Introducing the Early Access Program for our latest integration; Sophos plugin for Kaseya VSA.  This plugin is designed to allow our MSPs to now manage Sophos Central endpoints and alerts directly from within the Kaseya VSA management portal.

*Note: This beta license and environment is provided to our partners solely for the purpose of testing and feedback.  Upon completion of the Beta phase, this license, all environments and data will be deleted.  The GA (Generally Available) license will be made available for download free of charge from the Kaseya Automation Exchange marketplace upon announcement of official release.  

By clicking download, you agree to the Sophos API & Plugins Terms of Use. You also acknowledge that Sophos processes personal data in accordance with the Sophos Privacy Policy.

Table of contents

 

Plugin Overview

Dashboard view - Quickly determine service and health issues with endpoints.

 

Tenant View - Automatically retrieve a list of all tenants. Filter by tenant and auto-deploy configuration policies.

 

 

Endpoint View & Management - Drill into endpoints to determine issues and action a single endpoint, or many endpoints in bulk.

Actions include:

  • Forcing definitions updates
  • Enabling/Disabling tamper protection
    • Tamper protection if disabled, will be automatically enabled after a period of time
  • Deleting endpoints from Sophos Central
    • Deletion of the endpoint does not uninstall the endpoint

 

 

Alerts View & Management - Filter alerts by category and severity, then action the alert, or multiple alerts all at once.

Actions include:

  • Acknowledging the alert
    • This will remove the alert from Sophos Central
  • Cleaning a virus or threat from the affected endpoint(s)
  • Cleaning a potentially unwanted application from the affected endpoint(s)
  • Authorizing a file previously marked as potentially unwanted to run on selected endpoint(s)

 

Deployments - Upload CSV and/or Installation files, manually deploy to specific endpoints, or configure Autodeploy settings across machine groups. 

 

Audit Logs - Logging to determine if installs and bulk actions were successful.

  

 

Installation & Setup

The Beta version of this plugin is not available in the Kaseya's Automation Exchange marketplace. You will need to download the License file, then install it to your VSA application by following the directions below.

1. Navigate to System --> License Manager.

 

2. Click the 'Install' Button.

 

3. Browse to the locally saved .VSAZ file downloadable here.

 

4. Once .VSAZ file is selected you should see the below screen.

 

5. Click 'Next' through the series of screens until finished by finally selecting 'Finish'.

 

6. Once installation of the license file is completed, you should see the below screen.

 

7. Navigate to the bottom of the left hand menu and select the 'Sophos' icon.

 

8. Upon selection of the 'Sophos' Plugin you will be transported to the 'Overview' tab providing an, at a glance, description of each of the navigational tabs found within the plugin.

 

9. Navigate to the 'Settings' tab and enter your organizations API Client ID and Secret generated from within the Sophos Central Partner Dashboard, and detailed under the 'Create a Service Principal' section of our API Getting Started Guide.

 

10. Upon clicking 'Save' your credentials will be automatically validated and the Tenants, Endpoints, and Alerts sync will begin.

 

Deployment Configuration

This section describes the deployment strategy used by the plugin to install the Sophos Endpoint agent on Kaseya VSA managed Assets. 

The Sophos Security plugin for Kaseya VSA allows:

  • Manual or Automatic deployment of:
    • Windows endpoints (Desktop & Server)
    • Mac desktop endpoints

Configuration:

Auto-deployment is as simple as:

  1. Loading your Deploymenty CSV file
  2. Mapping Kaseya 'Machine Groups' or 'Organizations' to a specific Sophos Tenant
  3. Choosing the Sophos Endpoint products to be installed by Sophos Endpoint installer (Base AV, InterceptX, Managed Detection & Response, Device Encryption).

Once configured, the application will install the Sophos Endpoint Agent if the Kaseya Asset matches with the configured Machine Group/Organization for auto-deployment, and if the Sophos Endpoint Agent is not already installed.

1. Login to Sophos Central Partner Dashboard and download "Windows CSV file".

• Additionally download "Mac OS X CSV file" AND Mac OS X installer (SophosInstall.zip) to deploy Sophos Endpoint agent on Kaseya managed Mac OS X agents.

2. Login to Kaseya and navigate to 'Settings' --> 'Deployment' within the Sophos Security plugin.  Here you will see installation instructions to start the deployment setup. Click 'Next' to begin the wizard.

3. Upload CSV files that are downloaded from Sophos Central Partner Dashboard and configure the Auto deployment.  Then click 'Next' or 'Skip' if you have already uploaded files and do not want to upload it again.

* For Macs: Upload 'SophosInstall.zip' at Agent Procedures --> File Transfer --> Distribute File --> Manage Files --> Shared files. Skip this step if you do not want to deploy Sophos Endpoint agent on Kaseya managed Mac OS X agents.

  

 

4. The final screen will display an option to map Sophos Tenants to either Kaseya Machine Groups OR the Kaseya Organizations.  Add the associations and click 'Finish' to save the configuration.

 

 

Manual deployment:
Once the above deployment steps are completed, a Partner can deploy the Sophos solution manually via the 'Assets' tab from within the Sophos Security plugin, which lists the Kaseya Assets and status of Sophos Endpoint agent (installed/not installed). The application compares the hostname of Kaseya Assets and Sophos Endpoints to check if Sophos Endpoint agent is already installed.

1. Navigate to Sophos Security Solutions Plugin --> Main --> Assets. Select "Install Sophos" action then select the assets and click on Submit.

 

*Note: For both Auto deploy and Manual deployment, this application uses Kaseya Procedures to install the Sophos Endpoint Agent.

 

Troubleshooting & Logging

 

The Sophos plugin will keep an audit log of actions attempted and performed on Endpoints, Alerts, and Deployments
• To check Audit logs navigate to Sophos Security Solutions --> Logs --> Audit Logs


• To check the Kaseya deployment procedure logs: Agent --> Agents --> Agent Logs --> [click on the agent name] --> Agent Admin Logs --> Procedure History.


• To get the log file of Sophos Central installation: Agent Procedures --> File Transfer --> Get File --> [click on the agent name] --> Click on SophosCentralInstall.log.

*Note: This log file will be created once the installation process is complete and the information synced to the Kaseya application, which could take up to 45 minutes.

 

Help & Support

While in Early Access phase, please use the Feedback & Issues tab of this community post to report any issues or request support.

Anonymous