[Update 1 - 08/11/18 @ 11:20 GMT] Changes have been made in Sophos Central to mitigate this issue. Customers should no longer find that disabling Intercept X Advanced on server consumes advanced licenses.
Customers are reporting that Central Managed servers are consuming Intercept X Advanced licenses even though all Intercept X Advanced features are disabled in their Threat Protection Policies.
This is due to a hidden policy option in Central that is not visible to customers and can only be modified by Sophos Support.
Servers assigned to the base policy in Sophos Central will not be affected by this - only servers assigned to customer created policies where Intercept X Advanced for Server is disabled.
Applies to the following Sophos product(s) and version(s) Sophos Central AdminCentral Server Intercept X 2.0.3
Sophos Development are currently investigating this issue.
Affected customers will need to contact Sophos Support to disable the hidden option in their Threat Protection policy for the affected server(s).
Updates will be provided as the Development investigation continues.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.