Sophos anti virus for servers and PCs

Dear team,

I have installed Sophos Enterprise Console in one of my central servers. This server will be the one downloading security updates from Sophos. I also have branch servers (management console) which will receive updates from the central server and push the updates to the branch PCs (protecting them).

When I asked for a quote, Sophos provided me with Sophos Exploit Prevention licenses. Things got funny when I was trying to apply the license. It failed and when I got back to Sophos they advised I should first purchase Sophos Endpoint Protection before purchasing the Exploit Prevention.

Now I am posting on this forum to get someone to help me understand the licensing model I am going to need for my infrastructure as explained above. Please help

  • Hi Masoud,

    Sophos Enterprise Console (SEC) is the management server for our on premise endpoint/server product. You will have likely got access to SEC as part of an endpoint or server license. EPA = Endpoint Protection Advanced or SVRWVL = Server Protection for Virtualisation, Windows, And Linux.

    Where did you download SEC from?

    How did you try and apply the license?

    EXP is a license that can be added to EPA or SVRWVL and provides access to additional Intercept X features of Anti Ransomware (CryptoGuard) and Anti Exploit for SEC customers;

    Regards,

    Stephen

  • Hello Masoud Kiswagara,

    [disclaimer: I'm not Sophos, furthermore I have no insight how you purchased these licenses (wonder how you've found the on-premise version on the Sophos website). In our area it's always via a partner or reseller who should provide assistance in selecting the appropriate options]

    I have installed Sophos Enterprise Console
    this suggests that you have appropriate credentials for Endpoint Protection, normally you get them with with a License Schedule that should show the number of licenses. If you have been able to download SEC you've added the credentials to your MySophos account. You should see the list of products in your account - do you? Exploit Prevention is an add-on for the on-premise SESC - I'm not aware that you get access to the SEC download if you just have licensed EXP without the "base" SESC.

    when I was trying to apply the license
    where did you try to apply it? Could you show a screenshot? It's perhaps just a question of what to apply where.

    Christian

  • In reply to QC:

    Hello Christian,

    Thanks alot for a quick response.

    I have downloaded th SEC on this link

    https://www.sophos.com/en-us/support/downloads/console/sophos-enterprise-console.aspx

    And all I had to do was creating a Sophos Account and have this trial installer. On purchasing Exploit Prevention, I was sent a file with username and password which I try to use on Management Console for update manager to connect to Sophos to download security updates. (Am not an expert of Sophos, may be am doing it all wrong). So when trying to login to Sophos I received wrong credentials error. On researching why that happens, I was told I have to purchase Endpoint Protection first before Exploit prevention.

     

    when I was trying to apply the license

    I should rephrase this to when I was trying to use the supplied credentials.

    I have a very low knowledge on Sophos but what I need is to use the central server to download updates from Sophos and push them to 12 branch servers which have management console installed. And each branch server should protect 10 branch PCs. The central server should also protect few windows servers.

  • In reply to StephenMcKay:

    Hi Stephen,

    Thanks for the quick response.

    I downloaded the trial version on this link 

    https://www.sophos.com/en-us/support/downloads/console/sophos-enterprise-console.aspx

     

    On purchasing the eXploit prevention, I was given credentials (Username and Password) which I try to use them on the central servers update manager to download security updates from Sophos. (Am not very knowledgeable on how this works)

    But the idea is to protect servers and well as PC. But have only one central server with access to Internet and download updates from Sophos and push them to 12 branch servers. The branch servers will have to protect 10 windows PCs.

    So do I need to purchase EPA?

  • In reply to Masoud Kiswagara:

    Hello Masoud Kiswagara,

    maybe Stephen again replies before I finish my post.

    Yes, you need the base EPA licenses (from your numbers around 150).

    Wonder why sales/licensing didn't point out that you have no EPA licenses.

    Christian

  • In reply to QC:

    I let you finish this time Christian ;)

    Masoud, please send me a PM with your company name/email address, i'll check what your order shows and then confirm what you need to do to resolve this.

    Regards,

    Stephen

  • In reply to QC:

    Hello Christian,

    If my understanding is correct, I am not required to license the Enterprise Console itself. I only purchase license for endpoint protection and use the console for management purpose only. Am I right?

  • In reply to Masoud Kiswagara:

    Hello Masoud Kiswagara,

    correct, like in the trial the console is available in the downloads section. No extra purchase is required.
    Normally you download just the Sophos Enterprise Console, install it and configure the Update Manager (SUM). SUM then downloads the Endpoint software and distributes it to the update location (CID). From there you install the endpoints. BTW - you can install additional remote consoles or, if needed, more than one SEC.

    Christian