Sophos Antivirus is one of the best enterprise grade antivirus for Windows, MAC and Linux operating environments that has features like application control, device control, NAC etc. and has been one of my favourite Antivirus programs. AV agents can only be installed on the client machines from the management console of Sophos or manually using a Sophos ID and password. By default there is no automated way to install the agent when a machine is added in an Active Directory Environment.
Below code helps to create a batch file for example InstallSophos.bat using a text editor and can be added to a startup script GPO to install Sophos Antivirus on newly added machines in a domain.
This batch file first checks if Sophos is already installed on a machine for both 32 bit and 64 bit Windows operating systems and installs the AV Agent in the background if not found.
Add Sophos server FQDN or IP address, User ID and respective password inplace of SophosServerNameHere, Domain\UserNameHere and PasswordHere in the below script.
We can even remove all the lines which start with REM as they are just comments which would make this a 5 line script :)
REM – Check for an existing installation of Sophos Anti-Virus on the system
REM – For 64 Bit Windows
if exist “C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe" goto EOF
REM – For 32 Bit Windows
if exist “C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe” goto EOF
REM Deploy to Windows 2000/XP/2003/Vista/2008/7/2008R2
REM – Replace SophosServerNameHere with Actual Sophos Anti-Virus Server Name in your Network –
REM – Replace Domain\UserNameHere with Sophos Account ID in your Environment –
REM – Replace PasswordHere with Password of Above Sophos Account –
\\SophosServerNameHere\SophosUpdate\CIDs\S014\SAVSCFXP\Setup.exe -s \ -user "Domain\UserNameHere" -pwd "PasswordHere" -mng yes
REM — End of the script