Sophos appreciates your assistance. Please make sure to read all the items in this post. Also, please report any issues on the Discussions forum - we need your feedback to help improve the product.


This Early Access Program allows customers to test endpoint features running natively on Apple M1 (ARM) hardware with Big Sur.

Once you join the Early Access Program, your Apple M1 devices will run some features of the endpoint natively rather than in emulation, we will add more native support as we move through the EAP to General Availability (GA).

Note: Not all macOS features will be supported natively as part of the EAP and we may close the EAP with some features still running in emulation, this means that Rosetta 2 will still be required after we make support generally available.

Signing up for the Apple M1 (ARM) EAP

The following steps will provide a short overview about how to setup the Sophos Endpoint Client. Please be aware that this setup is for the EAP and is supported through the Sophos Community only.

  1. Open a web browser and navigate to
  2. Login with your SophosID
  3. You may receive a notification about joining the EAP. If not – navigate to the upper right corner, click on your username, and select “Early Access Programs” 
  4. Follow the instructions to sign up
  5. Once complete – you will see a “Manage” button

Registering Existing MacOS Endpoints into the EAP

Now that you have enrolled in the EAP you’ll need to go through a few steps to register your Mac Endpoints into the program.

Be aware that an endpoint will not get the EAP software until it’s registered.

Note: This is an EAP and PRODUCTION devices should NOT be enrolled in it.

  1. Click on your Username in the upper right
  2. Select 'Early Access Programs'
  3. For the Endpoint Protection Apple M1 (ARM) EAP, click on 'Manage'
  4. Add the desired endpoints into the 'Assigned Devices'

  5. Click Save

This will render the correct policy and endpoint software to the target devices.

Setting up a new device into the EAP

  1. Go to the Sophos Central Dashboard and select the option “Protect Devices” at the left tab
  2. Download the file and execute the “Sophos Installer” app
  3. Follow the instructions from setup and wait until the installation finished
  4. Once the Sophos Endpoint is installed, you might receive a notification about granting fulldiskaccess
  5. Once complete, assign your new client to the EAP
  6. Please follow the instructions to grant fulldiskaccess and to ensure that the new System Extensions are applied.
    1. macOS 11 Big Sur (previously known as 10.16)

Recommended Reads

Please make sure to visit our Recommended Reads section and reference the various How-to's and important information related to this EAP.