Intercept X Protection Is Getting Even Better

16 Dec 2021

A multi-year endeavor in the making, the rollout of the next-gen scanning architecture has begun. This is a ground-up rewrite of functionality that touches nearly every aspect of Intercept X and delivers multiple benefits to customers.

Reduced footprint
The new architecture significantly reduces the size of the Intercept X agent (memory footprint, services and drivers), while continuing to deliver the incredibly broad feature set that is crucial for stopping the latest threats
Smaller updates
Enhancements to the update delivery mechanism mean that the vast majority of updates will be smaller in size, resulting in reduced bandwidth consumption and less disk space consumed on update cache servers

Customers running the Endpoint Features Early Access Program will have seen these changes throughout the year - we will soon start to rollout this updated agent to all devices.

Starting in the new year we will make a change to devices running Core agent 2.20.11 that will remove the SAV component and migrate to a new updating infrastructure, SDDS3.
Note: A device running 2.20.11 will not guarantee this change has been made. There are a number of ways to check if a device has been migrated to the new architecture the easiest is to see if the Sophos Anti-Virus component has been removed. This can be done directly on a device, or via Sophos Central by looking at the Component lists for devices.

The new updating URLs are already included in the Central Help documentation here: https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/DomainsPorts.html
The new URLs are https://sdds3.sophosupd.com/ & https://sdds3.sophosupd.net

Note: As we are removing the SAV component you should update any 3rd party integrations that you have that look for the presence of SAV on a device to indicate a protected client.

StephenMcKay over 1 year ago in reply to BrucekConvergent

Hello, there are two steps to this rollout; the first is the software release which has completed for Endpoint with Server finishing next week. The next step sets the architecture changes; this started last week and will continue in small batches throughout the next few weeks.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
BrucekConvergent over 1 year ago

Just checking to see if the rollout of this has begun yet or not; ours and most of our clients system have updated to 2.20.11 for the core agent but the old components are still there.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
D Goese over 1 year ago

Hello, does someone know how to fasten up Agent updates? Our Agents are still on 2.20.4.1. If 2.20.10 is already out for about one and a half month I would like to know whether or not this is possible?
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
StephenMcKay over 1 year ago in reply to Kim Cary

Hi Kim,

The Mac product has its own Early Access Program (EAP); we are releasing a new version (10.3.2) next week. This has several performance improvements but is not the same architectural overhaul as we have done on Windows. The work on Mac is part of the architecture changes that we made as part of the Big Sur release.

This new Mac agent will release to devices outside the EAP in February.

Regards,

Stephen
- Cancel
- Vote Up +1 Vote Down
- Sign in to reply
- More
- Cancel
Kim Cary over 1 year ago

Will this update be available for Mac? If so, when?
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel