Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 4550 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Clarifying Mac OS/Endpoint Client 9.6.2 support

AaronMelgares

 The Mac Sophos Anti-Virus 9.6.2 client is rolling out to our Macs and I've noticed that our Macs running 10.8 and 10.9 are getting version 9.6.2 even though 10.8 is no longer supported and 10.9 is ending support April 30 according to the OS retirement calendar.  I'm confused about whether these Mac OS versions will be getting app/definition updates.  I believe in the past this was gated by the version of the Sophos AV application, but if these Macs are running the most current Sophos AV app, it seems they would get the same definitions as the Macs running newer Mac OS versions. I need to understand Sophos AV behavior on older Mac OS X versions for security compliance.



This thread was automatically locked due to age.
  • 0

    Hello AaronMelgares,

    first of all, I'm not Sophos and this is not an official answer - I'm pretty sure though that you wont get an answer from Sophos (here) that deviates from the articles.

    I'd like to point out that the articles aren't consistent - the System requirements for Cloud (note: even though the article was updated end of February it still says Cloud, not Central) specify 10.8-10.12 and in addition the Central Endpoint version is usually ahead of the SESC version.
    Sophos is quite "generous" in matters of retirement. While the Retirement Calendar drastically states all urgent software fixes, protection updates and support will end it also says there will be no software changes made in the preceding three months before retirement. Managed products provide (if the customer permits) feedback to Sophos about platform/version usage and if there's still a significant proportion of versions near or after retirement operability isn't wilfully cut off. Operability in this context meaning that an Extended version will be provided that still receives definition updates (with W2k this even included a downgrade to a yet older version).

    To emphasize, just my personal view - if the endpoints could upgrade the software you can expect definition updates until a few months after the release of a version that the endpoints can't upgrade to.

    security compliance
    a working up-to-date AV is just one facet of security. An OS version that is no longer fully maintained by the vendor should IMO not be considered as compliant. 

    Christian

Unfiltered HTML