Thread Info
  • State Verified Answer
  • Replies 4 replies
  • Subscribers 14 subscribers
  • Views 1594 views
  • Users 0 members are here
Options
Suggested

How to deploy Sophos XDR endpoint protection and antivirus in offline environments?

Hongbo Xia

Hi team,

The customer has purchased Sophos XDR for 400 terminal PC users, but all the terminal PCs cannot access the Internet. Based on this situation, how can the user computers use the endpoint protection function, how to deploy the agent, and use the antivirus function (Malicious Traffic Detection (MTD))?

If you have any good suggestions, please give them to me. Thank you very much.



Added tags
[edited by: GlennSen at 10:28 AM (GMT -8) on 4 Nov 2024]
Parents
  • +1

    Hello, ,

    We appreciate your reaching out to the Sophos Community Forum.

    So yes, you can set up an update cache and message relay for this kind of setup. 

    • Sophos Update Cache: Setting up an update cache involves installing Sophos caching software, fetching updates from Sophos, and storing them in a cache. This cache allows computers in your network to get updates, saving bandwidth by downloading updates only once. You can manually assign computers to use a specific cache or relay for updating. To set up an update cache, you must ensure that the device meets the requirements, such as running Windows 10 or later, having at least 5GB of free disk space, and ensuring that port 8191 is available and accessible for computers to update from the cache.
    • Message Relay: A message relay is a feature that allows computers to communicate indirectly with Sophos Central. When you set up a message relay, computers will send and receive updates through the relay instead of directly communicating with Sophos Central. This can be useful in environments where direct communication isn’t possible or efficient. To set up a message relay, you need a device running Windows Server 2008 R2 or later with at least 5GB of free disk space. The device must have port 8190 available and accessible for computers to use the relay. Once set up, the relay will facilitate communication between computers and Sophos Central, improving efficiency and network performance.
    • Please refer to these articles for more in-depth information regarding Message Relay and Update Cache. 
    • https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/GlobalSettings/UpdateCaches/index.html
    • https://support.sophos.com/support/s/article/KBA-000003548?language=en_US

    Let us know if you need any further help. 

    Regards, 

    Rutvik Chavda
    Global Digital Endpoint Security Engineer
    If a post solves your question, please use the "Verify Answer" button.

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0 in reply to Rutvik Chavda

    Hello Rutvik,

    Thank you for your reply. I have another question. With the solution you provided, can the terminal device receive instructions from Central, such as web control delivery, scanning task delivery, etc.?

Reply Children
Unfiltered HTML