Where did you hear that? My stake has been on Sophos for over 5 months, and I never noticed any major update that took an exceptionally long time. Since it updates almost every time you start up the computer, I don't see how it would get that far behind.RussellHltn wrote:It would appear that every month to 4 months, Sophos has to do a major update of itself. I wonder what that's like.
Updated LU Security Software
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
Well, there's no free lunch. With Symantec, you had to do manual updates. With Sophos, you get automatic updates. For units on broadband, those updates are done at startup, so it does take a little more time. But the benefits of staying current, and not having to run around to all the computers in the stake applying updates manually, are well worth a few extra seconds.Techgy wrote:I noticed today that it's taking a few seconds longer to boot the computer. So there's definitely an impact with the new Sophos AV/Firewall.
-
- Community Moderators
- Posts: 3183
- Joined: Sun Jan 13, 2008 6:48 pm
- Location: California
That's certainly encouraging. The updates must be occuring before the desktop appears. It's possible that the updates are downloaded during operation and then installed at the next boot, which would take a few extra moments.Alan_Brown wrote:Well, there's no free lunch. With Symantec, you had to do manual updates. With Sophos, you get automatic updates. For units on broadband, those updates are done at startup, so it does take a little more time. But the benefits of staying current, and not having to run around to all the computers in the stake applying updates manually, are well worth a few extra seconds.
The fact that you've been using it for 5 months give me some hope that we're embarking on well-proven path.
-
- Community Moderators
- Posts: 9924
- Joined: Mon Mar 17, 2008 12:30 am
- Location: USA, TX
The updates, whether it is for the virus definitions or program updates occur in the first few minutes after a user logs on. You can tell by checking the Sophos system tray icon. It is a shield with a green stripe while it is updating. For more information about the system tray icon and what its display means look here.Techgy wrote:That's certainly encouraging. The updates must be occuring before the desktop appears.
For FHC computers the on-access scanning is disabled. This is evidenced by the gray system tray icon. I am not sure about administrative computers. I did not yet checked the color of the system tray icon since the installation. You can read more about on-access scanning here.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
-
- Community Moderators
- Posts: 3183
- Joined: Sun Jan 13, 2008 6:48 pm
- Location: California
It's odd that the on-access scan would be disabled for FHC computers. I would believe that the same protection would need to be available there as with the administrative boxes.jdlessley wrote:The updates, whether it is for the virus definitions or program updates occur in the first few minutes after a user logs on. You can tell by checking the Sophos system tray icon. It is a shield with a green stripe while it is updating. For more information about the system tray icon and what its display means look here.
For FHC computers the on-access scanning is disabled. This is evidenced by the gray system tray icon. I am not sure about administrative computers. I did not yet checked the color of the system tray icon since the installation. You can read more about on-access scanning here.
Anyway, thanks for the tips!
I still have 5 administrative computers to update with Sophos and the CM software upgrade. I'm going to give the wards a few days before I make the changes. The two machines at the stake were both upgraded yesterday and they're working fine aside from the slightly slower boot times and the fact that they both forced me to disable the Symantec services prior to the Sophos install.
BTW I had the occasion to contact MLS support yesterday morning on another issue and while I was on the phone I asked the tech if his department was responsible for the Sophos Package Installer and he confirmed that it was. I then mentioned the problem with the installer not shutting down Symantec and they are apparently aware of it.
-
- Community Administrator
- Posts: 34513
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
This pageAlan_Brown wrote:Where did you hear that?
It appears there are two parts to the program. The version and the IDE files. The IDE is what updates on a daily basis. Installing the IDEs (virus signature files) will not upgrade your version. So somewhere along the line, you'll have to upgrade the version.Please note: We do not provide IDEs for versions of Sophos Anti-Virus that are more than three months old.
How major the version upgrade is, I don't know. On broadband, it may be trivial. Dial-up seems to be a different story. Our system keeps trying to download a file that it says will take 50-60 minutes to download on a 52Kb link shared with MLS.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Community Administrator
- Posts: 34513
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
That has more to do with the way the church configured Symantec. Symantec is perfectly capable of updating itself over broadband as proven by the FHC version of the installs.Alan_Brown wrote:Well, there's no free lunch. With Symantec, you had to do manual updates. With Sophos, you get automatic updates. For units on broadband, those updates are done at startup,
My best guess is that the church was trying to use the same configuration for both broadband and dial-up. Not finding a satisfactory solution for dial-up, they disabled updating altogether.
My concern is that the Church bought into a salesman's claims of smaller updates (4-14MB vs. 67MB) and didn't realize the issue of having to upgrade every few months vs. upgrading every few years. I know how easy it is to get burned on those details. (BTDT - got the T-shirt)
I'll be happy to eat my words, but the proof is in an effective process for dial-up users. I can think of a few ways that could be done, but there'll be some issues with each approach. We'll just have to see how this plays out.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
RussellHltn wrote:It appears there are two parts to the program. The version and the IDE files. The IDE is what updates on a daily basis. Installing the IDEs (virus signature files) will not upgrade your version. So somewhere along the line, you'll have to upgrade the version.
What do you mean by "you'll have to upgrade the version"? Surely you don't mean it will have to be done manually. I assume you just mean that there will be a somewhat larger download periodically as part of the automatic update process.
As you noted earlier, the version of Sophos that is installed by the new anti-virus installer is 4.47E. It then automatically updates itself to 4.49E the first time you restart, if you are on broadband. So it is clear that the automatic update mechanism updates not only the IDEs within a level, but actually upgrades the version as well.
My guess is that the big download you are seeing on your dial-up system is indeed a version upgrade from 4.47 to 4.49. That upgrade takes only a few minutes on a broadband system, but of course would be much slower on dial-up.
RussellHltn wrote:My concern is that the Church bought into a salesman's claims of smaller updates (4-14MB vs. 67MB) and didn't realize the issue of having to upgrade every few months vs. upgrading every few years.
I don't understand at all how you can claim that there are upgrades "every few months". My experience, and the Sophos page you linked to, both indicate that there is a version upgrade every month. Note that the versions are dated 200910, 200911, 200912, 201001. That sure looks like every month to me.
But the fact is that the Symantec upgrades were much larger on a daily basis than for Sophos. That daily update is the bigger factor than an occasional version upgrade (which Symantec did more often than "every few years", BTW). I don't think you have the facts on your side to insinuate that the Church got taken by a salesman.
-
- Community Administrator
- Posts: 34513
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
The generic "you" as a system designer.Alan_Brown wrote:What do you mean by "you'll have to upgrade the version"? Surely you don't mean it will have to be done manually. I assume you just mean that there will be a somewhat larger download periodically as part of the automatic update process.
Yes, on broadband, it is done automatically. What will eventually be worked out for dial-up users is unknown. I would not rule out a manual process at this point.
Yes, there is a version every month. But you can stay current with the definitions (IDE) for up to 3-4 months. Beyond that, one has no choice but to either upgrade or let the thing go stale. So "every few months" if you want to try and minimize the number of upgrades yet stay current on the virus definitions.Alan_Brown wrote:I don't understand at all how you can claim that there are upgrades "every few months". My experience, and the Sophos page you linked to, both indicate that there is a version upgrade every month. Note that the versions are dated 200910, 200911, 200912, 201001. That sure looks like every month to me.
Out of curiosity, do you know what the size is for a weekly update? The size I gave was for the manual download process which covers a lot more ground. I do remember the comment made that there was an issue if too many smalls ones were missed that the update file became rather large.Alan_Brown wrote:But the fact is that the Symantec upgrades were much larger on a daily basis than for Sophos.
While Symantec did do version upgrades, they were rarely (if ever) required to be able to run the current virus definition files.Alan_Brown wrote:occasional version upgrade (which Symantec did more often than "every few years", BTW).
I have yet to see Sophos do anything that couldn't be done by Symantec. Of course it's also possible that the church just got a better deal from Sophos. Budgets are still a very real consideration.Alan_Brown wrote:I don't think you have the facts on your side to insinuate that the Church got taken by a salesman.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 18
- Joined: Thu May 08, 2008 3:25 pm
Sophos Information
Just a comment, We recently changed to Sophos anti-virus at my work where I am the system administrator. Sophos is the best anti-virus/malware software I have ever used. It has caught more malware and virus attacks than any previous software I have used. I am very pleased with the choice of Sophos anti-virus to protect the Stake and Wards computers.