This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Updated to 9.601-5, received a new notice under Endpoint Protection about it expiring/EOL?

IMPORTANT UPDATE FOR SOPHOS UTM ENDPOINT PROTECTION CUSTOMERS

We have now stopped selling Sophos UTM Endpoint Protection subscriptions as of December 31st, 2018 and will retire support at the end of 2019.

Customers should upgrade — for free — to Sophos Central-managed Endpoint Protection which delivers enhanced protection and management capabilities. Learn more: https://community.sophos.com/kb/en-us/122865

 

So does the Free version have to do this as well, or do we just go as is?  Sort of a cryptic message to spew out to us.  Does it mean we are going to lose our free version too?



This thread was automatically locked due to age.
Parents
  • Hi Amodin,

    I spoke at great length about this with Sophos, they said that due to the ever increasing threat landscape (and the complexity of the threats), users will need more than just an anti-virus. Although it is a good AV package and does provide a lot of the protection required, Sophos decided that going with a Cloud based distribution model, than having to update the Sophos UTM every 3-4 times a year, this could leave you open to potential threats.

    They told me to use Sophos Home or the Endpoint Advanced products.

    hope this helps.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Thanks for the reply,

     

    So I am to take it that we are going to lose this as part of the free version of Home UTM service.  I can understand their model, I just don't understand their delivery methods in telling us this and being vague, or at least post about it (sorry if I missed it) and tell us, "Hey we are switching our model on you, suck it up and go get something else".

    The advertising between that and the wireless stuff that appeared in that huge, obnoxious banner was a bit annoying.  I almost feel like UTM is being forced out and everything is being pushed to XG, which IMO still isn't really enough for me to switch to and be happy about it.  I'd still rather have the IP limitation rather than a hardware one, not to mention what I'd lose, have to set back up and start things from scratch.  No idea if my AP30s would work or not with it (although I doubt it - we have to push other products).

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi Amodin,

    I can understand your frustration, as the long conversations I had with Sophos was on this subject, as until I asked the question they would never provide a straight answer.. lol.

    As for the AP30, I use the AP50 which work without issue, I have three of these and have connected these via a 5GHz mesh network (on either the UTM or XG). I am sure that the AP30s will work.

    I do agree with you about the XG, there is a lot to develop before I can even sell this to a customer, although some of the bells and whistles are quite nice..

    A couple of points that need to be addressed are;

    DHCP Server (from GUI not CLI).

    DNS Server.

    NTP Server.

    More control over the (Transparent) Proxy functions.

    inclusion of heartbeat into these free Endpoint security products (nice to have).

     

    these are more, but this cover the obvious ones.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Hey Neighbor,

    The folks at Sophos say that their free Home AV is better than the UTM one.  Typically, Sophos declares end-of-sales 18 months ahead of time and end of support is usually at least 18 months after that, so I wouldn't worry about being pushed to XG any time soon.  The UTM-to-XG migration tool has been in double-secret beta for about two years.  I expect Sophos will heat that up before any announcement.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hey Neighbor,

    The folks at Sophos say that their free Home AV is better than the UTM one.  Typically, Sophos declares end-of-sales 18 months ahead of time and end of support is usually at least 18 months after that, so I wouldn't worry about being pushed to XG any time soon.  The UTM-to-XG migration tool has been in double-secret beta for about two years.  I expect Sophos will heat that up before any announcement.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Well, it's good information from both of you, and I did e-mail support to see if I could get any better of a response (LOL).  I basically got from them, "I don't know, you have to ask at https://community.sophos.com and you can find your answer there."

    So, I guess I can take a hint.  ;)  I'll start implementing the free one and see how that works.  Thanks.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi

    So I have a SG series running UTM 9.6 and noticed this message today when I was considering using it. My license only allows for 2 free endpoints (which is ok for my needs) so I looked here https://community.sophos.com/kb/en-us/122865 at their KB, which was all ok until I saw this: "Note: Server protection needs to be licensed separately via Sophos Central." One of the computers I want to consider using this for is a server. Does anyone know if I have to purchase a separate Sophos Central subscription if I need server protection, and not use this free transfer?

    Regards
    Damien

  • Hi,

    yes Sophos devide into Endpoint Protection and Server Protection (UTM Endpoint was usable for both Clients & Servers)! So you have to buy Server Protection / Intercept X if you need to protect server systems. The price of Sophos Server Protection is just incredible for everybody that have to switch from UTM Endpoint to that!

    And top of the UTM Endpoint story for myself: We have a customer that had bought UTM Endpoint Licence in 2017 (3 years and before EOL) Normally this customer have a valid licence till 10/2020! Guess what - there is NO special offer for the Server Protection for that customer! The customer can switch the client endpoints without any costs but for the 5 Servers he have to buy Server Protection / InterceptX for about 600€. This is absolutely a NO GO! The customer will have a valid lincense for 10 month without a working product in 2020...

    Of course this customer will switch now to a competitor like all our other UTM Endpoint customers. The price for Server Protection/InterceptX is absolutely not competitive (just my Opinion).

     

    It's also incredible that if you use Sophos Enterprise Console (Endpoint on premise) that there is also NO difference between clients and servers but if you do that in central...Don't think about to install Endpoint Protection on a server - guess what...? Baaam - enjoy your free trial of Server Protection!

     

    regards

    Steve

  • You need to be careful about those statements. 

    Central Server Protection is more powerful than SEC / UTM EP.

    https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/Server_protection_licensing_guide-na.pdf

    And Intercept X Advanced for Server is the next step. 

     

    https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/Sophos-Endpoint-dsna.pdf

     

    Simply compare those products and you can notice, that there are quite different mechanism/level of protection. 

     

    Did you tell your story already to a Sophos Sales rep as a Partner? 

    Most likely you will get a offer for this scenario. 

    __________________________________________________________________________________________________________________

  • Of course Server Protection is more powerful but also price is x3 for that. Competitors also have at least a ransomware/encryption protection for fileserver etc. And price for the competitor server protection is often same price as for competitor clients! None of my customers is willing to pay prices factor 3 for Sophos Server Protection.

    Price for Sophos Endpoint Protection is competitive but a "lighter" Sophos Server Protection (at least with ransomware/encryption protectionis) is missing especially in Sophos Central. And of course no customer will mix AV protection for Clients and Servers - so in the end they will switch to a competitor...

     

    The offer for the customer with valid UTM Endpoint Licence came directly from Sophos Sales... I told them that this is not an option for my customer and that there MUST be at least an option to switch without any costs to Sophos Central Endpoint/Server protection if the customer will have a valid UTM Endpoint licence. It is just a NO GO to end a product if customers still have a VALID Licence beyond EOL! I also asked if there can be any other compensation (e.g. expand customer UTM Licence for a few months or anything like that). It would be really interesting if any customer will take Sophos to court for that behaviour!

     

    regards

  • Steve, I thought that UTM Endpoint would continue to function after EOL as long as the device had a valid license for it.  Where did you see that it would stop working?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Do you believe that there will be any AV pattern/DB Update after EOL? I don't think so...

    Using an outdated Endpoint after EOL for 10 months is also not an option.

     

    As already mentioned this customer will switch to a competitor in 2 months...

    Sophos product policy totally failed here.

     

    regards

  • Toni, is Steve correct that, even with a valid license, there will be no pattern updates for UTM Endpoint after EOL?

    I would have thought that Sophos would supply Central Server and PC licenses instead of forcing customers to immediately purchase Central Server licenses because UTM Endpoint licenses effectively ceased to function on their servers.

    If Steve is right about this, it's a PR nightmare and Sophos needs to get its management team to coordinate more effectively with each other.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi All,

    Apologies for the delayed response as I was waiting for more information regarding this.

    There will be no further engine updates for UTM-Managed Endpoints after the EoL date. However, IDE updates may continue to work for an uncertain amount of time until it is no longer possible (due to not meeting minimum required engine version). This EoL notice has been communicated for some time and license sales have ceased.

    Customers with servers who have UTM-Managed Endpoint installed are requested to speak to their Sophos Account Manager or Partner to discuss the topic of acquiring equivalent Sophos Central Server Protection licenses. Please also see (UTM: How to migrate from UTM Endpoint Protection to Sophos Central Endpoint Protection)

    Regards,


    Florentino
    Director, Global Community & Digital Support

    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids