• MDR Appliance

    GUARDIAN SOC
    GUARDIAN SOC
    We have an MDR virtual appliance deployed. We are looking at installing physical MDR "mini-servers" at other sites. We haven't been able to find any information related to this. Is this an option? Any related advice or best practices for deploying these…
    • 1 month ago
    • Sophos Central
    • Discussions
  • Sophos Central support on Arch Linux

    Warren Bondoc
    Warren Bondoc
    Does Sophos Central Endpoint/Server support Arch Linux platform? Thanks!
    • Answered
    • 1 month ago
    • Sophos Central
    • Discussions
  • #IDEA - Reports - Data Loss Prevention

    Bruno Neris
    Bruno Neris
    Hello everyone. I would like to suggest a new idea. In DLP reports for (Endpoints) and (Email). We noticed that the report does not show the column (Rule Content), the content of the rule, only its name. We would like to suggest as an idea…
    • 1 month ago
    • Sophos Central
    • Discussions
  • Mal/EncPk-AQQ - Malware alert

    Raza Mirza
    Raza Mirza
    Hi, in our environment there are alerts raised about Mal/EncPk-AQQ related to googleupate.exe & updater.exe (version 132.0.6806.0) as Malware, when searched about the Mal/EncPk-AQQ there is no information in sophos forum, request you to kindly advise…
    • Answered
    • 1 month ago
    • Sophos Central
    • Discussions
  • Sophos Central Detections

    admin_idl
    admin_idl
    Hello, We have a Sophos Central account with about 150 computers and 25 servers. XDR is used. The licences have currently been active for about 8 days, but no detections have been displayed so far. Could it be that nothing has been detected so far and…
    • 2 months ago
    • Sophos Central
    • Discussions
  • The way to export the all detection data to the list

    Kyohei Urano
    Kyohei Urano
    I want to make a report of detection from sophos central, but there is no such a button to export those kind of data. I need 'detection rule', 'date', 'category', 'severity' contents in this report. Someone know how to make this kind of report…
    • 3 months ago
    • Sophos Central
    • Discussions
  • Some Questions about MAC's

    Dennis Haschke
    Dennis Haschke
    Hi, we use Sophos on MAC's and i have some questions........ * We have a group calles MACs. When we install Sophos on a MAC is it possible to auto assign to this group? * Is it possible to create scopes? E.g. that our MAC admin only can administrate…
    • 3 months ago
    • Sophos Central
    • Discussions
  • mass-release from quarantine

    FFin
    FFin
    Hi all, i've got a false-positive outbreak detected on one fileserver. There're around 100 Items in Quarantine - alerts spread over 6 pages in Events-Section in central. i went through that list multiple times but was able to release 95 elements from…
    • 3 months ago
    • Sophos Central
    • Discussions
  • Can we add CIXA for 20 user license and Cixa xdr for 30 user in one Sophos central portal

    DevK
    DevK
    Can we add CIXA for 20 user license and Cixa xdr for 30 user in one Sophos central portal
    • Answered
    • 3 months ago
    • Sophos Central
    • Discussions
  • In Sophos Central on a single device Last User shows a user that is not logged in, and who doesn't have internet usage rights. And because of this the logged in user who has internet rights is being blocked.

    Shawn Adams
    Shawn Adams
    And even with 6 or 7 new starts the device still shows the wrong user in central. When I look up the correct user it shows 0 devices in the management studio. The user is local user in windows is logged into their Microsoft account and is synced with…
    • Answered
    • 3 months ago
    • Sophos Central
    • Discussions
  • Possibility to trace back for older avdb signatures

    Kumar Bavandla
    Kumar Bavandla
    Big thanks for the answers to my queries in the suitable product for scanning files, folders on RHEL with no internet connectivity - Discussions - Sophos Central - Sophos Community ticket. I have two follow up questions and I prefer to ask in a separate…
    • Answered
    • 3 months ago
    • Sophos Central
    • Discussions
  • Editing exclusions leads to deletion - is this a known bug?

    Björn Vermöhlen
    Björn Vermöhlen
    Hi! I just found a bug in the Sophos Central dashboard and could not find it in the known issues list. Here's how to replicate the issue: 1. Create an exclusion of the type "Exploit mitigation", choose an application and deactivate at least one of…
    • Answered
    • 4 months ago
    • Sophos Central
    • Discussions
  • Sophos Central + YARA

    Mansoor Ahmad
    Mansoor Ahmad
    As residents of Saudi Arabia, SAMA provides us with YARA rules for threat detection. How can we effectively create and implement our own query within Sophos Central to scan for these YARA rules? What are the best practices and challenges associated…
    • 4 months ago
    • Sophos Central
    • Discussions
  • suitable product for scanning files, folders on RHEL with no internet connectivity

    Kumar Bavandla
    Kumar Bavandla
    Hello We are looking for a suitable Sophos product for our usecase. Have gone through the documentation, however would like to confirm below: Usecase: a. System is RHEL7.9 and RHEL9 b. Looking for an on demand scan capability to scan files/folder…
    • Answered
    • 4 months ago
    • Sophos Central
    • Discussions
  • Sudden Increase in False Positives from Sophos Central — Need Immediate Assistance

    Anas Rez
    Anas Rez
    Recently, I've noticed a troubling increase in false positives from Sophos Central that are impacting our workflow significantly. Legitimate files and applications are being flagged as threats, causing unnecessary disruptions and delays. This issue seems…
    • 4 months ago
    • Sophos Central
    • Discussions
  • Sophos Protection for Linux (SPL) - Install on Linux Server without internet access

    dan_f
    dan_f
    Hi there, I followed documentation to install SPL on a Linux server that does not have internet access. We have a Windows server acting as update cache / message relay. This is confirmed to work for other (Windows) machines. However the installation…
    • Answered
    • 5 months ago
    • Sophos Central
    • Discussions
  • Early Access Program - Sophos Core Agent

    Nikola Djurdjevic1
    Nikola Djurdjevic1
    Is there a way to get latest version for Sophos Core Agent trough Early Access Program ? In Early Access Programs page I couldn't find Core Agent EAP. The closes I could find was New Endpoint Protection Features . I have subscribed for New Endpoint…
    • 5 months ago
    • Sophos Central
    • Discussions
  • Purger ou diminuer logs dans C:\ProgramData\Sophosi\Endioint Defense\Date\Event Journals

    guillaume testaniere
    guillaume testaniere
    Bonjour Est il possible de purger ou diminuer la taille des logs dans C:\ProgramData\Sophosi\Endioint Defense\Date\Event Journals Mais pour un seul serveur Quel est l'impact sur la sécurité de ce serveur ? Cordialement
    • 5 months ago
    • Sophos Central
    • Discussions
  • Removing De-Duplicated Server

    Tamjid Tarafdar
    Tamjid Tarafdar
    Recently, we got an alert that was caused by a company we work with doing a Disaster Recovery test. This caused a duplicate record of one of our servers. We have prevented the backed-up systems from communicating out to Sophos to prevent future de-duplication…
    • 5 months ago
    • Sophos Central
    • Discussions
  • Sophos Central , possible to edit base policies?

    JohnMaA
    JohnMaA
    Hi, Is it possible to edit the base policies, so that we don't have to change a policy manually every time we create a new Customer? Using a Global template forces us to manually go into the settings to add the new customer to the template, so…
    • Answered
    • 6 months ago
    • Sophos Central
    • Discussions
  • Protect network traffic blocks EWS service URL from within a program

    Jonas Havemann TimberTec GmbH
    Jonas Havemann TimberTec GmbH
    Hello, we have a problem with the feature “Protect network traffic”. We are using a terminal server, on which employees work with a program that uses EWS to send mails. We now have the problem that Sophos blocks the automatic login process via the…
    • 6 months ago
    • Sophos Central
    • Discussions
  • TLD block in Sopho Central

    Damian Kowalik
    Damian Kowalik
    Hello there, I am trying to block TLDs in Sophos Central using Website Management—Add Website Customisation, and instead of putting many domains with a malicious top domain, I would like to be able to block this particular domain. What should I…
    • 6 months ago
    • Sophos Central
    • Discussions
  • Cannot find some users and computers on Sophos Central Dashboard

    Ahmed Obaid
    Ahmed Obaid
    Dears, We are facing a problem finding some users and their computers in SHOPOS portal under computers or under "Restore deleted devices and recover Tamper Protection passwords" even though SHOPOS endpoint is installed in those devices.
    • 6 months ago
    • Sophos Central
    • Discussions
  • Sophos central : IPS service not started

    Ahmed Obaid
    Ahmed Obaid
    Greetings all IPS service is not starting on an A computer which you can see on this snapshot bellow, how to overcome this error message.
    • Answered
    • 6 months ago
    • Sophos Central
    • Discussions
  • Sophos Central web policy exclusion

    admin_idl
    admin_idl
    Hello, We work with a Sophos Central Web Policy in general the download of .exe files is not allowed. Is it possible to exclude certain files/programs from this policy so that they can be downloaded? Thank You!
    • 7 months ago
    • Sophos Central
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
>