##master-page:HomepageTemplate
#format wiki
#language en
== Sophos for WIndows ==
=== Project: Anti-Virus Replacement - ICT Unmanaged devices1 ===
<
><
>
Description: ICT are removing Symantec products, to save on license costs. Sophos will be installed as the new antivirus protection. CSG must carry out this task on the WIN domain.<
><
>
Progress: FIrst meeting on 23rd November 2020<
><
>
Second meeting on 25th November 2020: ICT sent the Sophos installation files and Powershell scripts <
><
>
Files uploaded to \\win\dfs\Admin\Sophos AV\DoC <
><
>
nraghwan and rkhandke tested Sophos on Windows 10 VMs - successful<
><
>
rkhandke tested on temp server motmot - unsuccessful, due to licensing. As domain member, sophos accounts appear to have been created in AD, and subsequently disabled by CLAM<
><
>
rkhandke tested GPO startup scripts using WMI to query for existing Symantec and Sophos installations<
><
>
To do: test automated deployment of the Sophos installer package<
><
>
SophosSetup.exe --quiet<
><
>
Successfully tested script on ladywood-vm1:t<
><
>
{{{
wmic product where "name='Symantec Endpoint Protection'" call uninstall /nointeractive
\\aythya\Sources\Applications\Sophos\sophossetup.exe --quiet
}}}
Notes on script: Sophos is configured with an anti-tamper password and cannot be directly uninstalled without the password or ICT procedure<
><
>
To do: sanity checks, check registry keys before running each command<
><
>
Proposed GPO startup script - removes SEP and deploys Sophos, first checking if registry keys exist
{{{
@echo off
reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E327F586-9CB8-4E97-8F61-8D119C3C78F5} /v UninstallString
IF %ERRORLEVEL% == 0 goto uninstallSEP
IF %ERRORLEVEL% == 1 goto no
goto :end
:uninstallSEP
wmic product where "name='Symantec Endpoint Protection'" call uninstall /nointeractive
goto checkSophos
:no
echo "Not Found"
goto checkSophos
:checkSophos
reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D7BB12C-6854-46DF-A67D-F82D778D75C8} /c UninstallString
IF %ERRORLEVEL% == 1 goto installSophos
IF %ERRORLEVEL% == 0 goto SophosIns
goto :end
:installSophos
\\aythya\Sources\Applications\Sophos\sophossetup.exe --quiet
goto end
:SophosIns
echo "Sophos Already Installed"
goto end
:end
}}}
...
----
CategoryHomepage