Knowledgebase: Deep Freeze
Updating Sophos Endpoint Security definitions during Deep Freeze Maintenance
Posted by Sheldon Lo on 13 March 2012 12:13 AM

Overview

This document will detail the recommended practice for configuring a 3rd party antivirus solution to update properly when Deep Freeze is protecting a workstation.

Introduction

Deep Freeze provides administrators with a way to protect workstations from changes by rolling back any change made to the computer at reboot. Deep Freeze does not make any distinction between changes that are malicious, or changes that are desired on a workstation and this can pose some challenges in managing 3rd party products that require updates to occur on a periodic basis.

The most common interaction that we find on customers workstations is between antivirus software and Deep Freeze. Antivirus software by design requires periodic updates to maintain it’s effectiveness on a client workstation, and problems may arise unless steps are taken to ensure that the antivirus software can perform updates in a timely manner.

Scheduled are used to configure the antivirus software to update in a timeframe where Deep Freeze will not be protecting the workstations. This has the advantage of being one of the less difficult methods to configure but does require that the workstations have a period of time where they will not be used and can be configured to update automatically. 

Configuring Sophos Endpoint Security clients to update with Deep Freeze

Sophos Endpoint Security supports the use of a command line function that can be used to trigger antivirus updates when the workstations enter into maintenance mode. To configure Deep Freeze to trigger Sophos definitions to update when maintenance mode starts follow the process below:

 

Deep Freeze 7.5 or Higher

1. Open the Deep Freeze Configuration Administrator.

2. Configure your Deep Freeze install package as per your normal requirements, including passwords and other settings that may be required.

3. Click on the Workstation Tasks tab.

4. Select Batch File in the Task Type drop down and click Add.

5. Name the event “Sophos Antivirus” in the Name field.

6. Select the frequency for the updates to occur in the Day drop down and set the start and end time for the event.

7. The options “Allow User to Cancel Event”, “Shutdown after Maintenance”, and “Disable Keyboard and Mouse” can be enabled if desired.

8. Click on the Batch File tab.

9. Enter the following in the Batch File Contents field on the tab:
@ECHO OFF
IF EXIST "C:\Program Files\Sophos\AutoUpdate\ALUpdate.exe" "C:\Program Files\Sophos\AutoUpdate\ALUpdate.exe"
IF EXIST ""C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe"" ""C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe"

10. Click on the “Create” button on the toolbar and save the Workstation Install Program in a location that you will remember.

11. Install the updated workstation install file on your workstations.

 


Deep Freeze Version 7.4 or Lower
1. Open the Deep Freeze Configuration Administrator.

2. Configure your Deep Freeze install package as per your normal requirements, including passwords and other settings that may be required.

3. Click on the Embedded Events tab.

4. Select Maintenance in the Event Type drop down dialog and click Add.

5. Name the event “Sophos Antivirus” in the Event Name field.

6. Select the frequency for the updates to occur in the Day drop down and set the start and end time for the event.

7. Select the Batch File option in the Run drop down.

8. The options “Allow User to Cancel Event”, “Shutdown after Maintenance”, and “Disable Keyboard and Mouse” can be enabled if desired.

9. Click on the Maintenance tab.

10. Enter the following in the Batch File field on the Maintenance tab:
@ECHO OFF
IF EXIST "C:\Program Files\Sophos\AutoUpdate\ALUpdate.exe" "C:\Program Files\Sophos\AutoUpdate\ALUpdate.exe"
IF EXIST ""C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe"" ""C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe"

11. Click on the “Create” button on the toolbar and save the Workstation Install Program in a location that you will remember.

12. Install the updated workstation install file on your workstations.

(11 vote(s))
Helpful
Not helpful

Comments (0)