Updated to 9.601-5, received a new notice under Endpoint Protection about it expiring/EOL?


We have now stopped selling Sophos UTM Endpoint Protection subscriptions as of December 31st, 2018 and will retire support at the end of 2019.

Customers should upgrade — for free — to Sophos Central-managed Endpoint Protection which delivers enhanced protection and management capabilities. Learn more: https://community.sophos.com/kb/en-us/122865


So does the Free version have to do this as well, or do we just go as is?  Sort of a cryptic message to spew out to us.  Does it mean we are going to lose our free version too?

  • Hi Amodin,

    I spoke at great length about this with Sophos, they said that due to the ever increasing threat landscape (and the complexity of the threats), users will need more than just an anti-virus. Although it is a good AV package and does provide a lot of the protection required, Sophos decided that going with a Cloud based distribution model, than having to update the Sophos UTM every 3-4 times a year, this could leave you open to potential threats.

    They told me to use Sophos Home or the Endpoint Advanced products.

    hope this helps.

  • In reply to Argo:

    Thanks for the reply,


    So I am to take it that we are going to lose this as part of the free version of Home UTM service.  I can understand their model, I just don't understand their delivery methods in telling us this and being vague, or at least post about it (sorry if I missed it) and tell us, "Hey we are switching our model on you, suck it up and go get something else".

    The advertising between that and the wireless stuff that appeared in that huge, obnoxious banner was a bit annoying.  I almost feel like UTM is being forced out and everything is being pushed to XG, which IMO still isn't really enough for me to switch to and be happy about it.  I'd still rather have the IP limitation rather than a hardware one, not to mention what I'd lose, have to set back up and start things from scratch.  No idea if my AP30s would work or not with it (although I doubt it - we have to push other products).

  • In reply to Amodin:

    Hi Amodin,

    I can understand your frustration, as the long conversations I had with Sophos was on this subject, as until I asked the question they would never provide a straight answer.. lol.

    As for the AP30, I use the AP50 which work without issue, I have three of these and have connected these via a 5GHz mesh network (on either the UTM or XG). I am sure that the AP30s will work.

    I do agree with you about the XG, there is a lot to develop before I can even sell this to a customer, although some of the bells and whistles are quite nice..

    A couple of points that need to be addressed are;

    DHCP Server (from GUI not CLI).

    DNS Server.

    NTP Server.

    More control over the (Transparent) Proxy functions.

    inclusion of heartbeat into these free Endpoint security products (nice to have).


    these are more, but this cover the obvious ones.

  • In reply to Amodin:

    Hey Neighbor,

    The folks at Sophos say that their free Home AV is better than the UTM one.  Typically, Sophos declares end-of-sales 18 months ahead of time and end of support is usually at least 18 months after that, so I wouldn't worry about being pushed to XG any time soon.  The UTM-to-XG migration tool has been in double-secret beta for about two years.  I expect Sophos will heat that up before any announcement.

    Cheers - Bob

  • In reply to BAlfson:

    Well, it's good information from both of you, and I did e-mail support to see if I could get any better of a response (LOL).  I basically got from them, "I don't know, you have to ask at https://community.sophos.com and you can find your answer there."

    So, I guess I can take a hint.  ;)  I'll start implementing the free one and see how that works.  Thanks.

  • In reply to BAlfson:


    So I have a SG series running UTM 9.6 and noticed this message today when I was considering using it. My license only allows for 2 free endpoints (which is ok for my needs) so I looked here https://community.sophos.com/kb/en-us/122865 at their KB, which was all ok until I saw this: "Note: Server protection needs to be licensed separately via Sophos Central." One of the computers I want to consider using this for is a server. Does anyone know if I have to purchase a separate Sophos Central subscription if I need server protection, and not use this free transfer?


  • I have a Sophos UTM 9 home use license and in the licensing area it says that I can protect up to 12 endpoints. I've not used endpoint protection but after receiving the EOL message I decided to give Sophos Central Endpoint Protection a try. I set up a 30 day trial as described in the migration documentation.


    The document states.

    "Contact Sophos Customer Care (customercare@sophos.com) and have your UTM License ID available. They will be able to provide you with a license for Central Endpoint Protection (CEP) equivalent to your original UTM endpoint protection license. This will include a license key which you can apply in the Sophos Central interface to convert your account from trial to fully licensed, please allow up to 5 working days for this activation key to arrive.
    Note: Server protection needs to be licensed separately via Sophos Central."

    So I sent in my license ID. I received a response that this only applies to paid versions of Endpoint Protection, so my home use license does not qualify. So, heads up to home license users. Don't waste your time trying to convert your endpoint license to the cloud based version.

    It was a little disappointing that I was not able to convert my license since I had planned to play with Sophos Central and consider whether I might recommend it to my customers. However, it's likely that I would not have recommended it since there's no good way to verify the efficacy of the product since Sophos does not participate in third party testing by organizations such as av-comparatives and av-test. Without unbiased scientific testing it's hard to say just how effective an antivirus product is compared to the competition. I have no idea how effective Sophos's antivirus products are. They could be the best in the world, or they could be mediocre. Without some sort of benchmark it's just a guess. Sophos hypes their technologies such as Heartbeat and Intercept X, but without third party verification it takes a leap of faith to trust these products.

    I would like to see Sophos compete head to head with competing products in scientific testing, and if Sophos feels that the tests don't reflect real world use then I would like to see Sophos point out testing errors and perhaps help the test sites work toward a better testing model.





  • In reply to Robert Purcell:

    Hi Rob - welcome to the UTM Community!

    If your company is a Sophos Partner, you should ask your Sophos Channel Account Executive to arrange a not-for-resale Central Endpoint license for your company.

    Cheers - Bob

  • In reply to Robert Purcell:



    Thought you said their software wasn't tested at av-test?


    Here's the mobile news:  https://news.sophos.com/en-us/2019/03/22/av-test-and-av-comparatives-give-sophos-mobile-security-100/


    I went and bought the home user 10-computer to replace EOL for Endpoint, and was pointed out that it is better than Endpoint is (the first link I posted here).  I think we're okay to use it, based off the scores the software receives.

  • In reply to Amodin:

    Actually, here is the reason for EoL of UTM Endpoint.


    You wont be able to install / use UTM Endpoint with certain Windows Installations. 


    So for Free/home User: Sophos Home: https://home.sophos.com/en-us.aspx (Premium or Free). Or Upgrade to a Central License (Subscription based). 

    For Business Partner: Contact your Sophos Reseller for a Migration to a Central License

  • In reply to DamienLee:


    yes Sophos devide into Endpoint Protection and Server Protection (UTM Endpoint was usable for both Clients & Servers)! So you have to buy Server Protection / Intercept X if you need to protect server systems. The price of Sophos Server Protection is just incredible for everybody that have to switch from UTM Endpoint to that!

    And top of the UTM Endpoint story for myself: We have a customer that had bought UTM Endpoint Licence in 2017 (3 years and before EOL) Normally this customer have a valid licence till 10/2020! Guess what - there is NO special offer for the Server Protection for that customer! The customer can switch the client endpoints without any costs but for the 5 Servers he have to buy Server Protection / InterceptX for about 600€. This is absolutely a NO GO! The customer will have a valid lincense for 10 month without a working product in 2020...

    Of course this customer will switch now to a competitor like all our other UTM Endpoint customers. The price for Server Protection/InterceptX is absolutely not competitive (just my Opinion).


    It's also incredible that if you use Sophos Enterprise Console (Endpoint on premise) that there is also NO difference between clients and servers but if you do that in central...Don't think about to install Endpoint Protection on a server - guess what...? Baaam - enjoy your free trial of Server Protection!




  • In reply to Steve Weißflog:

    You need to be careful about those statements. 

    Central Server Protection is more powerful than SEC / UTM EP.


    And Intercept X Advanced for Server is the next step. 




    Simply compare those products and you can notice, that there are quite different mechanism/level of protection. 


    Did you tell your story already to a Sophos Sales rep as a Partner? 

    Most likely you will get a offer for this scenario. 

  • In reply to LuCar Toni:

    Of course Server Protection is more powerful but also price is x3 for that. Competitors also have at least a ransomware/encryption protection for fileserver etc. And price for the competitor server protection is often same price as for competitor clients! None of my customers is willing to pay prices factor 3 for Sophos Server Protection.

    Price for Sophos Endpoint Protection is competitive but a "lighter" Sophos Server Protection (at least with ransomware/encryption protectionis) is missing especially in Sophos Central. And of course no customer will mix AV protection for Clients and Servers - so in the end they will switch to a competitor...


    The offer for the customer with valid UTM Endpoint Licence came directly from Sophos Sales... I told them that this is not an option for my customer and that there MUST be at least an option to switch without any costs to Sophos Central Endpoint/Server protection if the customer will have a valid UTM Endpoint licence. It is just a NO GO to end a product if customers still have a VALID Licence beyond EOL! I also asked if there can be any other compensation (e.g. expand customer UTM Licence for a few months or anything like that). It would be really interesting if any customer will take Sophos to court for that behaviour!



  • In reply to Steve Weißflog:

    Steve, I thought that UTM Endpoint would continue to function after EOL as long as the device had a valid license for it.  Where did you see that it would stop working?

    Cheers - Bob

  • In reply to BAlfson:

    Do you believe that there will be any AV pattern/DB Update after EOL? I don't think so...

    Using an outdated Endpoint after EOL for 10 months is also not an option.


    As already mentioned this customer will switch to a competitor in 2 months...

    Sophos product policy totally failed here.