This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Advisory] MacOS 11 "Big Sur" is not supported (Central and On-Premise Endpoint).

Hello Community,

Overview

This article provides information about support for macOS 11 Big Sur.

Endpoint Protection does not support macOS 11 (Big Sur) yet. Please do not upgrade until we announce support for it. We will have an Early Access Program (EAP) available soon.

Applies to the following Sophos product(s) and version(s)
Central Mac Endpoint,
Sophos Enterprise Console Managed - Sophos Anti-Virus for Mac OS X,
Central Device Encryption for Mac

Operating systems
macOS 11 "Big Sur"

 

Support for macOS 11

Apple macOS 11 is released on the 12th of November, however, it is not yet supported for Endpoint Protection by Sophos.

Upgrading to macOS 11 will result in endpoint protection being disabled. We strongly recommend that customers do not upgrade any macOS clients running Endpoint Protection to macOS Big Sur at this time.

The EAP for Sophos Central is targeted for the week of Nov. 23rd, 2020, pending final testing.  The EAP will run through our Sophos Community with details to follow.

On-premise customers will also get a version of endpoint protection that is supported on macOS 11 but will not have access to an EAP or Preview ahead of full support.

Central Device Encryption (CDE) for Mac version 1.5.3 supports macOS 11 Big Sur. This was rolled out recently but bear in mind that if you use both Endpoint and CDE you will still need to wait before upgrading to Big Sur.

ARM-based CPUs are not currently supported. They require macOS 11 and additional testing and requirements. Sophos will support ARM-based CPUs, however, the details of that support will be provided at a later date.

Next update

The next update will be when the EAP becomes available. ETA: week of 23 November 2020




This thread was automatically locked due to age.
  • Two questions:

    1) What should admins do if users have already updated to macOS 11?
    2) What should admins do for new computers that start off with macOS 11 installed?

  • If you are on Central, you will need to enroll in the EAP when it comes out. However, until then the machines will be unprotected. Otherwise, you will need to downgrade to Catalina to restore the protection on the devices.

    For new machines, hold off on providing them to users until the EAP is available.

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Hi Sophos team,

    as we're trying to enforce the policy of not updating to BigSur across the org - would you be so kind to add 'macOS Big Sur installer' to the list of controlled software, so that we could prevent Big Sur installation being initiated by users right from the Sophos central admin panel?
    It seems logical to me that we would be able to use Sophos to lock the app that would break Sophos upon being launched.

  • Hi,

    We are rolling out a new Application Control identity on the 1st December that will allow blocking of the Big Sur installer, it will be added in the "System Tools" category which means you could select the "added in future" option in order to get this active as soon as it is available.

    Darren.

  • That's amazing, thank you so much!