This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SAV for Linux Free Edition is Discontinued

Hey Folks,

Just as the subject says... this is not a question but apparently a true statement of fact, at least as far as Sophos engineers are concerned.

For more information on how I learned this, keep reading...

So I was following these links...

Free Tools (click "Sophos Antivirus for Linux Free Edition" at the bottom) -> Antivirus for Linux (click "Get Started" at the top right) -> Antivirus for Linux - Download

You'll then get a form to fill in, but filling it in results in this message...

" This product is no longer available for trial. "

Which doesn't even make sense, it's not a trial -- it's a free tool.

So I started a support case (#9982729 for any Sophos staff wondering) asking if it was discontinued or if this was in error.

Presumably due to the confusion of this being about a free product, it escalated directly to a "Global Escalations Engineer" who immediately began to ask questions of their product management and marketing teams.  Later on he got back to me with this...

" You may or may not be aware that a number of longstanding and legacy products have been recently had their End of Life set.
This house cleaning has been to enable us to focus more of our resources on the newer products and those that are inline with changing technology.
All our supported products are continuing to be supported in keeping with any changes to End of life,

The SAV for Linux "free" offering is a area which was marked for removal. Unfortunately the team responsible for the product availability completed their task before the team responsible for updating all the web-pages and documentation that reference SAV for Linux free version. This was an oversight which we are trying to catch up with. "

I asked if a link to their latest sav-linux-free-9.tgz file could be provided anyway (e.g. for preservation purposes), but instead that question was sidestepped and instead he said their Product Manager was willing to make it available to paying customers and they are curious as to why a paying customers would need it (e.g. their thoughts was maybe it was for... " home use or other applications outside of their licensed infrastructure ").

So I replied stating that I was still able to perform new installations of the Free SAV for Linux using a backed up copy of sav-linux-free-9.tgz that I'd kept, which installs...

SAV: 9.15.1, Engine: 3.74.2, Data: 5.55

But curiously when I ran /opt/sophos-av/bin/savupdate it updated just fine to the below versions using the normal Sophos update servers.  The update server was accessed using the default username of FAVLeSED5Q5MM and password of e7rtzqqzezt which is kept in the savd.cfg file, I expect it is the same for all Free SAV for Linux users (as even Google shows a few mentions of those credentials on this forum).

SAV: 9.16.2, Engine: 3.79.0, Data: 5.76

To which I was told that he is not expecting access to the update server to be disabled in the short term, but at the same time he stated there would be no further product updates for the free release.  Which is a completely mixed message if you ask me, especially as he goes on to say the standalone version (I'm presuming is where no Enterprise Console or Sophos Central is used) wouldn't be discontinued until 20th July 2023 and the next version is due out in October 2020.

I lastly pointed out that there is a possibly, that a culture may be created where the sav-linux-free-9.tgz file is shared online (which adds a nice ironic risk of introducing malware) as people will just work out that they can still receive updates to the latest versions after that.  This surely completely defeats the point of why Sophos had this offering, to attract people to its website for this file and see what products they sell etc...

I got no reply really to that.  I also asked if the unlicensed / free tier of the Home edition for Windows was about to be axed too (given their original statement about " being more focussed " when it came to announcing the end of life of many products)... to which all I got told was... " I can not comment on whether any windows products will not be affected but doubt the free Sophos home will be withdrawn ".

So it sounds like Sophos don't give a crap about Linux users any more.

Hopefully someone, somehow, somewhere has got their wires crossed (and would have had to have been multiple times, this case went on for a good 11 messages).

But it certainly looks bad, and it's not going to please developers or engineers who use Linux at home who might be (or one day become) purchase decision makers or influencers when it comes to network products.

However it does appear that SAV for Linux isn't the only option now if you want on-access (real time) scanning for free.


This thread was automatically locked due to age.
  • The product in Sophos Central will continue beyond July 2023

  • Forgive me for being ignorant, but what does that mean?  Is there, or is there not, any standalone version that will continue?  What does Sophos Central entail? I've looked, but am struggling to understand.  It seems to me that Sophos really don't want non-business users.  There are pretty pictures of screens, but I can't work out what runs where.  If I have a linux laptop, and carry it around, can it have an anti-virus system on it, or does it need to be on a network all the time?  

    I am, as the above no doubt illustrates, baffled and dim.

  • You asked if there was a non-free product that will be available after 2023; and there will be, the Linux product in Sophos Central. 

    There is no standalone version that will continue, no. For non-business users looking for a Linux product, there isn't anything that Sophos offers now that the free edition has been removed for download. Existing users of the free edition can continue to use it until we stop providing updates at a date yet to be confirmed. 



  • Stephen,

    Thanks.  I still don't understand what Sophos Central really entails, but you say it would not suit my needs since I am not a business (1 desktop, 1 server, and 1 laptop).  I guess I'll have to accept that.

    According to your website at, SAV Sophos Anti Virus is EOL in July 2023.  Is that not correct, or does it not apply to the free version as well?

    Will you tell us, the users, when updates are withdrawn?

  • I love the complete insanity that Sophos has... when it comes to it's definition terms...

    "New user" = Someone who now can't possibly exist as they're incapable of actually downloading the sav-linux-free-9.tgz file directly from the Sophos site themselves.

    "Existing user" = Someone who already has it installed (so it'll have been able to update itself and will continue to do so)... **or** someone who was smart enough to anticipate some kind of future issue (like the one we're having now) and diligently backed up file sav-linux-free-9.tgz someplace safe.  Even though within that file the components would slowly go out of date, you can always just run the update after anyway... and bingo... SAV itself, it's engine and the data versions would be as perfectly up to date... just as they would be if Sophos just stopped screwing around and actually restored the download file.

    So you can split hairs over EOL and EOS all you like.

    Clearly if you are splitting hairs, your intention and message to us all is...

    We'd really like you to stop using this now

    I'm hoping everyone is now hearing that loudly and clearly.

  • Oh and of course...unless you're still on dial-up 20 years past the point of that making sense...

    90% of users won't be bothering to keep that sav-linux-free-9.tgz file around, thinking they've got more than enough bandwidth to just go re-download it... whenever they need to re-install their OS or get a new PC.

    So you're actually locking out your "Existing Users" by turning them into "Ex-Users" when they need that file again.

    Not that any of those users could be even be treated as "customers", as we were all perfectly happy using a free product without any guarantee of official support anyway... it was kind of the whole point.

  • As it happens, I am one of those old fashioned fools who keeps copies of everything I install, both on the device in question, and also backed up several times as part of my paranoid general backup regime.. 

  • @pastim Ditto, speaking of which...

    My backup of sav-linux-free-9.tgz ... which was downloaded before Christmas, when the 2nd to last time I needed to re-install a PC (as the actual last time, was when I noticed what Sophos had done and made this thread!) has these version numbers...

    SAV: 9.15.1, Engine: 3.74.2, Data: 5.5

    These are seen once installed, or alternatively you can just open the .tar archive and dig around to find them.

    Looking around using Google (using this magic) I managed to find a Spanish bakery website that also seems to have kept a copy of this same version...

    And the MD5 matched my own of...


    So it'd be interesting to know if anyone has anything newer?

    I'm also going to be looking into if there are ways of repackaging the SAV / Engine / Data (which gets freely downloaded off the update servers) into my own .tgz files (and offer instructions for anyone looking to do the same)... maybe then we could get a "sort of" download link back ourselves... if Sophos is just going to be silly about this!

    That's not me saying they're silly for axing the free offering (it was free after all)... but rather it being silly that ONLY existing installations may now use it!  If you're going to axe it, actually properly axe it.

  • Yeah! Finally that happened. Laughing

    I had attempted downloading this tool numerous times - never passed their bureaucratic "export" checks. Hence I was fortunate to stay on other nice solutions like ESET and Dr.Web, which both work well on Linux.

    Now that strange product has been finally flushed to ditch as it deserved. Kissing heart

    Thanks for this great news!