Getting Sophos Central/Endpoint into an air gap system

Hi all,

Was hoping to potentially get some tips for setting up an air gap connection with up to date Sophos anti-virus protection,

In the building currently we have a setup where we got a Sophos Central Console connecting to machines with Sophos Endpoint Agents (All with Internet access that communicate with the Console),

However, we have an air gap room which would be interesting to know if we can use the assets we already got with this other setup,

The question I got is, if I got some machines that don't have internet access (And never will) is there a way to do the following:

1) Install Endpoint Agent onto an air gap Windows 10 computer

2) Install Endpoint Agent onto an air gap Windows Server 2012 R2 server

Following the above two being possible:

3) Be able to get updates from the console/an endpoint (I expect to do this once a month or two) to copy over to these air gap devices to get updated Sophos protection

Thanks in advance for any answers,

Daniel

Added TAGs
[edited by: Gladys at 5:35 AM (GMT -8) on 19 Dec 2022]

Top Replies

GlennSen over 1 year ago +1

Thank you for reaching the community forum. Setting up a totally Isolated network for the central manage endpoint isn’t possible, but if you prefer, you can set up an update cache and message relay server…

0 GlennSen over 1 year ago

Thank you for reaching the community forum.

Setting up a totally Isolated network for the central manage endpoint isn’t possible, but if you prefer, you can set up an update cache and message relay server.

The configuration would be that the server only has internet access while the endpoint will grab the installation files/updates directly to the server.

You may refer to this documentation.

Glenn ArchieSeñas (GlennSen)

Global Community Support Engineer

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel