Sophos Endpoint without connection to Sophos Enterprise Console

Hello there,


we have to prepare a Computer that is not in our Company-Network. Which means the Computer has access to the Primary Update Address (Sophos) but not to the secondary Update Address

(our Sophos Update Server in our Company-Network).

Is there a possibility that the Sophos Endpoint Computer will lose the license or will stop working since he can not connect to the Sophos Enterprise Console anymore?

Even though he will get his updates directly from Sophos with the correct username and password.






  • Hello Gero,

    are you indeed talking about the SEC-managed SESC and a managed endpoint? SESC does not permit Sophos as Primary update location (endpoints are supposed to update primarily from an on-site location, Sophos is just a fallback). If SEC then it could work in principle in two ways:

    1. Install a managed endpoint from the CID, Ii will get a CustomerID and a preferred subscription during install. Set your server as Primary, Sophos as Secondary. In this scenario the endpoint will constantly warn of failed updates because it can't update the RMS component from Sophos. Also it will only be upgraded to the latest version when the current expires
    2. Install the unmanaged stand-alone version and configure Sophos as Primary.

    In both cases your updating credentials identify your license and could be transferred to additional endpoints outside your "jurisdiction".