Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.


This post provides information on the retirement of the Cyberoam General Authentication Client. The General Authentication Client is a standalone application for Cyberoam identity-based UTM appliances. It authenticates users with Cyberoam integrated with local or external authentication servers.

Applies to the following Cyberoam products and versions
Cyberoam General Authentication Client (All versions)
Cyberoam UTM appliances


Effective March 31, 2020, Sophos is transitioning the Cyberoam General Authentication Client to the End-of-Life (EOL) phase of its product lifecycle. End-of-Life is the date at which Sophos and Cyberoam will cease providing support for the related product or service including any updates.



End-of-Life (EOL)

Cyberoam General Authentication Client


Known Issues 

There is a known local privilege escalation issue that could potentially allow a local attacker on the endpoint to use the authentication client to elevate their privilege and act as the Local System account. Because of this issue, Sophos strongly recommends anyone using the client transition to one of the solutions listed below. 

Migration Path

Customers using the Cyberoam General Authentication Client should transition to Captive Portal or Cyberoam Transparent Authentication Suite (CTAS) for desktop devices, or register clientless users.

Related information

Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.

Feedback and contact

If you've spotted an error or would like to provide feedback on this blog post, please use the section below. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.