Sophos SSVM Deployment


Sophos Anti Virus can be deployed to use vShield Endpoint.  First install vShield and enable Endpoint for each ESXi host that is hosting VMs that need protecting, steps can be found here.

Sophos Enterprise Console must configured on the network with a VMware vShield network share, this share for the latest updates.

Enterprise Console set up here

To deploy Sophos Secure Virtual Machine (SSVM) follow these steps.

Download the installer and extract to the local drive.

sophos1

sophos2

Choose to install and new SSVM.  From here it is possible to remove an existing SSVM or view protected VMs.  Viewing Protected VMs is worth running through once the SSVMs are deployed.

sophos3

Add the vCentre details.  You must have two service accounts here, one with Administrator role and one for Read-Only.  Add these account to the Administrator and Read-Only roles in vCentre.

sophos4

Enter the vShield details, the account used can be the administrator account added previously.

sophos5

Pick the hosts required.  To add multiple hosts it is required to use DHCP make sure the subnet assigned is enabled for DHCP.  To add a static IP address add each host manually.  Note – to change the IP address of a SSVM it must be removed and re installed.  Make sure its right the first time.

sophos6

Add the network share setup with the relevant account.

sophos7

Add a support password, this is a new password and will be required for future operations such as viewing protected VMs.

sophos8

Choose a time zone and move onto assigning IP addresses.  As above if you want a static IP address deploy each SSVM one by one.

sophos10

Choose a datastore with enough free space, 20GB free is required.  Each SSVM should be pinned to the host it is deployed to, there is an option to select only local datastores, this is fine but bare in mind in large environments the local disks may not be up to the demand in which case shared storage on a performance array will be a better choice.

sophos11

Choose the network, this network must be able to route to the Enterprise Console server.  If you have selected multiple hosts make sure DHCP works on this network.

sophos12

All being well they should deploy one at a time.

sophos13

If they fail there is an installation log within the extracted folder.  The SSVM will check into the Enterprise Console at which point create new policies or add them to existing policies.

 

Leave a comment

Your email address will not be published. Required fields are marked *