PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
This article provides a list of frequently asked questions regarding Sophos Central Admin. The following sections are covered:
Applies to the following Sophos products and versions Sophos Central Admin
Sophos Central Admin is our platform for delivering complete security as a service. The vision for Sophos Central Admin is to offer complete security management from the cloud.
Software as a service or SaaS means you do not have to install any server-side products, maintain backups, or monitor performance - this is all provided by us. A web console also allows you to manage all your computers from any supported web browsers.
Sign up for a 30-day free trial here: Sophos Central Free Trial.
Sophos Central Admin is accessible at https://central.sophos.com. For more information see How to access Sophos Central.
Windows, Mac, Sophos Secure OS (Linux), Linux, iOS, Chrome OS and Android devices can be protected. For more information see Retirement calendar for supported platforms and operating systems.
To change the license, contact an existing partner or contact Sales. To buy a new license, see Sophos Central Pricing.
To continue using the account, provide the evaluation license to a chosen Sophos Partner to convert this to a purchased license. Locate the evaluation license number within Sophos Central Admin under Login Name > Licensing > under License Details e.g. L1234567891.
No, Sophos will continue to release and support versions of Enterprise Console. Sophos Central Admin provides an alternative method of managing computers. Enterprise Console will continue to be an actively developed product for customers who do not want to fully switch to a cloud based solution.
Yes. For more information see Migrating to Sophos Central from Enterprise Console or Sophos Control Center. Customers can use the Sophos Cloud Migration tool migrate from on-premise to Sophos Central Admin.
Currently the Sophos Central Admin managed endpoint support engine is not supported to be used in conjunction with the following products:
Certainly, for more information see Sophos Central Windows Server Protection Frequently Asked Questions (FAQ).
Yes, for guidance on deploying the endpoint installer see Sophos Central: Software deployment methods.
Sophos Central Admin aims to support the current and previous versions of the major browsers. For more information see Supported web browsers for Sophos Cloud.
The system requirements page provides the information needed.
Outbound TCP connection to ports 443 and 80 are needed to connect to Sophos Central Admin. Port 443 for administration and port 80 for updates. For more information see Domains and ports required for communication to and from Sophos Central Admin and the Sophos Central managed client software.
Yes, see the following articles for more information:
There are no supported scenarios for deploying the client unmanaged software. The endpoint software is required to communicate with Sophos Central Admin to obtain updating credentials and to download the anti-virus component of the product.
Sophos is constantly monitoring new third-party security products. These are added to the Sophos Central Installer to automatically remove them. If the existing product is not detected or fail to be removed, see Sophos Central: Endpoint installer and the detection of other security software.
If a Windows operating system is used, then it can be configured to be an update cache. For more information see Sophos Central Update Caches Frequently Asked Questions (FAQ). Otherwise a web proxy which offers caching, like Sophos Unified Threat Management (UTM) should be able to do this automatically. For guidance in Using a caching proxy server with Sophos Cloud see this article.
For details on proxy support, see How to allow Sophos Central Managed Endpoint, UTM Managed Endpoint, and Sophos Home to use proxy server settings.
Sophos Partner can manage multiple customers through the Sophos Central Partner Dashboard. For more information, see Sophos Central Partner: Dashboard FAQ.
All stored data is encrypted and all applications are secured and running on secured operating systems. The system is load balanced and has fail-over between 3 sites, each running 2 instances of the software, any one of which is able to provide full service. Communication from the client to the Cloud is performed over HTTPS to secure the data and to enable the client to trust the server.
Sophos host the service using Amazon Web Services (AWS). During initial account setup, administrators can elect whether their data resides in the EU or the USA. Access to data is strictly controlled and audited.
Information like usernames are transmitted and stored in reports and policies to allow per user reporting and policy assignment. To provide reassurance on a common concern, since scanning runs locally on each machine, confidential files such as those containing employees' home addresses will not be transmitted to the cloud. For more information see Sophos Cloud data storage.
Sophos plans to perform scheduled updates to Sophos Central Admin on Saturdays. These updates are not expected to take the full allocated 6 hours and it takes every two to three weeks. If there are urgent updates, Sophos performs maintenance outside the given schedule. There will be no disruption on the protection during this time however customers may see the occasional transient error message. Customers need to clear the cache of the web browser to see all updates to Sophos Cloud. A readme file is updated with the significant updates.
The times when updates will take place are as follows:
Yes there is a Sophos Central status page.
The information about the billing is found in the Sophos Central Admin Online Payments (FAQ).
No further action is required if the customer decides not to purchase Sophos Central Admin at the end of the 30 day trial. Sophos Central Admin evaluation accounts that are not used for an extended period of time will be removed.
If the device is managed by the IT department or is part of a BYOD scheme then it can be covered by a user license.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.