We are facing a situation where we need to use Intercept X with Windows 7. The challenge is that the client cannot upgrade the system due to incompatibility with certain medical instruments.
We are considering using Intercept X as an antivirus solution…
Dear All:
Along with saying hello and hoping that you have enjoyed a nice end-of-year holiday with your families, write to ask them the following:
Our company has Sophos Intercept 100%. Strangely it is not just the Sophos processes that take the disk…
Hi and happy new year.
What about new features? SPL with Heartbeat? Will it come some day?
Last info was this is somehow planned.
Heartbeat for Sophos Protection for Linux (SPL)
Hi,
we are getting above quote from vendor ----SMB-RR-Server Protection InterceptX
we are using on-premises server.
how to install in physicals and virtual machine if both are present in same machine and its required same software or different.…
Hello dear Sophos Community,
we have some old devices in our company and I noticed that the sophos agent collects data like Processor structure and Operating System but now my question is; Can I get Sophos to collect more information than this from…
Hi,
I am having issues removing Sophos Management Server 5.5.0 from one of our virtual machines.
We no longer use Sophos or have any access so I'm assuming it's an issue with tamper protection - when I try and uninstall via Apps and features it just…
hi all,
i have read the "setting up sophos relay and update cache" here
https://support.sophos.com/support/s/article/KB-000035498?language=en_US
couple of questions -
on the sophos central portal it says this
Update Cache and Message Relay Status…
Dears,
I am facing an issue with uninstalling Sophos Endpoint Agent in order to reinstall it again.
In Sophos Central Dashboard, there is a laptop that is totally not protected while Sophos agent but not updated yet (logged in remotely to the device…
hi all,
i know you can turn off tamper protection on pc via cmd via the SEDcli.exe command
C:\Program Files\Sophos\Endpoint Defense \SEDcli.exe -OverrideTPoff password
is there anyway to do this on mac via terminal?
thanks,
rob
My employees accidentally cleared an alert in Sophos Central for a ransomeware attack. Doing so erased all the detail information (File locations, etc.) Can someone point me to the log location so I can get that information from the log?
A strange thing happened to us on Endpoint, which was in a locked office, in one second the endpoint blocked at least 10 pages of inappropriate tip as Adult/Sexually Explicit.
Since I am sure that no one was sitting at the endpoint and no one could…
In a fairly new windows laptop, we had to install Sophos in our company laptop. This made the laptop extremely slow and hard to use.
All of my coworkers have also been facing similar issues.
Sophos uses around 90-100% of the CPU.
what should I do…
I am reaching out for guidance on a critical issue one of our clients is currently facing. They have fallen victim to a ransomware attack, specifically impacted by the 'Hhuy virus' from the STOP/DJVU ransomware family, identifiable by the '.HHUY' extension…
hi all,
how do i point endpoint agents to a specific "update cache and message relay" because atm there saying "sophos" on the web portal but i want them to point to a specific relay server as there not internet facing machines
thanks,
rob
hi all,
how do i install sophos endpoint protection but miss pcs with it already on
https://doc.sophos.com/central/Partner/help/en-us/Help/Deployment/WindowsCommandLine/index.html#message-relays
do i need to add "no competitor removal" to miss all…
Purpose of these 2 services Sophos MCS Client and Sophos MCS Agent, what do they do? Any KBA to detail the explanation or nature of each Sophos service on windows devices?
I saw the popup the other day announcing the new feature in Threat Protection to block QUIC to make sure that everything goes through Web Control and Threat Control correctly.
I clicked the "Read more" link which took me to Threat Protection Policy…
problems installing sophos endpoint, Error: No reachable update service locations , The log generates the following: 2023-12-19T15:28:54.2670382Z INFO : Trying update service url sus.sophosupd.com/.../d409441b-33e9-47f3-b22a-0cf49378a0a8 with proxy: …
Hi everyone, I wanted to know if there are commands to manage the interceptx antivirus on Linux via ssh. For example: Launch a manual scan on a file or folder See scan logs See the progress of a scan See the status of sophos services Temporarily disable…
Hi,
due to some strange German law, there must be some wistle-blowing URL to be excluded from decrypting but also from logging.
is that possible with Sophos Endpoint / Central?
What about Datalake?
Though it's a nightmare in terms of security…
Hello,
Is anyone successfully installing Windows Updates whilst lockdown is enabled?
My understanding is that server updates need to be installed before the server is locked down: https://support.sophos.com/support/s/article/KB-000035355?language…
Hi,
we are running several MacbookPro with M1 or M2 Chip.
I am wondering that identical Macbooks (M2 running Sonoma) having differnt settings regarding Sophos in the Full Disk Access menu.
For example Sophos CryptoGuard is running on all of…
Hey Sophos,
you managed to bring one of our websites out of production with your new NTP64 component.
Since installed, endpoints will not load it or only parts of it. Intercept-X kills the connection during TLS handshake.
HTTPS Decryption enabled…
Our SAP server’s backup process, that is using certutil.exe, is detected as a defense evasion threat.
In details the detection is
Detection ID: WIN-EVA-PRC-CERTUTIL-DECODE-1 Command Line: certutil -decode password.b64 password.txt File Path: C:\Windows…