Skip to content
Last update: 2022-09-13

Endpoint Protection

You install an Endpoint Protection agent on workstations to protect them against malware, risky file types and websites, and malicious network traffic.

It also offers peripheral control, web control and more.

Sophos Device Encryption is also installed automatically on Windows computers (if you have the required license).

Note

On Windows computers, we create some user groups that are used by Sophos Anti-Virus to do certain operations. These groups are SophosUser, SophosPowerUser and Sophos Administrator. Don't delete these groups.

For help with setting up your firewall or proxy to communicate between Sophos Central Admin and your managed endpoints, see Domains and ports to allow.

Download and run installers

Go to Protect Devices.

Download the installer for your operating system and run it on computers you want to protect.

  • Download Complete Windows Installer: Click this for an installer with all endpoint products your license covers.

    Alternatively, click Choose Components… to choose which products will be included in the installer. The choices are:

    • Sophos Intercept X Advanced (protection from ransomware and exploits).
    • Device Encryption.

  • Download Complete macOS Installer: Click this for an installer with all endpoint products your license covers.

    Alternatively, click Choose Components… to choose which products will be included in the installer. The choices are as for Windows above.

  • Send Installers to Users: Click this to go to a page where you can add users and send them installers that they can use. You can only use this option for Windows computers.

Warning

On macOS 11 Big Sur you must move the SophosInstall folder to the user's Home folder.

Note

For Linux, look for "Server Protection". Sophos Central treats all Linux computers as servers.

What happens when you protect a computer

When you protect a computer:

  • Each user who logs in is added to the users list in Sophos Central automatically.
  • Default policies are applied to each user.
  • Each computer is added to the Computers list in Sophos Central.

How we handle Windows usernames and login names

Users are listed with full login name, including the domain if available (for example, DOMAINNAME\jdoe).

If there is no domain, and a user logs in to multiple computers, multiple user entries are displayed for this user, for example MACHINE1\user1 and MACHINE2\user1. To merge these entries, delete one and assign the login to the other (and rename the user, if required). See Endpoint protection deployment methods.