Introducing the Generally Available release for our latest integration; Sophos plugin for ConnectWise Automate. This plugin is designed to allow our MSPs to now manage Sophos Central endpoints and alerts directly from within the ConnectWise Automate management portal.
|
*Note: By clicking download, you agree to the Sophos API & Plugins Terms of Use. You also acknowledge that Sophos processes personal data in accordance with the Sophos Privacy Policy. |
Table of Contents
Plugin Overview
Dashboard view - Quickly determine service and health issues with endpoints.
Tenant View - Automatically retrieve a list of all tenants. Filter by Tenant.
Endpoint View & Management - Drill into endpoints to determine issues and action a single endpoint, or many endpoints in bulk.
Actions include:
- Forcing definitions updates
- Enabling/Disabling tamper protection
- Tamper protection if disabled, will be automatically enabled after a period of time
- Deleting endpoints from Sophos Central
- Deletion of the endpoint does not uninstall the endpoint
Alerts View & Management - Filter alerts by category and severity, then action the alert, or multiple alerts all at once.
Actions include:
- Acknowledging the alert
- This will remove the alert from Sophos Central
- Cleaning a virus or threat from the affected endpoint(s)
- Cleaning a potentially unwanted application from the affected endpoint(s)
- Authorizing a file previously marked as potentially unwanted to run on selected endpoint(s)
Deployments - Upload CSV files, manually deploy to specific endpoints on the fly, or configure Autodeploy settings across Client Locations.
Audit Logs - Audit Logging to determine and self troubleshoot issues such as; If installs and bulk actions were successful, or failed
Installation & Setup
- Start by Downloading the plugin!
- Open the Plugin Manager.
- This is found by clicking on 'System', expanding 'Solutions', and then clicking on 'Plugin Manager'
- From the Plugin Manager, Click on 'Advanced' at the top right, then 'Manage Plugins' and 'Add Plugin'.
- Browse to the location where you download the Plugin DLL and then select it and click 'Open'.
- Simply Click 'Save and Close' on the Add a Plugin screen.
- You will now see Sophos Central in the Plugin Manager. However, it will be Disabled by Default.
- Right Click on Sophos Central and Click 'Enable'
Enabling the Plug-in will require a restart of the Database Agent. Click 'Yes'.
Once Restarted Successfully, you will need to close and re-open the Automate Client.
Configuring the Sophos Central Plugin
- Access the Sophos Central Plugin from Tools, then click on Sophos Central
- You will start on the Settings page. The first step will be to enter your Sophos Central Partner API Credentials.
***This is not your Sophos Central Partner Dashboard login E-mail and Password***
- From a browser, log in to your Sophos Central Partner Dashboard. Go to 'Settings & Policies' and then click on 'API Credentials'.
Click on the 'Add Credential' button on the top right.
- Enter the name and description for your API Credential.
- You now have an API Credential created. Copy the 'Client ID' and then click on 'Show Client Secret'.
***The Show Client Secret is only available to be view once for security reasons***
- Now go back to the Sophos Central Plugin and enter your Client ID and Client Secret.
Assigning Client to Sophos Central Customers
Next, you will need to match your Automate Client to your Sophos Central Customers.
Select an Automate Client and then click on the Assign Tenant button and from the dropdown select the Sophos Central Customer that matches.
You will also need to grab the Customer Token from the CSV file found on the Sophos Central Partner Dashboard - Deployment tab.
***Auto Deploy will not work without the Customer Token***
***Double Check the customer token as if it is wrong it will install into the incorrect Customer***
You now have an Automate Client matched to a Sophos Central Customer.
Deployment Configuration (COMING SOON)
Deployment capabilities built directly into the plugin will allow you to
- Import your .CSV file directly into the application and auto populate your Tenant's Customer Token
- Configure auto deployment options across multiple locations for Windows Endpoints & Servers
- Configure the following deployment options
- Central Endpoint Protection = Endpoint Protection
- Intercept X Advanced = Endpoint Protection & Intercept X
- Intercept X Advanced with MTR = Endpoint Protection & Intercept X & MTR
- Intercept X Only = Intercept X
Troubleshooting & Logging
The Sophos plugin will keep an audit log of actions attempted and performed on Endpoints, Alerts, and Deployments
• To check Audit logs navigate to Sophos Security Solutions --> Logs --> Audit Logs
Also detailed application logs are kept