- Sophos Endpoint Protection Download
- Sophos Endpoint Protection Mac Download
- Sophos Endpoint Security Download
- Sophos Endpoint Agent Download
For many organizations, Macs are a regular fixture in their IT estates. Whether they comprise just a few devices or a significant proportion, Macs need the same levels of cybersecurity protection and visibility as their Windows cousins.
Sophos Endpoint Security 10.7 (Campus) and Sophos Endpoint Security 10.7 (Home and Mobile) will automatically uninstall any previously installed version of Symantec Endpoint Protection on your Windows computers. If you need any assistance with installing or using Sophos Home, please contact the ITS Customer Support Center.
Which is why in addition to proven protection from the latest Mac threats, Endpoint Detection and Response (EDR) is now available for Mac users in addition to Windows and Linux.
Award-winning Sophos for Mac blocks advanced viruses, malware, phishing, exploits, and ransomware attacks. Powered by enterprise-grade endpoint protection technologies, the home version is affordable, simple to install, and easy to use. Applies to the following Sophos products and versions Sophos Cloud Managed Endpoint 9.6.3 (Mac) What to do. Login to Sophos Central Admin. Navigate to Protect Devices then choose one of the following options: Download Complete macOS Installer; Choose Components (this option is available if licensed for multiple features). Intercept X Free Trial The Leader in Endpoint Security. Next-Gen Protection - deep learning identifies known and unknown threats that your current provider is missing. Full Access - get our entire security suite including firewall, endpoint, cloud, and server protection. Applies to the following Sophos products and versions Central Mac Endpoint, Sophos Anti-Virus for Mac OS X What to do There are two tools included as a part of Mac OS X that can be used to validate the authenticity of the Sophos Mac installer. Spctl In terminal you can run the following command: spctl -a -t exec -vv 'Sophos Installer.app'.
Intercept X Advanced with EDR gives both IT admins and cybersecurity experts the power to answer critical IT operations and threat hunting questions, and then remotely take any necessary actions.
Upgrade your IT security operations
Maintaining proper IT hygiene can be a significant time investment for IT admins. Being able to identify which devices need attention and what action needs to be taken can add another layer of complexity.
With Sophos EDR, you can now do just that – quickly and easily. For example:
- Find devices with software vulnerabilities, unknown services running, or unauthorized browser extensions
- Identify devices that have unwanted software
- See if software has been deployed on devices, e.g. to make sure a rollout is complete
- Remotely access devices to dig deeper and take action, such as installing software, editing configuration files, and rebooting a device
Hunt and neutralize threats
Tracking down subtle, evasive threats requires a tool capable of detecting even the smallest indicators of compromise.
With this release, Sophos EDR is significantly enhancing its threat hunting capabilities. For example:
- Detect processes attempting to make a connection on non-standard ports
- Get granular detail on unexpected script executions
- Identify processes that have created files or modified configuration files
- Remotely access a device to deploy additional forensic tools, terminate suspect processes, and run scripts or programs
Introducing Live Discover and Live Response
The features that make solving all the important examples above possible are Live Discover and Live Response.
Live Discover allows you to examine your data for almost any question you can think of by searching across Mac devices with SQL queries. You can choose from a selection of out-of-the-box queries, which can be fully customized to pull the exact information that you need, both when performing IT security operations hygiene and threat hunting tasks. Data is stored on-disk for up to 90 days, meaning query response times are fast and efficient.
Live Response is a command line interface that can remotely access devices in order to perform further investigation or take appropriate action. For example:
- Rebooting a device pending updates
- Terminating suspicious processes
- Browsing the file system
- Editing configuration files
- Running scripts and programs
And it’s all done remotely, so it’s ideal in working situations where you may not have physical access to a device that needs attention.
Try the new features
Existing Intercept X Advanced with EDR customers will automatically see their Mac devices appearing for selection in Live Discover and Live Response by September 16.
Intercept X and Intercept X for Server customers that would like to try out EDR functionality can head to the Sophos Central console, select ‘Free Trials’ in the left-hand menu and choose the ‘Intercept X Advanced with EDR’ or ‘Intercept X Advanced for Server with EDR’ trial.
If you’re new to Sophos Central, start a no-obligation free trial of Intercept X Advanced with EDR today. You’ll get world class protection against the latest cybersecurity threats in addition to powerful EDR capabilities. Get started.
Live Discover and Live Response are available for Windows, Mac, and Linux devices.
For Sophos Central customers
These are the release notes for Sophos Endpoint Advanced for Windows 7 and later, managed by Sophos Central.
Some of the features mentioned in these release notes are only available if you have the appropriate license.
You may find that you cannot yet download and use the latest version. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.
Version 10.8.9 update New
Updated components
Sophos Anti-Virus has been updated to 10.8.9.610.
This release contains various fixes and updates.
Components Updated
| Sophos Endpoint Advanced Windows 7 and later | 10.8.9 update October 2020 | 10.8.9 September 2020 | 10.8.8 July 2020 | 10.8.7 May 2020 | 10.8.6 update February 2020 | 10.8.6 January 2020 | 10.8.5.330 November 2019 | 10.8.3.441 April 2019 | 10.8.3 November 2018 | 10.8.2.344 October 2018 | 10.8.2 September 2018 | 10.8.1.2 April 2018 | 10.8.1.217 February 2018 | 10.8.1 January 2018 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sophos Anti-Virus | 10.8.9.610 | 10.8.9.292 | 10.8.8.337 | 10.8.7.1000 | 10.8.6.215 | 10.8.6.215 | 10.8.5.330 | 10.8.3.441 | 10.8.3.322 | 10.8.2.344 | 10.8.2.342 | 10.8.1.316 | 10.8.1.217 | 10.8.1 |
| Threat detection engine | 3.79.0 | 3.79.0 | 3.79.0 | 3.78.7 | 3.78.5 | 3.77.1 | 3.77.1 | 3.74.1 | 3.74.1 | 3.74.0 | 3.74.0 | 3.72.1 | 3.71.0 | 3.71.0 |
| Sophos Endpoint Firewall Management | 1.2.0.17 | 1.2.0.17 | 1.2.0.17 | 1.2.0.17 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.1.0.0 | 1.0.0 | 1.0.0 |
Other release notes
You should also read the Sophos Core Agent release notes. They cover the changes, resolved issues and known issues for the core components.
For information about the changes to the Sophos Core Agent, see the Sophos Core Agent release notes.
For information about the changes to Sophos Intercept X, see the Sophos Intercept X release notes.
For improvements and new features in the Sophos Central console, see What's new in Sophos Central.
Version 10.8.9
Updated components
Sophos Anti-Virus has been updated to 10.8.9.292.
Resolved issues
| Issue ID | Component | Description |
|---|---|---|
| WINEP-9227 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly on computers that have upgraded to Sophos Anti-Virus 10.6.4 and have IBM ClearCase installed. |
| WINEP-21543 | Sophos Anti-Virus | Resolved an issue with Sophos Anti-Virus integration with the Windows security center. |
| WINEP-22138 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly when the kernel stack has been exhausted. |
Version 10.8.8
Updated components
Sophos Endpoint Protection Download
Sophos Anti-Virus has been updated to 10.8.8.337.
The threat detection engine has been updated to 3.79.0.
Version 10.8.7
Updated Components
Sophos Anti-Virus has been updated to 10.8.7.1000.
The threat detection engine is 3.78.7. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Sophos Endpoint Firewall Management has been updated to 1.2.0.17.
Version 10.8.6 update
Updated Components
The threat detection engine is 3.78.5. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Version 10.8.6
Updated components
Sophos Anti-Virus has been updated to 10.8.6.215.
The threat detection engine is 3.77.1. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
| Issue ID | Component | Description |
|---|---|---|
| WINEP-21151 | Sophos Anti-Virus | Resolved an issue in which the Sophos Central dashboard reports that real-time protection is turned off, but at the Windows endpoint real-time protection is turned on. |
| WINEP-9227 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly on computers that have upgraded to Sophos Anti-Virus 10.6.4 and have IBM Clear Case installed. |
| WINEP-18719 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly. Related to scanning files on network shares in the process of being modified by certain co-existing products. |
| WINEP-16468 | Sophos Anti-Virus | Resolved an issue in which an internal on-access driver error 112 is logged when the user tries to upload .cab files to an FTP server using a batch file. |
| WINEP-21052 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly with a WIN32K_POWER_WATCHDOG_TIMEOUT error on laptops when changing between power states. |
| WINEP-22138 | Sophos Anti-Virus | Resolved an issue in which Windows stops unexpectedly when the kernel stack has been exhausted. |
Version 10.8.5.330
Updated components
Sophos Anti-Virus has been updated to 10.8.5.330.
The threat detection engine is 3.77.1. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
This version contains minor fixes and improvements.
Version 10.8.3.441
Updated components
Sophos Anti-Virus has been updated to 10.8.3.441.
Resolved issues
| Issue ID | Component | Description |
|---|---|---|
| WINEP-19220 | Sophos Anti-Virus | Resolved an issue with Microsoft updates causing machines to hang on starting. |
Version 10.8.3
New features
Sophos Device Control
The following devices have been added to the list of secure removable storage devices:
- DataLocker Sentry ONE-M
- Datalocker H300 500GB
- Apricorn Secure Key 3z
Updated components
Sophos Anti-Virus has been updated to 10.8.3.322.
The threat detection engine is 3.74.1. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
| Issue ID | Component | Description |
|---|---|---|
| WINEP-13879 | Sophos Anti-Virus | Sophos Anti-Virus installation can fail when migrating to Sophos Central due to a race condition. |
Version 10.8.2.344
Updated components
Sophos Anti-Virus has been updated to 10.8.2.344.
Version 10.8.2
Updated components
The threat detection engine is 3.74.0. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Sophos Endpoint Firewall Management has been updated to 1.1.0.0.
Version 10.8.1.2
Updated components
Sophos Anti-Virus has been updated to 10.8.1.316.
The threat detection engine is 3.72.1. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Sophos Endpoint Firewall Management has been updated to 1.1.0.0.
Version 10.8.1.217
Sophos Endpoint Protection Mac Download
Updated components
Sophos Anti-Virus has been updated to 10.8.1.217.
Version 10.8.1
Updated components
The threat detection engine is 3.71.0. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
Sophos Endpoint Security Download
| Issue ID | Component | Description |
|---|---|---|
| WINEP-11579, WINEP-11346, WINEP-3305 | Sophos Anti-Virus | Service improvements for EPP/SWI/Web Intelligence. |
| WINEP-9143 | Sophos Anti-Virus | Resolved an issue with blocked URLs with trailing :/ being displayed incorrectly in Device Events. |
| WINEP-7120 | Sophos Anti-Virus | Resolved issues with the reporting of web controlled sites in Sophos Central. |
Known issues and limitations
| Issue ID | Component | Description |
|---|---|---|
| WINEP-10648 | Sophos Anti-Virus | Incorrect malware cleanup notification to the end user when malware is detected on a mapped drive. Sophos Central reports that manual cleanup is required, but the endpoint indicates malware was cleaned up. The endpoint should indicate manual clean up required. |
| WINEP-12044 | Sophos Anti-Virus | In some situations Sophos scans are reported as complete while cleanup actions are still in progress. |
System requirements
This version of Sophos Endpoint is supported on Windows 7 and later client operating systems. For a full list of system requirements, see knowledge base article 121027.
Sophos Endpoint Agent Download
Support for Windows 8 and Windows 8.1
- Sophos Endpoint uses toast notifications instead of balloon notifications to display messages on screen.
- If you specify a user-defined message to be displayed in desktop messages, it is not displayed in toasts. For more information, see knowledge base article 118233.
- If Sophos Anti-Virus cleans up a threat that affects a Windows Store app, it marks the app as tampered with. This causes Windows to offer the user the ability to re-download and re-install the app.
Sophos Device Control
Sophos Device Control does not block removable storage devices that are used as system drives, as this typically destabilizes the operating system.
Shared Windows components
When you install Sophos software, some Windows components that might also be used by non-Sophos software are also installed or upgraded:
| Sophos software | Shared Windows component | File names | Versions | Date of inclusion with Sophos software |
|---|---|---|---|---|
| Sophos Anti-Virus | Microsoft XML Core Services | msxml4.dll | 4.30.2100.0 | September 2009 |
| Sophos Anti-Virus | Microsoft XML Core Services | msxml4r.dll | 4.30.2100.0 | September 2009 |
| Sophos Anti-Virus | ATL Library | atl90.dll | 9.0.30729.6161 | December 2014 |
| Sophos Anti-Virus | Microsoft Visual C/C++ Runtime Libraries | msvcm90.dll | 9.0.30729.6161 | December 2014 |
| Sophos Anti-Virus | Microsoft Visual C/C++ Runtime Libraries | msvcp90.dll | 9.0.30729.6161 | December 2014 |
| Sophos Anti-Virus | Microsoft Visual C/C++ Runtime Libraries | msvcr90.dll | 9.0.30729.6161 | December 2014 |
Support
You can find technical support for Sophos products in any of these ways:
- Visit the Sophos Community at community.sophos.com/ and search for other users who are experiencing the same problem.
- Visit the Sophos support knowledge base at www.sophos.com/en-us/support.aspx.
- Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
- Open a ticket with our support team at https://secure2.sophos.com/support/contact-support/support-query.aspx.
Legal notices
Copyright © 2020Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.