Sophos Endpoint and Apple macOS 11 Big Sur

Our Endpoint Protection does not yet support macOS 11 (Big Sur). Please do not upgrade until we announce that we support it. We plan to have an Early Access Program (EAP) available soon so that you can test it on your own machines.
Apple will release macOS 11 on the 12th November, we plan to create an EAP in Central to test this release soon, but do not support it yet.

Central Device Encryption (CDE) for Mac version 1.5.3 does support macOS 11, this was rolled out recently but bear in mind that if you use both Endpoint and CDE you will still need to wait before upgrading to macOS 11.

On-premise customers will also get a version of endpoint protection that is supported on macOS 11 but will not have access to an EAP or Preview ahead of full support.

ARM-based CPUs are not currently supported. They require macOS 11 and additional testing and requirements. Sophos will support ARM-based CPUs, however, the details of that support will be provided at a later date.


Please check this KBA for up to date information: https://support.sophos.com/support/s/article/KB-000039501?language=en_US


Link to the Big Sur EAP on the Sophos Community



included info for Big Sur EAP
[edited by: FloSupport at 9:50 PM (GMT -8) on 2 Dec 2020]
Parents
  • Hi, how do we get into the Early Access Program (EAP) for Big Sur support?

  • Hi Brian,

    should work like all other EAPs. But like @DarrenTeagles already mentioned the EAP for Big Sur will be available for testing next week (week commencing 23rd November) with an expected GA release in calendar Q1 2021.

    In general to join EA programs go to your Sophos Central Account:

    1. Click your account name (upper right of the user interface) and select Early Access Programs. On the Early Access Programs page, you'll see a list of the available programs. Some programs are "invite only", e.g. Betas or Alphas. If you want to join an “invitation only” program, you must add the program to the list first. Under Invitation only programs, enter your invitation code.
    2. Click the Join button next to a program.
    3. A description of the program is displayed. Click Continue.
    4. In the End User License Agreement & Privacy Policy dialog, view the agreement and then click Accept. If the program is for endpoint software, an Add devices button is displayed. You must continue to the next step.
    5. Click the Add devices button.
    6. On the Manage devices page, you see a list of the Eligible devices on which you can install the new feature. Use the picker to select the devices where you want to try the new feature. Click Save.
      You can add or remove devices at any time during the program. To do this, go to the Early Access Programs page again and click the Manage button beside the program.

    The software on the selected devices will be updated to include the new features.

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 20.X running on Proxmox

    If a post solves your question use the 'Verify Answer' link

  • Hello Intrusus,

    There might be an issue. When we're joining the EDR program, as you have shown above, we're only able to add Windows based devices. None of our MacOS based devices are 'Eligible' (they are simply not shown in the list). Have you guys tested this to work? If so, what can we do to get MacOS based devices in that list?

  • The EAP for Big Sur is not yet open, we plan to open it tomorrow before close of business (UK time)

  • Thanks for clearing that up. Am I correct the upcoming EAP is for Intel based MacOS only? Is there a timeframe regarding Apple M1 based devices? Are we talking about days, weeks or months?

  • The EAP is for Intel-based Macs only but you should find that our products work in emulation mode under Rosetta 2 on an M1 based Mac. We do not intend to support running our endpoint products in this emulation mode, we expect to have support for M1 based Macs soon after releasing GA support for Big Sur.

  • It seems that Apple indeed has made Rosetta 2 quite effective. Technically I would expect the upcoming EAP version of Endpoint to be quite 'emulatable' on M1. But of course native code should be more efficient. The large challenge is making it all work with Big Sur I presume, not compiling for different CPU's, though that has some challenges by itself. 

  • Seriously???  Q1 general release?  It’s been since June that beta MacOS 11 and beta release of XCode was available.  How is it that this is taking so long?  Kernel extension APIs going away, like network, have been known for a year and a half.  That should have been resolved 2020Q1 general release such that the step difference was small.

  • Hi Darren, 

    How do we sign to to the EAP? - i see that todays update now says December rather than today by CoB

  • how could i assign a mac device for the eap? at the moment i could choose windows devices only...

Reply Children