Skip to content
For help with the Sophos Protection for Linux agent on your devices, see Sophos Protection for Linux help.

Create a Linux gold image

When installing Sophos Protection for Linux (SPL) in a virtual environment, you can create new virtual machines from a gold image. The gold image acts as a template for your virtual machines. Make sure that each new virtual machine has a different identity from the device being used as the gold image.

You can create gold images from Server Protection to create new virtual machines if you're using SPL on supported Linux operating systems. See the system requirements in the Sophos Protection for Linux release notes.

Prepare your virtual machine

Before you install SPL, you must set up the virtual machine you want to use as your gold image. Update the device you want to use for your image so that the operating system and your apps are how you want them.

Install Sophos Protection for Linux

To install SPL on your gold image, do as follows:

  1. Sign in to Sophos Central.
  2. Go to Devices > Installers.
  3. Click Download Linux Server Installer.
  4. Make the installer executable with the following command:

    chmod +x SophosSetup.sh

  5. Run the installer with the following command:

    ./SophosSetup.sh

    Tip

    You can customize your installation with command-line options. See Installer command-line options for Linux.

Deregister the virtual machine

When setting up a gold image from a virtual machine with Sophos Protection for Linux installed, you must deregister it from Sophos Central so that every instance of a virtual machine that runs from that single gold image gets its own unique identity.

  1. Go to opt/sophos-spl/base/bin/.
  2. Deregister from Sophos Central using the following command:

    ./registerCentral --deregister

  3. Shut down the virtual machine and save the image.

    Requirement

    You must save the image in the shutdown status. You must not restart it as that registers the image again. If this happens, you must follow the steps to deregister the virtual machine again to avoid duplicate devices. See Duplicate device frequently asked questions.

You're now ready to clone your virtual machines from the gold image. When you clone virtual machines from the gold image, they register automatically after they start and connect to the network. You can then manage them in Sophos Central.