This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SAV for Linux Free Edition is Discontinued

Hey Folks,

Just as the subject says... this is not a question but apparently a true statement of fact, at least as far as Sophos engineers are concerned.

For more information on how I learned this, keep reading...

So I was following these links...

Free Tools (click "Sophos Antivirus for Linux Free Edition" at the bottom) -> Antivirus for Linux (click "Get Started" at the top right) -> Antivirus for Linux - Download

You'll then get a form to fill in, but filling it in results in this message...

" This product is no longer available for trial. "

Which doesn't even make sense, it's not a trial -- it's a free tool.

So I started a support case (#9982729 for any Sophos staff wondering) asking if it was discontinued or if this was in error.

Presumably due to the confusion of this being about a free product, it escalated directly to a "Global Escalations Engineer" who immediately began to ask questions of their product management and marketing teams.  Later on he got back to me with this...

" You may or may not be aware that a number of longstanding and legacy products have been recently had their End of Life set.
This house cleaning has been to enable us to focus more of our resources on the newer products and those that are inline with changing technology.
All our supported products are continuing to be supported in keeping with any changes to End of life,

The SAV for Linux "free" offering is a area which was marked for removal. Unfortunately the team responsible for the product availability completed their task before the team responsible for updating all the web-pages and documentation that reference SAV for Linux free version. This was an oversight which we are trying to catch up with. "

I asked if a link to their latest sav-linux-free-9.tgz file could be provided anyway (e.g. for preservation purposes), but instead that question was sidestepped and instead he said their Product Manager was willing to make it available to paying customers and they are curious as to why a paying customers would need it (e.g. their thoughts was maybe it was for... " home use or other applications outside of their licensed infrastructure ").

So I replied stating that I was still able to perform new installations of the Free SAV for Linux using a backed up copy of sav-linux-free-9.tgz that I'd kept, which installs...

SAV: 9.15.1, Engine: 3.74.2, Data: 5.55

But curiously when I ran /opt/sophos-av/bin/savupdate it updated just fine to the below versions using the normal Sophos update servers.  The update server was accessed using the default username of FAVLeSED5Q5MM and password of e7rtzqqzezt which is kept in the savd.cfg file, I expect it is the same for all Free SAV for Linux users (as even Google shows a few mentions of those credentials on this forum).

SAV: 9.16.2, Engine: 3.79.0, Data: 5.76

To which I was told that he is not expecting access to the update server to be disabled in the short term, but at the same time he stated there would be no further product updates for the free release.  Which is a completely mixed message if you ask me, especially as he goes on to say the standalone version (I'm presuming is where no Enterprise Console or Sophos Central is used) wouldn't be discontinued until 20th July 2023 and the next version is due out in October 2020.

I lastly pointed out that there is a possibly, that a culture may be created where the sav-linux-free-9.tgz file is shared online (which adds a nice ironic risk of introducing malware) as people will just work out that they can still receive updates to the latest versions after that.  This surely completely defeats the point of why Sophos had this offering, to attract people to its website for this file and see what products they sell etc...

I got no reply really to that.  I also asked if the unlicensed / free tier of the Home edition for Windows was about to be axed too (given their original statement about " being more focussed " when it came to announcing the end of life of many products)... to which all I got told was... " I can not comment on whether any windows products will not be affected but doubt the free Sophos home will be withdrawn ".

So it sounds like Sophos don't give a crap about Linux users any more.

Hopefully someone, somehow, somewhere has got their wires crossed (and would have had to have been multiple times, this case went on for a good 11 messages).

But it certainly looks bad, and it's not going to please developers or engineers who use Linux at home who might be (or one day become) purchase decision makers or influencers when it comes to network products.

However it does appear that SAV for Linux isn't the only option now if you want on-access (real time) scanning for free.


This thread was automatically locked due to age.
  • This discontinuance is unfortunate for the many Linux Desktop users.  In 2017 I tested six Linux anti-virus programs, based on the A/V Tests article of 2015 (why hasn't there been an independent test since then?). including Avast, BitDefender, ClamAV, ESET NOD32 (a  64bit application which requires 32 bit multilib installation), Sophos, and Symantec.  The only free version available is ClamAV.  Sophos was free, and had a very high detection rate and lowest memory usage.  ESET, the highest detection rate for windows and linux malware, was low cost ($49/yr) and lower memory than Sophos, so it was used it for two years until they failed to provide timely support to a failed update.  Then in 2019 I moved to Sophos, since AVAST and AVG were file server only products and I could not get Symantec trial without payment and Kaspersky was sanctioned against by USA.  In all the years of using anti-virus I have not had one warning.  HOWEVER in 2013 on a Windows machine running TechProtect (a ClamAV for Windows variant), my machine was compromised by ransomware.  So I don't really trust ClamAV to be effective (as was shown in the A/V Test results) .  In my opinion, and lacking a more recent Linux/Unix test of anti-virus products) it would seem the only product for standalone Linux is probably ESET Nod32, since detection effectiveness is the reason one runs anti-virus in the first place.  That's my two cents.  Cheers and so-long, BrianA_MN

    UPDATE:  I was checking ESET Nod32 4 Linux and found that the EOL is 2021!  They will continue to offer the business solution for servers (at $310/year)  It appears ESET is abandoning the Linux Desktop also.  I've sent an email inquiry last week and no one has responded.  That move by ESET leaves the Linux Desktop with only the free (as in beer) solution CLAMAV.  So if you are going to use CLAMAV I highly recommend reading the manual and also the web site and getting the 3rd party signatures and add-ons which will increase the detection rate and also the memory consumed.  Apparently free beer and open-source simply aren't compatible with anti-malware corporate types, so we're on our own and probably should pay more attention to helping the CLAMAV folks (even if they are part of CISCO).  Cheers.  

  • Recently Sophos has been causing problems with installations and updates, even of the kernel.  It took me quite a while to work out why a linux updated kept failing. I hesitate to imagine that this might a deliberate push away from the free product.  Given that there is no future in Sophos I have given up, and am trialling ESET.  

  • Indeed. Thumbsup I totally agree that now we have only two options for Linux: ESET and Dr.Web. And both works similarly well on Windows and Linux. And yes they are pretty affordable. 

  • What ESET product are you talking exactly ?

  • What ESET product are you talking exactly ?

  • I'm using the 64bit version of ESET NOD32 Antivirus 4

  • Hello everybody.

    I am trying to download SOPHOS antivirus for linux version 9 .

    but i do not find the download link.

    Could you give this link  ?

    thank you

  • I'm also trying to do this after re-installing my home file server's OS. When I do find something that resembles a download link it just takes me to the "My Account" page. If I click "Downloads and Updates" it just takes me back to the "Add Product License Credentials" page. Of course there's no way to download it without an account but I haven't tried creating a throwaway account to try downloading that way.

  • I hope you read my note that the ESET folks have listed Nod32 4 Linux with an EOL of 2021!  Check their EOL page for all products.

  • If you read this whole thread you'll read that Sophos has removed the link and it doesn't appear even for trial.  You'll have to use a different product for your server.  ClamAV is about the only product left for Linux.  Although I believe ESET has a central server based product for a small office/enterprise solution.  I'm not sure what theh price is.  Beware the  ESET Nod32 4 Linux is EOL for 2021 also check the ESET support pages.   ClamAV can be enhanced with third-party plugins which will increase the detection rate.  Beware that ClamAV is a Linux virus blocking engine and while it will detect some Windows virus it has never had great detection ratings for Linux or Windows virus by itself.