Documentation changes for the week of May 16th

R@DocSupport

23 May 2022

This blog post will list the main changes in our product documentation and knowledge base.

Sophos Firewall
Sophos Central
- Central Admin dashboard
- Central Partner/Central Enterprise
Endpoint - Windows and Mac
Endpoint - Unix and Linux
Sophos Email
Mobile
ESH/SURF
Phish Threat
Other

Sophos Firewall

Updated

WAN link load balancing and session persistence

Sophos Central

Resolved advisories

KB-000043979 RESOLVED Advisory: Sophos Central Email Outbound delay up to 30 minutes or more
KB-000044021 RESOLVED Advisory: Sophos Central Email Inbound delay up to 30 minutes or more
KB-000044040 RESOLVED Advisory: Sophos Central Partner Dashboard - Partners cannot sign in to Central Partner Dashboard
KB-000044018 RESOLVED Advisory: Customers experiencing ADsync utility / Azure AD sync failure alerts in Sophos Central
KB-000044046 RESOLVED Advisory: Customers are unable to create trials on Sophos Central Web (different than Sophos Central Partner Dashboard)
KB-000044043 RESOLVED Advisory: Sophos Central - General Issue with auto-renewals and license activation

Central Admin dashboard

New

Hybrid directory services
- You can now use both Active Directory and Azure AD at the same time.
  https://docs.sophos.com/central/Customer/help/en-us/PeopleAndDevices/DirectoryService/ (and subsequent pages)
Restart event
- Added information on restart events and how we handle restarts.
  https://docs.sophos.com/central/Customer/help/en-us/PeopleAndDevices/Devices/Computers/ComputersRestart/
  https://docs.sophos.com/central/Customer/help/en-us/PeopleAndDevices/Devices/Servers/ServersRestart/
Account health checks
- Checks on exclusions
  https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/AccountHealthCheck/FixPolicyExclusions/
  https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/AccountHealthCheck/FixGlobalExclusions/
New article regarding expected behavior with Threat Graphs
- KB-000044022 Sophos Central: Expected Threat Graph behavior for Cryptoguard or Malicious behavior detection alerts

A new KBA that lists the different causes of license allocation issues that may arise after renewal or license change and the steps to resolve them
- KB-000044019 Sophos Central Enterprise Dashboard: License allocation issues after renewal or change

Updated

Domains and Ports
- Added ports and domains for new data centers in India and Brazil.
  https://docs.sophos.com/central/Customer/help/en-us/PeopleAndDevices/ProtectDevices
Exploit mitigations exclusions
- Added wildcard information
  https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/GlobalSettings/GlobalExclusions/MitigationExclusionsVariables/
Live Discover/Third-party integrations
- Data lake uploads for Microsoft 365 audit logs is now generally available. Third party integration help call is redirected here for now as this is the only integration available.
  https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/ThreatAnalysisCenter/LiveDiscover/DataLakeUploads/
SSL/TLS decryption of HTTPS websites
- Added information on why some webpages are blocked automatically by Sophos and browsers. Added information on how to ensure decryption works correctly with Firefox.
  https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/GlobalSettings/DecryptHTTPS/index.html
KBA updated to make it dashboard agnostic - adding behavior can be seen in cdb and pdb at bottom, as well as the initial intent of edb master for the first two points
- KB-000038572 Central Licensing: known behaviors/issues for Enterprise, Partner and Central Dashboards
Forensic snapshots
- https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/GlobalSettings/ForensicSnapshots/UploadForensicSnapshot/
Information on why PDF, flash and .exe file are blocked updated to reflect the steps in Sophos Central
- KB-000035338 - Sophos Central: Web Control Frequently Asked Questions

Central Partner/Central Enterprise

Updated

Added exclusions using Detection IDs
- https://docs.sophos.com/central/Enterprise/help/en-us/SettingsAndPolicies/GlobalTemplates/GlobalSettings/ScanningExclusions/index.html
- https://docs.sophos.com/central/Partner/help/en-us/Help/SettingsAndPolicies/GlobalTemplates/GlobalSettings/ScanningExclusions/index.html

Endpoint - Windows and Mac

Ongoing advisories

New

A new troubleshooting KBA to fix an installation issue on Windows endpoints where Windows Security Center service is turned off or is malfunctioning
- KB-000044066 Sophos Central Endpoint: Installation fails due to missing Windows Security Center service
New KBA regarding Mac installer process change
- KB-000044045 Sophos macOS Installer failure on MacOS 12.4

Updated

Changed wording for location, due to MacOS 12.4 restrictions
- KB-000033340 Use the terminal to install or uninstall Sophos Anti-Virus for Mac

Endpoint - Unix and Linux

Updated

Updated the SAV v9 and SAV v10 (central managed) retirement dates for Red Hat Enterprise Linux 7 – Server and SAV v10 (central managed) retirement date for Red Hat Enterprise Linux 8 - Server
- KB-000034756 Sophos Endpoint and Server Protection: Retirement calendar for supported platforms and operating systems

Sophos Email

Updated

Enhancements to Email Security Policy help
- https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/EmailSecurity/EmailSecurityPolicy/
Corrections to Email security
- https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/EmailSecurity/
Updated Email History Report help
- https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/LogsReports/Logs/EmailHistoryReport/#report-details
Updated gateway information for Japan, Australia, Canada
Update email gateway IPs for new CIDRs
Added information that the External, Yellow Smart Banner will also appear if the sender does not have DMARC, DKIM, and SPF checks
- KB-000039140 Sophos Central Email: Smart Banners frequently asked questions
The article was updated to indicate Smart Banners as the preferred method for submitting samples to Sophos Labs. The section Use Message History to submit spam was also updated. The sections Collect and submit samples for false-positive spam messages and Collect and submit samples for false-negative spam/virus emails were removed
- KB-000037048 Sophos Central Email: Report false positive or false negative spam e-mails

Mobile

Updated

Information regarding turning off ciphers for Sophos Mobile Standalone EAS Proxy added.
- KB-000035262 Sophos Mobile: Deactivate certain encryption ciphers

ESH/SURF

New

New KBA for the coming update to ESH in the Central 2022.1 release

Updated

Added ESH Network test information to remind the user to check for any communication issues before going through the steps
- KB-000036450 Sophos Endpoint Self Help: Management Communication
Updated KBAs for the coming update to ESH in the Central 2022.1 release

Phish Threat

Updated

Enhanced create campaign instructions
- https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/PhishThreat/Campaigns/PTCreateCampaign/

Other

Updated

Updated to indicate Smart Banners as the preferred method for submitting samples to Sophos Labs. The sections Use Message History to submit spam and Use Sophos Outlook Add-in were also updated.
- KB-000033422 Submit samples of phishing, spam, or false positive emails to Sophos Labs

Documentation changes for the week of May 16th

Table of Contents

Sophos Firewall

Updated

Sophos Central

Resolved advisories

Central Admin dashboard

New

Updated

Central Partner/Central Enterprise

Updated

Endpoint - Windows and Mac

Ongoing advisories

New

Updated

Endpoint - Unix and Linux

Updated

Sophos Email

Updated

Mobile

Updated

ESH/SURF

New

Updated

Phish Threat

Updated

Other

Updated