Professional Documents
Culture Documents
Versin: 5.2
Edicin: septiembre de 2014
Contenido
1 Acerca de esta gua...........................................................................................................4
2 Productos a instalar............................................................................................................5
3 Pasos clave........................................................................................................................5
4 Descargar el programa de instalacin de Enterprise Console...........................................6
5 Comprobar los requisitos del sistema................................................................................6
5.1 Hardware y sistema operativo..............................................................................7
5.2 Software de Microsoft...........................................................................................7
5.3 Requisitos de puertos...........................................................................................8
6 Cuentas necesarias............................................................................................................8
6.1 Cuenta de la base de datos..................................................................................8
6.2 Cuenta del gestor de actualizacin......................................................................8
7 Preparar la instalacin........................................................................................................9
8 Instalar Enterprise Console................................................................................................9
9 Mejorar la seguridad de la base de datos........................................................................10
10 Descargar el software de proteccin y cifrado...............................................................11
11 Crear grupos de ordenadores........................................................................................11
12 Configurar polticas de seguridad...................................................................................12
12.1 Configurar una poltica de cortafuegos............................................................12
13 Buscar ordenadores.......................................................................................................13
14 Preparar la proteccin de ordenadores..........................................................................13
14.1 Preparar la eliminacin de software de terceros..............................................13
14.2 Comprobar que tiene una cuenta que puede utilizar para instalar
software................................................................................................................14
14.3 Preparar la instalacin del software antivirus...................................................14
15 Proteger ordenadores....................................................................................................14
15.1 Proteger ordenadores Windows de forma automtica.....................................14
15.2 Protect Windows computers or Macs manually................................................15
15.3 Proteger equipos Linux.....................................................................................16
16 Configurar el software de cifrado en los equipos ..........................................................16
16.1 Suscribirse al software de cifrado.....................................................................16
16.2 Preparar la instalacin de software de cifrado..................................................17
16.3 Instalar el software de cifrado de forma automtica.........................................18
16.4 Instalar el software de cifrado de forma manual...............................................19
16.5 Primer inicio de sesin tras la instalacin.........................................................20
17 Comprobar el estado de la red.......................................................................................21
18 Solucin de problemas...................................................................................................21
19 Ayuda para tareas habituales.........................................................................................21
20 Soporte tcnico..............................................................................................................22
21 Aviso legal......................................................................................................................22
2 Productos a instalar
Para proteger los equipos de la red, se instala:
Equipos
independientes
externos
Buscando
actualizaciones
Servidor de
administracin
SOPHOS
Buscando
actualizaciones
Administracin/Creacin
de informes
Buscando
actualizaciones
Consola de administracin de SEC
Servidor de administracin de SEC
Bases de datos de SEC
Sophos Update Manager
Unidad compartida de actualizacin
(software de estaciones)
Grupo 1
Grupo 2
Administracin/Creacin
de informes
Estaciones locales
(Windows, OS X, Linux, UNIX)
3 Pasos clave
Los pasos a realizar son:
Preparar la instalacin.
Buscar ordenadores.
Se asume que dispone de una cuenta de MySophos y que tiene su licencia asociada a dicha
cuenta. Para ms informacin, consulte
www.sophos.com/es-es/support/knowledgebase/111195.aspx.
1. Visite www.sophos.com/es-es/support/downloads/.
2. Introduzca su nombre de usuario y la contrasea de MySophos.
Se mostrarn las licencias disponibles.
3. Seleccione Consola: Descargue el programa de instalacin de Enterprise Console.
1. Vaya a http://www.sophos.com/es-es/products/free-trials/endpoint-protection.aspx.
2. Cumplimente el formulario de registro.
Tras enviar el formulario se le proporcionarn las credenciales de evaluacin. Tambin
recibir un email con la informacin necesaria. Necesitar estos datos al configurar
Enterprise Console.
3. Haga clic en Descargar para obtener el programa de instalacin de Enterprise Console.
SQL Server 2008 R2 Express no es compatible con Windows Server 2003 SP1 ni Windows
Essential Business Server 2008.
Durante la instalacin de .NET Framework 4.0 se reinician ciertos servicios del sistema
(como IIS Admin Service).
Puede que se solicite reiniciar el sistema tras instalar .NET Framework 4.0. Si es as, se
recomienda hacerlo lo antes posible.
6 Cuentas necesarias
Antes de instalar el software de Sophos, debe crear las cuentas necesarias:
Cuenta del gestor de actualizacin. Esta cuenta de Windows permite a las estaciones
acceder a las actualizaciones del software.
Se recomienda utilizar una cuenta con el nombre SophosUpdateMgr.
7 Preparar la instalacin
Para preparar la instalacin:
Compruebe que cuenta con los CD-ROM de Windows y de los Service Packs. Puede que
los necesite durante la instalacin.
Nota: puede activarlo de nuevo despus de instalar el software y descargar los productos
de seguridad.
Cmo habilitar el cifrado SSL para una instancia de SQL Server mediante Microsoft
Management Console
10
Nota: los enlaces en esta seccin llevan a sitios web de terceros y se incluyen como ayuda.
El contenido de estas pginas podra cambiar sin nuestro conocimiento.
11
Si desea utilizar Sophos Client Firewall, se recomienda preparar la poltica del cortafuegos
antes de aplicarla.
Por defecto, el cifrado de discos est desactivado en las estaciones. Debe modificar la
directiva del cifrado de discos para cifrar las unidades. Puede hacerlo en cualquier
momento. Por defecto, Power-on Authentication est activado.
Debe modificar esta directiva para dar acceso a los administradores en los equipos para
realizar tareas de instalacin o verificacin. Esto debe hacerse antes de instalar el cifrado
de discos, consulte Dar acceso a los administradores a los equipos tras la instalacin en
la pgina 17.
Nota: si va a instalar el cifrado por primera vez, se recomienda que active y pruebe cada
opcin paso a paso.
12
13 Buscar ordenadores
Si utiliz el asistente para la descarga de software de seguridad para configurar los grupos
de ordenadores (basados en los grupos de Active Directory), pase a la seccin siguiente.
Vaya a Preparar la proteccin de ordenadores en la pgina 13.
Para que Enterprise Console pueda proteger y administrar ordenadores, primero deber
buscarlos en la red.
1. Haga clic en el icono Detectar ordenadores de la barra de herramientas.
2. Seleccione el mtodo que desea utilizar para buscar ordenadores.
3. Escriba los datos de la cuenta y especifique dnde quiere buscar.
Si utiliza alguna de las opciones Detectar, los equipos se colocan en el grupo No asignados.
Comprobar que tiene una cuenta que puede utilizar para instalar software.
Si los equipos cuentan con software de otros proveedores, compruebe que la interfaz est
cerrada.
Si los equipos utilizan una herramienta de actualizacin de otro proveedor, puede que desee
eliminarla. Consulte el apartado "Eliminar software de seguridad de terceros" de la seccin
"Proteger ordenadores" de la Ayuda de Enterprise Console.
13
Tener derechos de administrador local para los equipos que desee proteger.
Poder iniciar sesin en los equipos en los que instal Enterprise Console.
15 Proteger ordenadores
En esta seccin se describe cmo:
Si lo desea, puede utilizar sus propias herramientas o scripts para instalar la proteccin en
ordenadores Windows. Para ms informacin, consulte
www.sophos.com/es-es/support/knowledgebase/114191.aspx.
14
15
Nota: el cifrado de discos es compatible con Windows XP (32 bits), Windows Vista y Windows
7.
Aviso: Antes de instalar el cifrado de discos en las estaciones:
Asegrese de que las unidades cifradas con otros productos de cifrado se encuentran
descifradas y se ha desinstalado dicho producto.
16
Asegrese de que las unidades cifradas con otros productos de cifrado se encuentran
descifradas y se ha desinstalado dicho producto.
Asegrese de que los equipos ya estn protegidos con la versin 10 del software antivirus
de Sophos.
17
Utilice el comando siguiente para comprobar que no existen errores en los discos:
chkdsk %unidad% /F /V /X
Puede que se requiera reiniciar el sistema y ejecutar chkdsk de nuevo. Para ms
informacin, consulte: http://www.sophos.com/es-es/support/knowledgebase/107081.aspx.
Compruebe el resultado en el visor de eventos de Windows:
En Windows XP: seleccione Aplicacin, Winlogon.
En Windows 7, Windows Vista: seleccione Registros de Windows, Aplicacin,
Wininit.
18
19
20
No estn actualizados.
18 Solucin de problemas
Al ejecutar el asistente para proteger ordenadores, se pueden producir errores en la instalacin
del software de seguridad por diferentes motivos:
No se puede determinar el sistema operativo. Esto puede ocurrir si, al buscar ordenadores,
no introduce su nombre de usuario con el formato dominio\usuario.
Tarea
Documento
Alertas
21
Tarea
Documento
Limpiar ordenadores
20 Soporte tcnico
Para obtener asistencia tcnica sobre cualquier producto de Sophos, puede:
21 Aviso legal
Copyright 20092013 Sophos Limited. Todos los derechos reservados. Ninguna parte de
esta publicacin puede ser reproducida, almacenada o transmitida de ninguna forma, ni por
ningn medio, sea ste electrnico, mecnico, grabacin, fotocopia o cualquier otro sin la
correspondiente licencia del producto, bajo dichos trminos, o sin la previa autorizacin escrita
por parte del propietario.
Sophos, Sophos Anti-Virus y SafeGuard son marcas registradas de Sophos Limited, Sophos
Group o Utimaco Safeware AG, segn corresponda. Otros productos y empresas mencionados
son marcas registradas de sus propietarios.
22
yourself or claiming authorship of the DOC software code, in a way that will prevent DOC
software from being distributed freely using an open-source development model. You needn't
inform anyone that you're using DOC software in your software, though we encourage you
to let us know so we can promote your project in the DOC software success stories.
The ACE, TAO, CIAO, DAnCE, and CoSMIC web sites are maintained by the DOC Group at
the Institute for Software Integrated Systems (ISIS) and the Center for Distributed Object
Computing of Washington University, St. Louis for the development of open-source software
as part of the open-source software community. Submissions are provided by the submitter
"as is" with no warranties whatsoever, including any warranty of merchantability,
noninfringement of third party intellectual property, or fitness for any particular purpose. In no
event shall the submitter be liable for any direct, indirect, special, exemplary, punitive, or
consequential damages, including without limitation, lost profits, even if advised of the possibility
of such damages. Likewise, DOC software is provided as is with no warranties of any kind,
including the warranties of design, merchantability, and fitness for a particular purpose,
noninfringement, or arising from a course of dealing, usage or trade practice. Washington
University, UC Irvine, Vanderbilt University, their employees, and students shall have no
liability with respect to the infringement of copyrights, trade secrets or any patents by DOC
software or any part thereof. Moreover, in no event will Washington University, UC Irvine, or
Vanderbilt University, their employees, or students be liable for any lost revenue or profits or
other special, indirect and consequential damages.
DOC software is provided with no support and without any obligation on the part of Washington
University, UC Irvine, Vanderbilt University, their employees, or students to assist in its use,
correction, modification, or enhancement. A number of companies around the world provide
commercial support for DOC software, however. DOC software is Y2K-compliant, as long as
the underlying OS platform is Y2K-compliant. Likewise, DOC software is compliant with the
new US daylight savings rule passed by Congress as "The Energy Policy Act of 2005," which
established new daylight savings times (DST) rules for the United States that expand DST
as of March 2007. Since DOC software obtains time/date and calendaring information from
operating systems users will not be affected by the new DST rules as long as they upgrade
their operating systems accordingly.
The names ACE, TAO, CIAO, DAnCE, CoSMIC, Washington University, UC Irvine,
and Vanderbilt University, may not be used to endorse or promote products or services derived
from this source without express written permission from Washington University, UC Irvine,
or Vanderbilt University. This license grants no permission to call products or services derived
from this source ACE, TAO, CIAO, DAnCE, or CoSMIC, nor does it grant permission
for the name Washington University, UC Irvine, or Vanderbilt University to appear in their
names.
If you have any suggestions, additions, comments, or questions, please let me know.
Douglas C. Schmidt
Apache
The Sophos software that is described in this document may include some software programs
that are licensed (or sublicensed) to the user under the Apache License. A copy of the license
agreement for any such included software can be found at
http://www.apache.org/licenses/LICENSE-2.0
Boost
Version 1.0, 17 August 2003
Permission is hereby granted, free of charge, to any person or organization obtaining a copy
of the software and accompanying documentation covered by this license (the Software) to
23
use, reproduce, display, distribute, execute, and transmit the Software, and to prepare
derivative works of the Software, and to permit third-parties to whom the Software is furnished
to do so, all subject to the following:
The copyright notices in the Software and this entire statement, including the above license
grant, this restriction and the following disclaimer, must be included in all copies of the Software,
in whole or in part, and all derivative works of the Software, unless such copies or derivative
works are solely in the form of machine-executable object code generated by a source language
processor.
THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
NON-INFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR ANYONE
DISTRIBUTING THE SOFTWARE BE LIABLE FOR ANY DAMAGES OR OTHER LIABILITY,
WHETHER IN CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
ConvertUTF
Copyright 20012004 Unicode, Inc.
This source code is provided as is by Unicode, Inc. No claims are made as to fitness for any
particular purpose. No warranties of any kind are expressed or implied. The recipient agrees
to determine applicability of information provided. If this file has been purchased on magnetic
or optical media from Unicode, Inc., the sole remedy for any claim will be exchange of defective
media within 90 days of receipt.
Unicode, Inc. hereby grants the right to freely use the information supplied in this file in the
creation of products supporting the Unicode Standard, and to make copies of this file in any
form for internal or external distribution as long as this notice remains attached.
Loki
The MIT License (MIT)
Copyright 2001 by Andrei Alexandrescu
Permission is hereby granted, free of charge, to any person obtaining a copy of this software
and associated documentation files (the "Software"), to deal in the Software without restriction,
including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
24
The above copyright notice and this permission notice shall be included in all copies or
substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
25
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This
product includes software written by Tim Hudson (tjh@cryptsoft.com).
Original SSLeay license
Copyright 19951998 Eric Young (eay@cryptsoft.com) All rights reserved.
This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The
implementation was written so as to conform with Netscapes SSL.
This library is free for commercial and non-commercial use as long as the following conditions
are adhered to. The following conditions apply to all code found in this distribution, be it the
RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included
with this distribution is covered by the same copyright terms except that the holder is Tim
Hudson (tjh@cryptsoft.com).
Copyright remains Eric Youngs, and as such any Copyright notices in the code are not to be
removed. If this package is used in a product, Eric Young should be given attribution as the
author of the parts of the library used. This can be in the form of a textual message at program
startup or in documentation (online or textual) provided with the package.
Redistribution and use in source and binary forms, with or without modification, are permitted
provided that the following conditions are met:
1. Redistributions of source code must retain the copyright notice, this list of conditions and
the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials provided
with the distribution.
3. All advertising materials mentioning features or use of this software must display the
following acknowledgement:
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)
The word cryptographic can be left out if the routines from the library being used are not
cryptographic related :-).
4. If you include any Windows specific code (or a derivative thereof) from the apps directory
(application code) you must include an acknowledgement:
This product includes software written by Tim Hudson (tjh@cryptsoft.com)
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
The license and distribution terms for any publically available version or derivative of this code
cannot be changed. i.e. this code cannot simply be copied and put under another distribution
license [including the GNU Public License.]
26