Sophos Community
  • User
  • Help
  • Site
  • Search
  • User
  • All Groups
  • Knowledge Base
  • Community Blog
  • Member Recognition
  • More
  • Cancel

Knowledge Base

  • Advisories
  • +CyberoamOS
  • +Data Control and DLP
  • Email Appliance
  • +Endpoint Security and Control
  • +Free Tools
  • +General
  • +Mobile
  • +PureMessage
  • +Reflexion
  • +SafeGuard encryption
  • +Server protection
  • +Sophos Central
  • Sophos Clean
  • Sophos Home
  • +Sophos UTM 9
  • Web Appliance
  • +XG Firewall
Tweets by SophosSupport

Sophos Central: Domains and ports required for communication to and from Sophos Central Admin and the Sophos Central managed endpoint

  • Article ID: 121936
  • Updated: 3 Dec 2019
  • 41 people found this helpful
  • Available in: English | Español | Italiano | 日本語 | Français | Deutsch

Overview

This knowledge base article provides information on the domains and ports that are required for successful installation, registration and subsequent communication of a Sophos Central endpoint to the Sophos Central Admin, and vice versa.

Applies to the following Sophos product(s) and version(s)
Central Mac Endpoint
Central Windows Endpoint 10.8.1
Sophos Central Admin
Sophos Central Managed Server 1.5.6

Sophos Central and Sophos Central Partner

  • central.sophos.com
  • cloud-assets.sophos.com
  • sophos.com
  • downloads.sophos.com

    Note:
    The wildcard *.sophos.com should be used to cover all of these addresses if your firewall and/or proxy supports it.

Sophos Central Endpoint Domains

The below wildcards should be used to cover these endpoint domains if your proxy and/or firewall supports it.

  • *.sophos.com
  • *.sophosupd.com
  • *.sophosupd.net
  • *.sophosxl.net
  • ocsp2.globalsign.com
  • crl.globalsign.com

If your proxy or firewall does not support the use of wildcards, the listed addresses should be added manually.

Identify the server address that the Sophos Management Communication System uses to securely communicate with Sophos Central.

  1. Open the file SophosCloudInstaller.log located at:

    Windows 2008: C:\Documents and Settings\All Users\Application Data\Sophos\CloudInstaller\Logs\
    Windows 7 and later: C:\ProgramData\Sophos\CloudInstaller\Logs

  2. Search within the file for the line Model::server value changed to:

    Note: This should look similar to dzr-mcs-amzn-eu-west-1-9af7.upe.p.hmr.sophos.com.

  3. Add the server address and the following addresses to the allow list of the proxy server:
  • dci.sophosupd.com
  • d1.sophosupd.com
  • d2.sophosupd.com
  • d3.sophosupd.com
  • dci.sophosupd.net
  • d1.sophosupd.net
  • d2.sophosupd.net
  • d3.sophosupd.net
  • t1.sophosupd.com
  • sdu-feedback.sophos.com
  • sophosxl.net
  • 4.sophosxl.net
  • samples.sophosxl.net
  • ocsp.globalsign.com
  • ocsp2.globalsign.com
  • crl.globalsign.com
  • crl.globalsign.net
  • ocsp.digicert.com
  • crl3.digicert.com
  • crl4.digicert.com

Sophos Intercept X Advanced with EDR

For customers with an Intercept X Advanced with EDR license, the following domains are also required:

  • tf-edr-message-upload-eu-central-1-prod-bucket.s3.amazonaws.com
  • tf-edr-message-upload-eu-west-1-prod-bucket.s3.amazonaws.com
  • tf-edr-message-upload-us-east-2-prod-bucket.s3.amazonaws.com
  • tf-edr-message-upload-us-west-2-prod-bucket.s3.amazonaws.com

Sophos Intercept X Advanced with EDR and MTR

If a customer has the MTR feature and is performing TLS inspection or has a firewall that is doing application filtering, these domains are also required:

  • kinesis.us-west-2.amazonaws.com
  • prod.endpointintel.darkbytes.io

To confirm if they need to do those exclusions, or to test that the exclusions are effective, test by navigating to https://prod.endpointintel.darkbytes.io from an endpoint inside the environment. You should see a message like the following return:

{

message: "running..."

}

Sophos Central Endpoint Ports

  • 80 (HTTP)
  • 443 (HTTPS)

Related information

  • Sophos Central Endpoint: Installer command line options
  • Sophos Central Admin: Frequently Asked Questions (FAQ)
  • Sophos Central Endpoint: New endpoint installer frequently asked questions
  • Sophos Central Endpoint: Installation Unsuccessful - An Internet connection could not be established
  • Sophos Central and Sophos UTM: How to configure endpoints to use proxy server settings

Feedback and contact

If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable for us to ensure that we continually strive to give our customers the best information possible.

Article appears in the following topics
  • Sophos Central

Did this article provide the information you were looking for?

Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.

  • Submit
Sophos Footer
  • T&Cs
  • Help
  • Cookie Info
  • Contact Support

© 1997 - 2019 Sophos Ltd. All rights reserved.