/fileservers/exchange
servers
Windows XP installations are performed just as an NT installation
If the first attempt fails do not delete the files, install again and
it will install okay
The Prevent removal does exactly what it says on the tin.
|
Installation Guide