What is the basic difference between using a webcid vs Sophos as the secondary update location ? Why would i want an out of network PC to update via a Webcid when they can update via sophos too.

Jusr an update i saw an answer by christian somewhere else on this community

If clients are "outside" why not just point them at the Sophos update location?

One reason is that you have to specify your license credentials in order to access Sophos as update location - something you probably don't want to do because they are sent effectively in plain text. Another reason is that you might want to control which version the client uses. Thirdly it is possible to apply a specific configuration to the CID.

Christian

So what it means is that a remote client can get policies from WEBCID but not from Sophos as secondary update location and that is the main benefit apart from password being sent in plain text?

It's mainly for tighter endpoint software version control and if needed CID customisation.

Hello Kandarp Desai1,

password being sent in plain text
it isn't, this would apply to the SUM as well as it also uses HTTP and not HTTPS, your license credentials could be de-obfuscated from the endpoint update configuration though.

get policies
a configured CID is not the ideal way to distribute policies and you'd need an extra CID for each combination of polices in use.

Furthermore if these are manged installations the RMS component won't be downloaded from Sophos and updating will show as failed.

Christian

Thanks for the reply Christian and Jak