This knowledge base article provides information on the domains and ports that are required for successful installation, registration and subsequent communication of a Sophos Central endpoint to the Sophos Central Admin, and vice versa.
Applies to the following Sophos product(s) and version(s) Central Mac EndpointCentral Windows Endpoint 10.8.1Sophos Central AdminSophos Central Managed Server 1.5.6
The below wildcards should be used to cover these endpoint domains if your proxy and/or firewall supports it.
*.sophos.com *.sophosupd.com *.sophosupd.net *.sophosxl.net ocsp2.globalsign.com crl.globalsign.com
If your proxy or firewall does not support the use of wildcards, the listed addresses should be added manually.
Identify the server address that the Sophos Management Communication System uses to securely communicate with Sophos Central.
C:\Documents and Settings\All Users\Application Data\Sophos\CloudInstaller\Logs\
Model::server value changed to:
For customers with an Intercept X Advanced with EDR license, the following domains are also required:
If a customer has the MTR feature and is performing TLS inspection or has a firewall that is doing application filtering, these domains are also required:
To confirm if they need to do those exclusions, or to test that the exclusions are effective, test by navigating to https://prod.endpointintel.darkbytes.io from an endpoint inside the environment. You should see a message like the following return:
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable for us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.