A multi-year endeavor in the making, the rollout of the next-gen scanning architecture has begun. This is a ground-up rewrite of functionality that touches nearly every aspect of Intercept X and delivers multiple benefits to customers. 

  • Reduced footprint 
    The new architecture significantly reduces the size of the Intercept X agent (memory footprint, services and drivers), while continuing to deliver the incredibly broad feature set that is crucial for stopping the latest threats 
  • Smaller updates 
    Enhancements to the update delivery mechanism mean that the vast majority of updates will be smaller in size, resulting in reduced bandwidth consumption and less disk space consumed on update cache servers 

Customers running the Endpoint Features Early Access Program will have seen these changes throughout the year - we will soon start to rollout this updated agent to all devices. 

Starting in the new year we will make a change to devices running Core agent 2.20.11 that will remove the SAV component and migrate to a new updating infrastructure, SDDS3.
Note: A device running 2.20.11 will not guarantee this change has been made. There are a number of ways to check if a device has been migrated to the new architecture the easiest is to see if the Sophos Anti-Virus component has been removed. This can be done directly on a device, or via Sophos Central by looking at the Component lists for devices.

The new updating URLs are already included in the Central Help documentation here: https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/DomainsPorts.html
The new URLs are https://sdds3.sophosupd.com/ & https://sdds3.sophosupd.net

Note: As we are removing the SAV component you should update any 3rd party integrations that you have that look for the presence of SAV on a device to indicate a protected client.