Note: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
This knowledge base article provides a high-level overview on how to use Microsoft Intune to deploy the Sophos Central Windows endpoint software.The steps below are provided with the assumption that Intune has already been used to deploy packages to Windows endpoints and you are already familiar with the general workflows described.The following sections are covered:
Applies to the following Sophos product(s) and version(s)Central Windows EndpointSophos Endpoint Security and Control
Note: It is recommended to deploy using AutoPilot from Windows enrollment
The message INFO File 'C:\Temp\IntunePackageOutput\SophosSetup.intunewin' has been generated successfully will be displayed.
INFO File 'C:\Temp\IntunePackageOutput\SophosSetup.intunewin' has been generated successfully
Advanced endpoint protection coupled with a simple, intuitive user experience
%ProgramFiles%\Sophos\Sophos Endpoint Agent\uninstallcli.exe
File or folder exists.
Once your endpoint is configured and enrolled with Windows Autopilot the software will automatically deploy to your device. The end-user may see the following notifications if these were configured in the above application creation.The end-user will also see the Sophos endpoint Agent icon in the system tray:
Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues.
Nice Article. Alas,,, what about removing Windows Defender; Is it not as important, to not be running two endpoint protection applications at the same time?My understanding is that Defender will automatically enter into a passive state when it detects another AV product installed... However is that true and for Microsoft Servers as well?
Sorry for the late response, the information you are looking for can be found here in Microsoft's documentation.
Where can I find the Mac equivalent instruction of this for the .intunemac package? A co-worker and I have tried to create custom scripted packages since the installer, as it comes, is an .app not a pgk file. Our best result so far gets rejected by intune because the MacOSLobChildApp (aka the sophos client installer) has an null or empty BuildNumber.
Thank you for the clear how to. It saved us hours.
Recently (over the past month) the installation stopped working on all new computers/ clients. I opened a ticket with Sophos but they weren't able to help me out. Anyone have any ideas? Did this happen to you?
We had the same issue. What fixed it for me was to download the latest version of sophos and build the intune package by uploading a new .intunewin file. Best of luck!