Sophos NAC 3.0 DEPLOYING THE AGENT USING SMS

Deploying the Agent Using SMS

Using SMS 2003 for a Silent Sophos NAC Agent Installation

Deploying the Agent Using SMS 2003

Copyright 2007 Sophos Group. All rights
reserved. No part of this publication
may be reproduced, stored in retrieval
system, or transmitted, in any form or
by any means electronic, mechanical,
photocopying, recording or otherwise
unless you are either a valid licensee
where the documentation can be
reproduced in accordance with the license
terms or you otherwise have the prior
permission in writing of the copyright
owner.

All other product and company names
are trademarks or registered trademarks
of their respective owners.

Document version 3.0
Published July 2007

2

Deploying the Agent Using SMS 2003

Table of Contents

Using SMS 2003 for a Silent Sophos NAC Agent Installation.......................................................4

General Approach................................................................................................................................................... 4

Packaging the Registry Setting with the Agent Installation.................................................................................... 4

Creating an SMS Package to Deliver the EXE File................................................................................................ 8

3

Deploying the Agent Using SMS 2003

Using SMS 2003 for a Silent Sophos NAC Agent Installation

®

You can use Microsoft
you install the Quarantine Agent on Windows 98SE, you must defer the Agent installation until the next time
the endpoint starts. Use the SMS Installer utility to complete this task because SMS alone cannot defer an
installation until an endpoint restarts. This document describes how to use the SM S Installer utility to defer the
Agent installation until an endpoint restarts.

General Approach

You must complete several steps for SMS to complete a silent installation of the Agent when an endpoint
restarts. The SMS package must update a registry entry that forces the Agent in stallation to run when an
endpoint restarts. SMS pushes the package to endpoints and the package is installed immediately. This
installation is not the Agent, only the package that includes the registry update a nd the Agent installation file.
The next time the endpoint starts, the Agent installs.

In the following example, the SMS Installer utility is used to package the registry update and the Agent
installation file. This utility is available from Microsoft at http://www.microsoft.com/smserver/downloads.

System Management Server (SMS) 2003 to install the NAC Agent on endpoints. When

Packaging the Registry Setting with the Agent Installation

1. Place a copy of the Sophos NAC Agent installation MSI file in a temporary directory.

2. Open the SMS Installer utility.

3. From the Installation Attributes list , select Installation Interface.

4. Click Properties. The Installation Interface window displays.

4

Deploying the Agent Using SMS 2003

5. Click the Media tab, and then select the Single File Installation option button.

6. Click the Application tab, and then type a Software Title and Default Directory.
Note: Do not select the Place default directory und er Program Files check box.

5