Sophos

Online support

Product maintenance

Contact support

Support services

Sophos Anti-Virus for Windows 2000+: Application Control monthly updates with KAT

Sophos Anti-Virus for Windows 2000+ with Application Control, version 6, was retired in October 2007. You should upgrade to Sophos Anti-Virus for Windows 2000+ version 7 or higher.

The Sophos Anti-Virus updates for Application Control no longer support this version of Sophos Anti-Virus, so this article is no longer relevant.

Each month, Sophos Anti-Virus for Windows 2000+ with Application Control is updated with details of new controlled applications. If you have on-access scanning for potentially unwanted applications (PUAs) enabled, these applications will be blocked by default.

Before the monthly update takes place, you must pre-authorize any of those applications that you want to be able to use by running the Known Applications Tool (KAT).

Note: If you do not do this, your end users may be unable to run applications they need.

KAT can only be used with

What to do

When you receive the monthly notifications email, do as follows.

1. Downloading KAT

  1. Read the notification email from Sophos. This tells you which applications will be blocked in the next release.
  2. At the computer running Sophos Enterprise Console, open your internet browser and enter

    www.sophos.com/support/updates/dp/full/katsfx.exe
    (You could bookmark this address for future use.)
  3. When prompted, enter your Sophos user credentials. (These are the credentials for the downloads area of the Sophos website.)
  4. Click 'OK'.

2. Running KAT

  1. In the 'File Download' dialog box, click 'Run' (or 'Open) and follow the instructions in the tool installation wizard.
  2. In the 'Destination folder' field, the folder where the tool will be installed is displayed. By default, this is C:\sophkat.
  3. Click 'Install'.

Once KAT has updated the 'Known applications' list, you can authorize any applications you want.

Note: If when you run KAT, a black command prompt window is displayed, see Enterprise Console settings for KAT below.

3. Authorizing wanted applications

  1. Open Enterprise Console.
  2. In the Policies pane, double-click 'Anti-virus'.
  3. Double-click the policy you want to change. The 'Anti-virus policy' dialog box is displayed.
  4. Click 'Authorize applications'.
  5. In the 'Authorize applications' dialog box, in the 'Known applications' list, select the application you want.
  6. Click 'Add' to add it to your list of authorized applications.
  7. Close any open dialogs to return to Enterprise Console.

Repeat this process for any of your other anti-virus policies.

Enterprise Console settings for KAT

When KAT is run, if your Enterprise Console database settings are not the default settings a black command prompt window with the following error message will be displayed:

[DBNETLIB]SQL Server does not exist or access denied.
[DBNETLIB]ConnectionOpen (Connect()).
Failed.
Usage: AddAppNm [SERVER\INSTANCE_NAME] [DATABASE_NAME]

KAT updates the 'Known applications' list for your installation of Enterprise Console using the following settings:

DatabaseServer .\SOPHOS & DatabaseName SOPHOS2

These are the default settings for Enterprise Console version 2. If you are using SQL server, or your Enterprise Console database is on a different computer from the console, your settings may differ.

In this case you will need to run AddAppNm.bat manually from a command prompt:

  1. Open a command prompt.
  2. Type
    C:\sophkat
    (If you installed to a folder other than C:\sophkat, move to that folder.)
  3. Type
    dir AddAppNm.bat
    to check that you are in the correct place.
  4. Type:
    AddAppNm [SERVER\INSTANCE_NAME] [DATABASE_NAME]
  5. Run KAT again. It should now run correctly.

If KAT still fails, check that you are running it on the correct server, and that your account has sufficient user privileges to update the Enterprise Console database.

If you need more information or guidance, then please contact technical support.