Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Updated to 9.601-5, received a new notice under Endpoint Protection about it expiring/EOL?

IMPORTANT UPDATE FOR SOPHOS UTM ENDPOINT PROTECTION CUSTOMERS

We have now stopped selling Sophos UTM Endpoint Protection subscriptions as of December 31st, 2018 and will retire support at the end of 2019.

Customers should upgrade — for free — to Sophos Central-managed Endpoint Protection which delivers enhanced protection and management capabilities. Learn more: https://community.sophos.com/kb/en-us/122865

 

So does the Free version have to do this as well, or do we just go as is?  Sort of a cryptic message to spew out to us.  Does it mean we are going to lose our free version too?



This thread was automatically locked due to age.
  • Hi Amodin,

    I spoke at great length about this with Sophos, they said that due to the ever increasing threat landscape (and the complexity of the threats), users will need more than just an anti-virus. Although it is a good AV package and does provide a lot of the protection required, Sophos decided that going with a Cloud based distribution model, than having to update the Sophos UTM every 3-4 times a year, this could leave you open to potential threats.

    They told me to use Sophos Home or the Endpoint Advanced products.

    hope this helps.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Thanks for the reply,

     

    So I am to take it that we are going to lose this as part of the free version of Home UTM service.  I can understand their model, I just don't understand their delivery methods in telling us this and being vague, or at least post about it (sorry if I missed it) and tell us, "Hey we are switching our model on you, suck it up and go get something else".

    The advertising between that and the wireless stuff that appeared in that huge, obnoxious banner was a bit annoying.  I almost feel like UTM is being forced out and everything is being pushed to XG, which IMO still isn't really enough for me to switch to and be happy about it.  I'd still rather have the IP limitation rather than a hardware one, not to mention what I'd lose, have to set back up and start things from scratch.  No idea if my AP30s would work or not with it (although I doubt it - we have to push other products).

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi Amodin,

    I can understand your frustration, as the long conversations I had with Sophos was on this subject, as until I asked the question they would never provide a straight answer.. lol.

    As for the AP30, I use the AP50 which work without issue, I have three of these and have connected these via a 5GHz mesh network (on either the UTM or XG). I am sure that the AP30s will work.

    I do agree with you about the XG, there is a lot to develop before I can even sell this to a customer, although some of the bells and whistles are quite nice..

    A couple of points that need to be addressed are;

    DHCP Server (from GUI not CLI).

    DNS Server.

    NTP Server.

    More control over the (Transparent) Proxy functions.

    inclusion of heartbeat into these free Endpoint security products (nice to have).

     

    these are more, but this cover the obvious ones.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Hey Neighbor,

    The folks at Sophos say that their free Home AV is better than the UTM one.  Typically, Sophos declares end-of-sales 18 months ahead of time and end of support is usually at least 18 months after that, so I wouldn't worry about being pushed to XG any time soon.  The UTM-to-XG migration tool has been in double-secret beta for about two years.  I expect Sophos will heat that up before any announcement.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Well, it's good information from both of you, and I did e-mail support to see if I could get any better of a response (LOL).  I basically got from them, "I don't know, you have to ask at https://community.sophos.com and you can find your answer there."

    So, I guess I can take a hint.  ;)  I'll start implementing the free one and see how that works.  Thanks.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi

    So I have a SG series running UTM 9.6 and noticed this message today when I was considering using it. My license only allows for 2 free endpoints (which is ok for my needs) so I looked here https://community.sophos.com/kb/en-us/122865 at their KB, which was all ok until I saw this: "Note: Server protection needs to be licensed separately via Sophos Central." One of the computers I want to consider using this for is a server. Does anyone know if I have to purchase a separate Sophos Central subscription if I need server protection, and not use this free transfer?

    Regards
    Damien

  • I have a Sophos UTM 9 home use license and in the licensing area it says that I can protect up to 12 endpoints. I've not used endpoint protection but after receiving the EOL message I decided to give Sophos Central Endpoint Protection a try. I set up a 30 day trial as described in the migration documentation.

    community.sophos.com/.../122865

    The document states.

    "Contact Sophos Customer Care (customercare@sophos.com) and have your UTM License ID available. They will be able to provide you with a license for Central Endpoint Protection (CEP) equivalent to your original UTM endpoint protection license. This will include a license key which you can apply in the Sophos Central interface to convert your account from trial to fully licensed, please allow up to 5 working days for this activation key to arrive.
    Note: Server protection needs to be licensed separately via Sophos Central."

    So I sent in my license ID. I received a response that this only applies to paid versions of Endpoint Protection, so my home use license does not qualify. So, heads up to home license users. Don't waste your time trying to convert your endpoint license to the cloud based version.

    It was a little disappointing that I was not able to convert my license since I had planned to play with Sophos Central and consider whether I might recommend it to my customers. However, it's likely that I would not have recommended it since there's no good way to verify the efficacy of the product since Sophos does not participate in third party testing by organizations such as av-comparatives and av-test. Without unbiased scientific testing it's hard to say just how effective an antivirus product is compared to the competition. I have no idea how effective Sophos's antivirus products are. They could be the best in the world, or they could be mediocre. Without some sort of benchmark it's just a guess. Sophos hypes their technologies such as Heartbeat and Intercept X, but without third party verification it takes a leap of faith to trust these products.

    I would like to see Sophos compete head to head with competing products in scientific testing, and if Sophos feels that the tests don't reflect real world use then I would like to see Sophos point out testing errors and perhaps help the test sites work toward a better testing model.


    Rob

     

     

     

  • Hi Rob - welcome to the UTM Community!

    If your company is a Sophos Partner, you should ask your Sophos Channel Account Executive to arrange a not-for-resale Central Endpoint license for your company.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Interesting....

    https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2019/sophos-endpoint-security-and-control-10.8-191522/

    Thought you said their software wasn't tested at av-test?

     

    Here's the mobile news:  https://news.sophos.com/en-us/2019/03/22/av-test-and-av-comparatives-give-sophos-mobile-security-100/

     

    I went and bought the home user 10-computer to replace EOL for Endpoint, and was pointed out that it is better than Endpoint is (the first link I posted here).  I think we're okay to use it, based off the scores the software receives.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Actually, here is the reason for EoL of UTM Endpoint.

    https://community.sophos.com/kb/en-us/133049

    You wont be able to install / use UTM Endpoint with certain Windows Installations. 

     

    So for Free/home User: Sophos Home: https://home.sophos.com/en-us.aspx (Premium or Free). Or Upgrade to a Central License (Subscription based). 

    For Business Partner: Contact your Sophos Reseller for a Migration to a Central License

    __________________________________________________________________________________________________________________