In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Sophos Client Firewall: rules for use with Windows Update

You will need to add some extra rules to Sophos Client Firewall to permit access to Windows Update.

The program that handles access to Windows Update is the Windows program svchost.exe, launched as a hidden process. Svchost.exe is usually found in the C:\<Windows>\system32 folder.

As there are security implications to allowing hidden processes, access is restricted to the three Windows update URLs.

What to do

Make the following changes to your Sophos Client Firewall configuration:

1. Select the Processes tab, and add svchost.exe to the launch hidden processes list.
2. Select the Checksums tab, and add a checksum for svchost.exe.
3. Select the Applications tab, and add the following rule:
   
   Name = svchost.exe

Where the protocol is TCP
  and the direction is outbound
  and the remote address is
    update.microsoft.com,
    download.microsoftupdates.com,
    windowsupdate.microsoft.com
Allow it

If you need more information or guidance, then please contact technical support.

• Article ID: 15339
• Created: 9 Jun 2006
• Last updated: 7 Oct 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement