With the scripts in place within Active Directory to automatically install Sophos when a machine is first bound to the MASH domain, I have changed the order of steps I complete when preparing a new Windows machine for deployment. It's nice to have Sophos installed automatically.
These are the revised steps:
1) Ghost using latest image.
2) Windows Update: high priority, software and hardware.
3) Rename machine and bind to MASH.
4) Move machine to proper location in Active Directory.
5) Reset SUS Client ID.
6) Add user(s) as local administrator(s).
7) Spybot Search and Destroy: update, check for problems and immunize.
8) MalwareBytes: update and perform quick scan.
9) SpywareBlaster: update and enable all protection.
10) Ccleaner: cleaner (analyze and fix, 2-3 times); registry (scan for issues and fix, 2-3 times).
11) Check that Sophos has been installed. This should happen automatically within 30 minutes of being bound to MASH.
