##osx-server

SEP seems pretty heavy handed, although I understand if idle scan was disabled it might help

I mean, 2 1/2 hour battery life? Awesome!

Nick_ZWG I thought that I read that Sophos had introduced some sort of cloud-managed option. Did you ever note and/or review that?

Nick_ZWG we use Trend at the moment

Problem is, that doesn't really solve my problem

My goal is to _remove_ Sophos updates from bandwidth

and the only way to do that (supported way, at least) is to host a Sophos Enterprise Console locally

which is a Windows server / appliance

I'd love cloud management, but I really want to stop having clients download sophos updates from the intertubes

@Nick_ZWG I thought you download the definition files and push them on your own in standalone mode

jhbush: I started doing that

and it got to be way too much work

so now I don't bothert

@Nick_ZWG I learned that lesson as well

AutoSophosDefsDownloader?

Or less crazy, an AutoPkg recipe?

The people here noticed the SEP scheduler randomization failed on the Macs when the entire fleet decided to download the defs at the same time.

@gneagle cooking with gas

Wow, Timbuktuu is finally going to stop being sold

foigus: Yeah, but those bags last forever

Not sure if arekdreyer is being silly...

foigus: I'm not looking forward to trying to figure out how to fit a MacBook Air into my new ARD bag

:-)

foigus :)

We had a site license of it here for remote support (that we didn't renew for OS X). It's only been in the last year or so that users stopped using "Timbuktu" as a verb.

gneagle in your wisdom, which do you recommend? or which does your org uses?

I decline to answer. Sorry!

gneagle in your wisdom, which do you recommend? or which does your org uses?

...

I'm not sure wearing him down will work here

Nick_ZWG: what can I do for you?

Frosh: What is the goal?

natewalck to find the virus

and remove it

Frosh: I inherently dislike AV

nuke and pave?

but I've had an "ok" experience with McAfee

Sophos 9 has been a bag of pain

natewalck: https://osquery.io/ > AV

mikedodge04: Once implemented, ofc ;)

it isn't plug and play.......yet.

or is it?

;)

natewalck: no you have a point

but i stand by my statement!

I think it'll be there before long

Open source tools all the things

mikedodge04: looks more like an equation than a statement ;)

natewalck: "Mathematics equation: A written statement indicating the equality of two expressions. It consists of a sequence of symbols that is split into left and right sides joined by an equal sign. For example, 2 + 3 + 5 = 10 is an equation."

equation == statement

mikedodge04: you mean arekdreyer

arekdreyer ^^

mikedodge04 Fair enough.

grahamgilbert: I kinda answered my own question, but is there an official way to search for a given serial number in Sal's interface?

Nick_ZWG: all machines and then you can filter them

word

anyone have an idea of how to give an app access to a private key not through the gui?

My favorite part of Apple Configurator is when one ipad decides not to fully update and instead goes into recovery mode

gneagle: https://github.com/grahamgilbert/imagr/pull/57

that is what I came up with (+ grahamgilbert )

GaToRAiD: I have tried that & gave up tbh

seriously?

GaToRAiD: yep

my whole project centers around that ;(

GaToRAiD: Maybe more details needed

I really need to start using feature branches ;(

GaToRAiD: we had some crappy VPN software that needed it. There was some other issues though too.

macmule: would that vpn software be cisco any connect?

lol

natewalck: looks good; assume you tested on an AutoNBI boot?

GaToRAiD: nope. Palo Alto global protect.

macmule: gotcha, well this sucks

gneagle: I tested on DeployStudio this time, about to test on AutoNBI

GaToRAiD: our guy amended/fixed a policy on the firewall end & now a non-issue.

GaToRAiD: there are some theads on JAMFNation for that.

DS NBI should behave virutally the same

indeed

macmule: I'll check

Nick_ZWG: It's especially fun when the teacher whose classrooms ipads are now in recovery and she insists that you did something wrong

GaToRAiD: is the private key already in the keychain, or is your thing installing the cert at the same time as needing to grant access to the private key?

elvisizer: it will already be there

yeah, that's hard, not sure that it's possible. I've only found ways to do that when installing the cert to the keychain, the -T option

elvisizer: the cert will be provided by scep

this is one of the reasons I stopped using SCEP actually

arg

Any Zendesk + Munki users here? If so, do you know the syntax for munki:// links in Zendesk tickets?

Why would they have special syntax in Zendesk tickets?