Sophos appreciates your assistance. Please make sure to read all the items in this post. Also, please report any issues on the Discussions forum - we need your feedback to help improve the product.


Overview

Sophos has enabled an Early Access Program (EAP) that allows you to run the Sophos Central Endpoint protection client on macOS 11 (Big Sur).

Signing up for the Big Sur EAP

The following steps will provide a short overview about how to setup the Sophos Endpoint Client. Please be aware that this setup is for the EAP and is supported through the Sophos Community only.

  1. Open a web browser and navigate to central.sophos.com
  2. Login with your SophosID
    Note: 
    1. [01 Dec 2020] Sophos Partner accounts (MSP) are now eligible for the EAP.
    2. The Sophos Enterprise dashboard is not compatible - you must log into a specific estate dashboard to access the EAP.
  3. You may receive a notification about joining the EAP. If not – navigate to the upper right corner, click on your username, and select “Early Access Programs” 
  4. Follow the instructions to sign up
  5. Once complete – you will see a “Manage” button

Registering Existing MacOS Endpoints into the EAP

Now that you have enrolled in the EAP you will need to go through a few steps to register your Mac Endpoints into the program.

Be aware that an endpoint will not get the EAP software until it is registered.

Note: This is an EAP and PRODUCTION devices should NOT be enrolled in it.

  1. Click on your Username in the upper right
  2. Select 'Early Access Programs'
  3. For the Big Sur EAP click on 'Manage'
  4. Add the desired endpoints into the 'Assigned Devices'

  5. Click Save

This will render the correct policy and endpoint software to the target devices.

Setting up a new device into the EAP

  1. Go to the Sophos Central Dashboard and select the option “Protect Devices” at the left tab
  2. Download the file and execute the “Sophos Installer” app
  3. Follow the instructions from setup and wait until the installation finished
  4. Once the Sophos Endpoint is installed, you might receive a notification about granting fulldiskaccess
    1. Disregard this as you will first install v10.0.1
  5. Once complete, assign your new client to the EAP to install v10.0.2 of Sophos Central for macOS
  6. After updating to v10.0.2, please follow the instructions to grant fulldiskaccess and to ensure that the new System Extensions are applied.
    1. macOS 11 Big Sur (previously known as 10.16)

Apple M1 based chip (ARM Device) - Use at your own risk!

Note: EAP v10.0.2 has not been designed to support this new chip natively. Sophos plans to deliver support at a later time. The steps below are provided as-is and at your own risk.

For users wanting to test the EAP v10.0.2 with Apple's new M1 based chip, you will first need to install Rosetta 2.

How to install Rosetta 2

  1. Open the terminal.app at the macOS 11 (Big Sur) client
  2. Execute the following command – no sudo required
    /usr/sbin/softwareupdate --install-rosetta --agree-to-license

Now you can install the EAP v10.0.2 by using Intel compatibility mode. For more details please see https://support.apple.com/en-us/HT211861 

Release information

Stay tuned for more information regarding an official release.


Recommended Reads

Please make sure to visit our Recommended Reads section and reference the various How-to's and important information related to this EAP.

Anonymous