Deploying Central in a non-persistent VDI environment

Sorry in advance if this topic has already been covered. I did take a look but only found a topic discussing duplicate machines names.

We have two branch offices and both logon remotely to a Windows 10 virtual desktop pool. These desktops are based from a single "golden image" VM. At the end of each day when a user logs off, their VM is rolled back to a snapshot and all changes are undone. The user profiles are stored as "user profile disks" which are VHDX files on the network.

My question is, what is the best way to protect these "cloned" VM's with Sophos? Is Sophos Central the best product or is there another Sophos product for this scenario?

I am assuming I cannot just install Central on to the golden image and expect it to magically work fine after being cloned 24 times?

Due to the heavily restricted environment we have been managing fine so far without Sophos on these VM's however a situation has arisen where I could really use the data loss prevention feature.

Thank you in advance to those that assist.