• Utilizing Intercept X on Windows 7

    Fox Medo
    Fox Medo
    We are facing a situation where we need to use Intercept X with Windows 7. The challenge is that the client cannot upgrade the system due to incompatibility with certain medical instruments. We are considering using Intercept X as an antivirus solution…
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • Disk SSD SATA 100% with Intecept X

    Andres Ulloa
    Andres Ulloa
    Dear All: Along with saying hello and hoping that you have enjoyed a nice end-of-year holiday with your families, write to ask them the following: Our company has Sophos Intercept 100%. Strangely it is not just the Sophos processes that take the disk…
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • news on Heartbeat for Sophos SPL (Linux Endpoint)?

    LHerzog
    LHerzog
    Hi and happy new year. What about new features? SPL with Heartbeat? Will it come some day? Last info was this is somehow planned. Heartbeat for Sophos Protection for Linux (SPL)
    • Answered
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • SMB-RR-Server Protection InterceptX

    satyabrata bastia
    satyabrata bastia
    Hi, we are getting above quote from vendor ----SMB-RR-Server Protection InterceptX we are using on-premises server. how to install in physicals and virtual machine if both are present in same machine and its required same software or different.…
    • Answered
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • Retrieve more information of client devices?

    Vincent Luckmann
    Vincent Luckmann
    Hello dear Sophos Community, we have some old devices in our company and I noticed that the sophos agent collects data like Processor structure and Operating System but now my question is; Can I get Sophos to collect more information than this from…
    • Answered
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • Removing Sophos Management Server

    Mark Barnes1
    Mark Barnes1
    Hi, I am having issues removing Sophos Management Server 5.5.0 from one of our virtual machines. We no longer use Sophos or have any access so I'm assuming it's an issue with tamper protection - when I try and uninstall via Apps and features it just…
    • 11 months ago
    • Sophos Endpoint
    • Discussions
  • setting up message relay and update cache

    Sophos User1175
    Sophos User1175
    hi all, i have read the "setting up sophos relay and update cache" here https://support.sophos.com/support/s/article/KB-000035498?language=en_US couple of questions - on the sophos central portal it says this Update Cache and Message Relay Status…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Remove Sophos Endpoint Agent from a Device without Tamper Protection

    Fahad Alyami
    Fahad Alyami
    Dears, I am facing an issue with uninstalling Sophos Endpoint Agent in order to reinstall it again. In Sophos Central Dashboard, there is a laptop that is totally not protected while Sophos agent but not updated yet (logged in remotely to the device…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • turn off tamper protection via terminal on mac

    Sophos User1175
    Sophos User1175
    hi all, i know you can turn off tamper protection on pc via cmd via the SEDcli.exe command C:\Program Files\Sophos\Endpoint Defense \SEDcli.exe -OverrideTPoff password is there anyway to do this on mac via terminal? thanks, rob
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Sophos Endpoint - Cryptoguard Log Location

    Kyle Gibson
    Kyle Gibson
    My employees accidentally cleared an alert in Sophos Central for a ransomeware attack. Doing so erased all the detail information (File locations, etc.) Can someone point me to the log location so I can get that information from the log?
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • A device that was not being used, started reporting strange logs in the sophos endpoint

    Pavel Čechmánek
    Pavel Čechmánek
    A strange thing happened to us on Endpoint, which was in a locked office, in one second the endpoint blocked at least 10 pages of inappropriate tip as Adult/Sexually Explicit. Since I am sure that no one was sitting at the endpoint and no one could…
    • Answered
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • CPU usage by Sophos.

    P patton
    P patton
    In a fairly new windows laptop, we had to install Sophos in our company laptop. This made the laptop extremely slow and hard to use. All of my coworkers have also been facing similar issues. Sophos uses around 90-100% of the CPU. what should I do…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Seeking Advice: Ransomware Attack and Solutions for Legacy Systems

    Fox Medo
    Fox Medo
    I am reaching out for guidance on a critical issue one of our clients is currently facing. They have fallen victim to a ransomware attack, specifically impacted by the 'Hhuy virus' from the STOP/DJVU ransomware family, identifiable by the '.HHUY' extension…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • point agents to update cache and message relay

    Sophos User1175
    Sophos User1175
    hi all, how do i point endpoint agents to a specific "update cache and message relay" because atm there saying "sophos" on the web portal but i want them to point to a specific relay server as there not internet facing machines thanks, rob
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • silent install but miss already on pc's

    Sophos User1175
    Sophos User1175
    hi all, how do i install sophos endpoint protection but miss pcs with it already on https://doc.sophos.com/central/Partner/help/en-us/Help/Deployment/WindowsCommandLine/index.html#message-relays do i need to add "no competitor removal" to miss all…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Sophos MCS services

    PK1
    PK1
    Purpose of these 2 services Sophos MCS Client and Sophos MCS Agent, what do they do? Any KBA to detail the explanation or nature of each Sophos service on windows devices?
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • New Block QUIC setting not showing

    itskdog
    itskdog
    I saw the popup the other day announcing the new feature in Threat Protection to block QUIC to make sure that everything goes through Web Control and Threat Control correctly. I clicked the "Read more" link which took me to Threat Protection Policy…
    • Answered
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • problems installing sophos endpoint, Error: No reachable update service locations

    oscar parra
    oscar parra
    problems installing sophos endpoint, Error: No reachable update service locations , The log generates the following: 2023-12-19T15:28:54.2670382Z INFO : Trying update service url sus.sophosupd.com/.../d409441b-33e9-47f3-b22a-0cf49378a0a8 with proxy: …
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Intercept X for linux. How to control locally

    LMSIIATO
    LMSIIATO
    Hi everyone, I wanted to know if there are commands to manage the interceptx antivirus on Linux via ssh. For example: Launch a manual scan on a file or folder See scan logs See the progress of a scan See the status of sophos services Temporarily disable…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • sophos endpoint defense services taking high memory utilization(500-600)

    Sophos User6749
    Sophos User6749
    Why this services taking so much memory utilization and how we can reduce it can anyone suggest ,due to which system getting slow
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • is it possible to exclude some URL from Endpoint logging -> whistle-blowing

    LHerzog
    LHerzog
    Hi, due to some strange German law, there must be some wistle-blowing URL to be excluded from decrypting but also from logging. is that possible with Sophos Endpoint / Central? What about Datalake? Though it's a nightmare in terms of security…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Windows Updates and Server Lockdown

    Crackers
    Crackers
    Hello, Is anyone successfully installing Windows Updates whilst lockdown is enabled? My understanding is that server updates need to be installed before the server is locked down: https://support.sophos.com/support/s/article/KB-000035355?language…
    • Answered
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Mac Endpoint different settings for "Full Disk Access"

    JanBelz
    JanBelz
    Hi, we are running several MacbookPro with M1 or M2 Chip. I am wondering that identical Macbooks (M2 running Sonoma) having differnt settings regarding Sophos in the Full Disk Access menu. For example Sophos CryptoGuard is running on all of…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • IPS/NTP HTTPS Decryption - ERR_EMPTY_RESPONSE issues since latest upgrade to NTP64 2023.2.573

    LHerzog
    LHerzog
    Hey Sophos, you managed to bring one of our websites out of production with your new NTP64 component. Since installed, endpoints will not load it or only parts of it. Intercept-X kills the connection during TLS handshake. HTTPS Decryption enabled…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • Exclude Threat Detection "TA0005 - Defense Evasion"

    Colsam
    Colsam
    Our SAP server’s backup process, that is using certutil.exe, is detected as a defense evasion threat. In details the detection is Detection ID: WIN-EVA-PRC-CERTUTIL-DECODE-1 Command Line: certutil -decode password.b64 password.txt File Path: C:\Windows…
    • over 1 year ago
    • Sophos Endpoint
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>