This article provides a high level overview on how to use Microsoft Intune to deploy the Sophos Central Windows endpoint software.
Note: The following information could also be used as a guide when deploying the Sophos Enterprise Console (SEC) managed client.
The steps below are provided with the assumption that Intune has already been used to deploy packages to Windows endpoints and you are already familiar with the general workflows described.
The following sections are covered:
Applies to the following Sophos product(s) and version(s) Central Windows Endpoint Sophos Endpoint Security and Control
There are two phases to the deployment:
md C:\Temp md C:\Temp\IntunePackageSource md C:\Temp\IntunePackageOutput
You should receive a message to say the .intunewin file has been generated successfully. It should be available in the following location: C:\Temp\IntunePackageOutput\SophosSetup.intunewin\.
Note: There are potentially a number of markers that indicate Sophos Cloud endpoint is already installed. The example above is a component that is only installed as part of the Sophos Central product compared to the on-premise solution. Therefore this would allow for migrations to Sophos Central. You may wish to add additional rules for other Sophos Central components such as the files of Sophos Management Communication System (MCS) to harden the detection method.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.