What's new in Sophos Central

We regularly update Sophos Central with improvements or new features. You can see the details here.

Latest news

Sophos Central Device Encryption not compatible with macOS 11

Sophos Central Device Encryption (CDE) isn’t currently compatible with the upcoming macOS 11 Big Sur release.

Don’t upgrade Macs running CDE to macOS 11 yet. If you do, CDE won’t work correctly. You could even lose your FileVault recovery keys, meaning that you can’t recover a Mac if the user forgets their password.

We plan to issue a CDE service release that fixes these problems. Please wait for it before you upgrade to macOS 11.

Intercept X protection enhancements

We're starting to turn on IPS and behavior detection features for endpoint and server customers. You'll see a new "Detect malicious behavior" option in threat protection policies. Read more

APIs for global settings and role management

Our second set of global settings APIs covers scanning exclusions, exploit mitigation, and intrusion prevention. The Roles API lets you fully enumerate admin roles, as well as create, update and delete individual roles. Read more

Now optimize AWS and Azure spend with Cloud Optix

Enable teams to monitor spend across Amazon Web Services and Microsoft Azure in a single console, compare multiple services side by side, and receive detailed recommendations to optimize cloud costs. Read more

Help available in more languages

We now provide help for Self Service Portal in all languages that Sophos Central supports. Help for Sophos Central Enterprise and Partner is already available in French, German, Italian, Japanese, and Spanish.

September 21, 2020

Central Firewall Reporting Advanced: scheduling and exports

Getting your favorite and custom reports is now even easier.You can schedule them and have them delivered to your inbox or pick them up in Sophos Central. Or you can generate reports manually and view them or export them straight to your inbox. Read more

Flexible Enterprise Master Licenses

You can allocate a specific number of licenses, with only products you want, to each sub-estate, or pool the licenses for use when needed. You can also prevent selected sub-estates from using a product by allocating zero licenses of that type.

Intercept X Advanced with EDR

macOS support for Live Discover and Live Response is here - plus more. Read more

September 1, 2020

Extension for controlled updates ends

We’re ending our temporary extension of the length of time you can postpone updates for. For more information and details of how to manage updates, see Controlled updates

IPS for Windows servers

The Early Access Program for New Server Protection and EDR Features now benefits from IPS (Intrusion Prevention System), which gives even more defense against malicious traffic. Read more

Central Firewall Reporting Advanced

Central Firewall Reporting Advanced lets you save custom report templates. First, configure a report with the columns and layout you want. Then save it in your template library for quick access whenever you need to run it.

August 17, 2020

Session timeout period extended

Sophos Central Admin, Sophos Central Partner, and Sophos Central Enterprise now allow longer sessions before timeout. By default, sessions can be inactive for 3 hours before you're automatically signed out, and can last 24 hours before sign-out is enforced. You can extend sessions up to 8 times in a 24-hour period.

Cloud Optix Quick-start setup for AWS

Cloud Optix Quick-start is the new, easiest way to get started with the core CSPM features of Cloud Optix and see value in just a few clicks. Read more

Extend EDR to the cloud

Intercept X Advanced for Server with EDR and Cloud Optix are joining forces to extend protection beyond server workloads to critical cloud services. Make the most of this upgrade, which is included in the cost of the Server EDR license. Read more

July 20, 2020

Sophos Intercept X Advanced with EDR just keeps getting better

EDR updates include role management for Live Response, new Live Discover queries, and Live Response on Linux in the server Early Access Program. Read more

Updated user details page

We've updated the "Summary" and "Devices" tabs on a user's details page. All device types now have a consistent look, with additional actions available for mobile devices.

June 29, 2020

Sophos Intercept X with EDR: start using the powerful new EDR features

Ask detailed IT operations and threat hunting questions across your entire estate and respond to any potential IT issues or security threats with precision. Rollout of the powerful new EDR functionality is complete and all Intercept X Advanced with EDR and Intercept X Advanced for Server with EDR customers have access. Read more

Sophos Wireless: Synchronized Security enhancements

With this release, you can activate Synchronized Security for Sophos Endpoint separately to Sophos Mobile (UEM), restrict an SSID to only Sophos managed devices, and create a list of allowed domains for devices that have a red Security Heartbeat status. In addition, the user identity of unmanaged devices is shown on the “Devices” page. Read more

Sophos Cloud Optix: new advanced search

Easily search inventory data for hosts, containers, networks, storage services, IAM roles, and serverless functions, to investigate suspicious activity and insecure deployments like never before. Read more

Tenant Directory and Global Settings APIs

APIs for managing users, groups, and the first wave of global settings in Sophos Central are now available. The Tenant Directory Management API covers user management and group management (users and devices). The Global Settings API (phase 1) covers allowed applications, blocked items, and website management. Read more

June 8, 2020

Sophos Mobile 9.6 released

Check out the new features: additional device management capabilities for iOS, macOS, and Android; enhancements to Sophos Secure Email; migration from Sophos Mobile on-premise or as-a-service. Read more

Sophos Intercept X Advanced with EDR: powerful compliance checking and threat hunting features

Ask detailed IT operations and threat hunting questions across your entire estate and respond to any non-compliance or threats with precision. The rollout process has begun and all Intercept X Advanced with EDR and Intercept X Advanced for Server with EDR customers will receive the new features by late June. Read more

Sophos Email: advanced threat reporting

Get unparalleled insight into email attachments that are opened in the Sophos cloud sandbox, with a breakdown of threat verdicts based on machine learning analysis, file reputation, VirusTotal results, and Mitre ATT&CK Matrix tactics. Read more

Tenant Directory and Global Settings APIs

APIs for managing users, groups, and the first wave of global settings in Sophos Central are now available. The Tenant Directory Management API covers user management and group management (users and devices). The Global Settings API (phase 1) covers allowed applications, blocked items, and website management. Read more

Sophos Cloud Optix new asset inventory and threat investigation updates

Ensure secure configuration across public cloud environments with multiple additions to asset inventory and topology results. These provide greater insight, email alerts, brandable reports for MSPs, and activity log visualizations. The visualizations enable you to analyze CloudTrail logs by geographic location to help investigate high-risk events. Read more

Retirement of products on Windows Server 2008

The retirement date for Sophos products that are used on Windows Server 2008 is July 31, 2020. Read more

Extended support for Windows XP and Windows Server 2003

The end of extended support for Sophos products used on Windows XP or Windows Server 2003 has been moved to July 31, 2020 because of current events. Read more

May 18, 2020

Updated endpoint user interface

A new user interface for Sophos Intercept X and Device Encryption is being rolled out to Windows devices. Read more

Partner and Enterprise role-based access control scope

In Sophos Central Partner and Sophos Central Enterprise, you can grant administrators access to all current and future sub-estates or you can continue to grant them access to specific sub-estates.

Central Firewall Reporting Advanced for XG Firewall

With Central Firewall Reporting Advanced, you can create customized, historical reports on network activity for your Sophos XG Firewall. Easily add storage capacity as you need it and extend reporting up to one year ago.

May 4, 2020

EDR Early Access Program updates

With Live Response, admins can now remotely access devices and use a command-line interface to perform further investigations or take action directly on a device. Live Discover support for Linux has also been added to the program. Read more

Submitting samples to Sophos

There’s now an option in Global Settings that lets you automatically submit sample files to SophosLabs. This helps us to identify new threats and update your protection. Sound familiar? You might have seen it in your Threat Protection policy previously. Read more

Extended support for Windows XP and Windows Server 2003

The end of extended support for Sophos products used on Windows XP or Windows Server 2003 has been moved to June 30, 2020 because of current events. Read more

Controlled updates are being extended

We are temporarily extending the length of time that Sophos software updates can be postponed for. Read more

April 27, 2020

Submitting samples to Sophos

There’s now an option in Global Settings that lets you automatically submit sample files to SophosLabs. This helps us to identify new threats and update your protection. Sound familiar? You might have seen it in your Threat Protection policy previously. Read more

FREE virtual XG Firewall trial for 90 days

We are extending Sophos XG Firewall free trials to 90 days to better enable organizations to provide secure remote access for employees. The trial includes use of the Sophos Connect IPSec VPN client for PCs and Macs. Read more

Extended support for Windows XP and Windows Server 2003

The end of extended support for Sophos products used on Windows XP or Windows Server 2003 has been moved to June 30, 2020 because of current events. Read more

Controlled updates are being extended

We are temporarily extending the length of time that Sophos software updates can be postponed for. Read more

April 14, 2020

Powerful new EDR capabilities available in EAP

Endpoint and server customers can join our Early Access Program (EAP) to take advantage of Live Discover, which enables you to run powerful queries for IT operations and threat hunting. Start using pre-built SQL queries that can be fully customized. Read more

FREE virtual XG Firewall trial for 90 days

We are extending Sophos XG Firewall free trials to 90 days to better enable organizations to provide secure remote access for employees. The trial includes use of the Sophos Connect IPSec VPN client for PCs and Macs. Read more

Extended support for Windows XP and Windows Server 2003

The end of extended support for Sophos products used on Windows XP or Windows Server 2003 has been moved to June 30, 2020 because of current events. Read more

Controlled updates are being extended

We are temporarily extending the length of time that Sophos software updates can be postponed for. Read more

CIS certification for AWS, Azure, and GCP environments

Sophos Cloud Optix has been certified by CIS to accurately assess your public cloud environments based on best practices for secure configuration. Read more

Improved container visibility and more from Cloud Optix

Sophos Cloud Optix has a wealth of new features: comprehensive public cloud container visibility with support for Amazon EKS, Azure AKS, and GKE, plus new AWS service integrations, API updates, and more. Read more

March 23, 2020

New sign-in screen

We're changing the look and feel of the screen where you sign in. Don't worry, though. Your current email address and password will still work. So will the URL, bookmark or favorite that you use to get to Sophos Central.

FREE virtual XG Firewall trial for 90 days

We are extending Sophos XG Firewall free trials to 90 days to better enable organizations to provide secure remote access for employees. The trial includes use of the Sophos Connect IPSec VPN client for PCs and Macs. Read more

March 16, 2020

Active Directory Sync update

If you install the March Microsoft security update, we recommend that you configure Active Directory Sync to use a TLS/SSL connection. Read more

AMSI Protection has gone live

Endpoint users will automatically receive AMSI protection over the next few weeks. AMSI helps to detect and block obfuscated scripts, such as PowerShell, that are commonly used by attackers. Read more

Sophos Cloud Optix: adding AWS accounts is now even simpler

Use AWS CloudFormation to add individual or multiple AWS accounts to Cloud Optix. This is a convenient alternative to the existing Sophos CLI script and Terraform options. Read more

February 24, 2020

Public cloud IAM visualization, spend monitoring, and more

The latest Sophos Cloud Optix release provides a breakthrough in IAM visualization. It also provides security-focused spend monitoring, extended container security with Amazon EKS, and more. Read more

Customize your Phish Threat training email address

You can now customize the full email address used in the delivery of Phish Threat training-related emails to end users. Read more

Sophos XG Firewall 18: group policies

Add your firewalls to groups to keep them synchronized, manage the group policy from Sophos Central to make changes to the entire group quickly and easily, and use the tasks queue to monitor application of policies. Read more

Sophos XG Firewall 18: reporting

Firewall reporting provides the flexibility and tools to create custom reports on network activity. It’s all included for free with version 18. Look for a “Premium” version in the coming months. Read more

Email DKIM signing

Sophos Email Gateway now provides the ability to sign outbound emails with DKIM signatures. You can create and manage DKIM keys using the domain settings in Sophos Central.

February 3, 2020

Sophos Intercept X Enhanced Protection EAP now available for servers

The Early Access Program (EAP), including enhanced protection against script and memory-based attacks, heap spray attacks, CTF exploits and more, is now available for servers. Read more

January 13, 2020

Sophos Email impersonation protection – now available

Protect your organization from business email compromise and other forms of targeted phishing.

Sophos Cloud Optix December feature update

The latest release for Sophos Cloud Optix is here, including licensing improvements, management upgrades, and security enhancements. Expect more features early this year. Read more

Sophos Mobile 9.5 – now available

The latest version of Sophos Mobile is now available in Sophos Central. New capabilities include Chromebook security, extended Android and Windows management functionality, various usability improvements, and much more. Read more

Sophos Central adds granularity to custom roles

We’ve added flexibility to custom roles in Sophos Central, which enables you to create roles that can access only specific products and cannot edit or apply policies.

December 9, 2019

Threat Indicators now live

If you have Sophos EDR, you can now see the Threat Indicators list. This shows you the most suspicious items on your network so you can focus your efforts on them. Read more

End of support for Sophos for Virtual Environments 1.2

Still running version 1.2.0 on your Security VMs? Restart them to upgrade as we'll stop supporting 1.2.0 in January. Read more

Sophos Wireless – New hotspot features

We've introduced new features to improve the hotspot experience for you and your users. You can customize the look of the captive portal with your logo and brand colors and also select social login as the authentication type (Facebook, Google). Read more

Sophos Central Enterprise APIs

The new Sophos Central APIs are now available for all Sophos Central Enterprise customers. With these APIs, you can query tenants, enumerate and manage endpoints and servers, and query alerts and manage them programmatically. Read more

Intercept X Enhanced Protection EAP update

The Early Access Program (EAP) has been updated to include protection against Encrypting File System attacks, CTF exploits, and ApiSet Stub malicious DLLs, and further defenses against memory-based attacks. Read more

Sophos Cloud Optix now live in Sophos Central

The latest release for Sophos Cloud Optix integrates the service with Sophos Central. This enables you to manage Cloud Optix alongside a range of complementary public cloud solutions including Sophos Intercept X for Server and Sophos XG Firewall in a single management console. Read more

Forensic Snapshots now uploadable to S3 Buckets

You can now automatically upload snapshots to an Amazon S3 bucket that you own. This avoids you having to manually retrieve forensic snapshots from individual endpoints. Read more

November 11, 2019

Sophos XG Firewall management and reporting

We've just launched early access for new features for XG Firewall v18. Now you can run v18 firewall reports, group your v18 firewalls, and manage them all at once, right in Sophos Central.Read more

October 22, 2019

Intercept X Enhanced Protection EAP is now live

Join the Early Access Program for "New Endpoint Protection Features" and benefit from AMSI and IPS protection that gives even more defense against script and memory-based attacks and malicious traffic patterns. Read more

Cloud Optix feature update

Provide teams with a single view of security posture across multiple public cloud environments, with a range of exciting enhancements to the Cloud Optix service for AWS, Azure, GCP, and Infrastructure as Code environments. Read more

September 30, 2019

Email data loss prevention

Data loss prevention for Sophos Email is now live and included with the Sophos Email Advanced license. Read more

Sophos Email: Try impersonation protection

Protect your organization from targeted phishing attacks that rely on identity deception. Join our early access program to see how. Read more

September 9, 2019

Device Encryption 2.0

Now you can make users change their BitLocker passcode. And users can protect files with a password before sharing, either on demand or with the Outlook add-in. Read more

macOS Catalina: urgent action needed

Tighter security in macOS Catalina (10.15) means you must take action for Sophos protection to keep working. Read more

August 19, 2019

Sophos Email: Data Loss Prevention EAP is live

Now protect sensitive information, with discovery of financials, confidential contents, health information, and PII in all emails and attachments. Read more

Sophos Central Partner gets custom roles

We’ve added custom admin roles in Sophos Central Partner. This lets you create roles that can only access specific products and can’t edit or apply policies.

July 29, 2019

Sophos Central Enterprise gets custom roles

We’ve added custom admin roles in Sophos Central Enterprise. This lets you create roles that can only access specific products and can’t edit or apply policies.

Sophos Central Email

Now you can enforce TLS secure communications by domain, for both inbound and outbound mail.

July 18, 2019

Threat Indicators beta

Customers with EDR enabled endpoints and servers are getting an early preview of our new Threat Indicators feature. Threat Indicators uses machine learning to show you a prioritized list of the most suspicious activity. Now you know what to look for, so you can focus on the most important investigations. Read more

June 24, 2019

Unified Endpoint Management UI improvements

Instantly see the health of your UEM-managed endpoints on the main Sophos Central dashboard. Easier workflow for managing traditional and mobile endpoints in the Devices view, with the most common actions just a few clicks away.

Sophos Email: quarantine un-scanned emails

This new feature allows you to quarantine emails if we can't scan them or access the contents (for example, when we find an encrypted zip file, a corrupt file, unexpected content, or a large compressed attachment).

Sophos Email: customize smart banners

You can now customize the text that appears in smart banners.

Sophos Cloud Optix updates

We’ve given network visualizations for AWS a new look and the ability to show Sophos UTMs. We’ve also added more Azure security and compliance features, visualizations for GCP, an option to change how often environments are scanned, and more. Read more

June 17, 2019

Improved installer for macOS

The Sophos Endpoint Protection installer for macOS now includes several command-line options to allow customized installations. Read more

May 29, 2019

Intercept X for Server with EDR - now available

Intercept X for Server with EDR includes our all-new, intelligent Endpoint Detection and Response (EDR) features. Get the insights and expertise you need to respond to potential threats, report on your security posture any time, detect attacks that went unnoticed, and understand the scope and impact of security incidents. Read more

May 7, 2019

Intercept X Advanced with EDR 1.1 is here!

Intercept X Advanced with EDR now captures all PowerShell activity so that it can be reviewed and analyzed. Read more

Enhanced email alerts

We've introduced new global settings that let you control and customize email alerts in Sophos Central Enterprise, Partner and Admin. You can now configure the recipients, distribution lists, and frequency of alerts, or set custom rules. Read more

April 16, 2019

Sophos Email Encryption

Sophos Email Encryption is now generally available. Sophos Email Advanced customers can send encrypted email on demand (using an Outlook add-in or subject tagging), via DLP rules, and domain to domain. Read more

Sophos Email Smart Banners

Sophos Email Advanced customers can now enable information banners on emails from outside the organization. These help recipients identify the risk from each email and let them add senders to their allow and block lists with one click. Read more

April 9, 2019

Sophos Cloud Optix - now available

Achieve compliance and manage security risks, with complete visibility across your Amazon Web Services, Microsoft Azure, and Google Cloud environments. Read more

March 25, 2019

Intercept X for Server EDR Early Access Program

Intercept X for Server is getting our all-new, intelligent Endpoint Detection and Response (EDR) features. Get the insights and expertise you need to respond to potential threats, report on your security posture any time, detect attacks that went unnoticed, and understand the scope and impact of security incidents. Join the Early Access Program today! Read more

Sophos Email Content Control – Now Live

Content Control for Sophos Email Advanced now makes it easy to quickly build content filtering policies across an organization, preventing outbound email data loss and inbound malware threats. Read more

March 4, 2019

XG Firewall management

You can now manage Sophos XG Firewall from Sophos Central. It’s time to Synchronize Your Security! Read more

February 20, 2019

Intercept X for Server EDR Early Access Program now open

Intercept X for Server is getting our all-new, intelligent Endpoint Detection and Response (EDR) features. Get the insights and expertise you need to respond to potential threats, report on your security posture any time, detect attacks that went unnoticed, and understand the scope and impact of security incidents. Join the Early Access Program today! Read more

Threat Analysis Center

The all-new Threat Analysis Center for EDR consolidates Threat Cases and Threat Searches, across all supported device types, into a single area. Find it in the Overview. Read more

Sophos Central Enterprise gets global policies

Now you can apply the same global settings and base policies to a set of sub-estates or all sub-estates. Just create and use a global template.

February 11, 2019

Sign in with Azure AD

Sophos Central admins, Sophos Central Enterprise admins, and Self Service Portal users can now sign in using credentials stored in Microsoft Azure AD. Read more

Sophos Central Enterprise: Select a region for sub-estates

Sophos Central Enterprise Super Admins can select a region when they create a new sub-estate. The region is now shown in the sub-estate Contact Info.

Phish Threat: Upgrade now

Award-winning training content, Outlook add-in to report phish, 10 languages, Synchronized Security benefits and more. Upgrade to the latest Phish Threat version for free. Read more

Sophos Email Encryption EAP now live

Join the Sophos Email Advanced Encryption Early Access Program today at no extra cost. Read more

January 21, 2019

Sophos Central Partner gets audit logs

Partner administrators can access audit logs to track changes across Sophos Central Partner. They also get access to audit logs in Sophos Central Admin they have permission to view.

Phish Threat now available in Dutch

IT teams can now carry out phishing simulation and a variety of cybersecurity awareness courses in Dutch. Read more

December 10, 2018

Sophos Email: Compromised mailbox detection

Synchronized Security now connects Sophos Email and Endpoint Protection to detect and clean up infected computers sending out spam and viruses. Read more

Join the Email Content Control EAP

Stop or quarantine content based on keywords and attachment types in this Sophos Email Advanced early access program. Read more

Phish Threat: Randomized attacks

Now you can send multiple emails in random order during simulated attacks. This makes training more effective and shows you more about user behavior. Read more

Enhanced AWS integration

Alerts are now integrated into AWS Security Hub, so you can consolidate alerts across AWS. And our S3 bucket health reporting highlights critical misconfiguration. Read more

Sophos Central Partner gets global policies

Manage global settings and base policies for customers. Create templates that consist of these settings and apply them to customer groups.

Sophos Central Partner gets RBAC

We’ve added role-based access control (RBAC) for Central Partner. This lets you use pre-defined roles to give your admins different levels of access, depending on their responsibilities.

November 19, 2018

Intercept X Advanced with EDR is here!

The best just got better: our all-new, intelligent Endpoint Detection and Response (EDR) features give you the insights and expertise you need to respond to potential threats. Add EDR today to report on your security posture any time, detect attacks that went unnoticed, and understand the scope and impact of security incidents. Read more

Synchronized Security: Email Advanced and Phish Threat

Sophos Email Advanced and Phish Threat now work together to find and train users who click on risky links in email. Read more

November 1, 2018

EDR Early Access: Submit files to win prizes!

Analyze for a prize! Submit your suspicious files to SophosLabs for your chance to win a prize.Read more

Alert Details View

We’ve added a new Alert Details View to the Alerts page in Sophos Central Admin. View additional details, including links to EDR Threat Cases, directly from your alerts.

October 29, 2018

File Integrity Monitoring for Windows servers

We've added a new File Integrity Monitoring feature for Windows Servers. Track for unplanned and unexpected changes to critical system files and meet certain compliance requirements of the PCI Data Security Standard. Read more

Message Relays now work with macOS

Already using message relays for your Windows computers? If you have any macOS devices, they'll now automatically use your current message relays and any you set up in future.

Phish Threat Outlook add-in now available

Report suspected phishing and spam messages with one click right from Outlook. The Phish Threat Outlook add-in turns your employees into an active line of defense against cyberattacks. Read more

Enhanced Root Cause Analysis (now Threat Cases)

We’ve been hard at work overhauling Root Cause Analysis (RCA) and implementing additional features to make it easier for admins to conduct deeper investigations. Read more

Sophos Wireless

Sophos Wireless now includes debugging, audit and accounting features which help you to diagnose WLAN issues on the network and address them. This release also improves the wireless client scalability on the APX series and brings many other UI improvements. Read more

Sophos Central Enterprise updates

Enterprise Super Administrators can now disable enterprise management for individually-licensed accounts, unlink sub-estates to operate as standalone Sophos Central Admin accounts, or delete sub-estates entirely.

October 8, 2018

Deep Learning malware analysis is now part of the EDR EAP

This feature automatically analyzes malware in extreme detail, breaking down file attributes and code and comparing them to millions of other files so you can determine if a file should be blocked or allowed. Read more

Are your endpoints and servers fully protected?

Check your Endpoint and Server Threat Protection policies to ensure that you're protected against advanced malware and ransomware. Sophos continually adds new features, but not all are turned on automatically.

October 2, 2018

Windows 10 Redstone 5 and Windows Server 2019 support

The Intercept X agent now supports the latest Windows 10 Redstone 5 and Windows Server 2019 update. If you have paused updates, you will need to start them again to receive the updated agent. If you don't have Intercept X, you don't have to take any action as no changes are needed. Read more

September 18, 2018

Intercept X EDR early access program now open

The best just got better. Intercept X is adding detection, investigation, and response capabilities. The early access program is now open to the public.

Windows Server Protection for Microsoft Azure

Protecting Windows Servers running in Azure just got even easier: use a VM extension script. Read more

Sophos Email reporting and policy enhancements

New detailed message summaries, policy enhancements and mailbox search added to Sophos Email. Read more

30 training courses added to Phish Threat 2

Take advantage of 30 new award-winning Phish Threat training courses today. Plus new ways to find the latest email templates fast.

August 28, 2018

New in Sophos Mobile 8.5

Enhanced Unified Endpoint Management (UEM) capabilities with macOS app management, macOS DEP support, Android Zero Touch, Knox Mobile Enrollment, usability improvements and much more. New managed Mobile Threat Defense capabilities for both Android and iOS, including device, app, and network security features. Read more

Central Enterprise Audit Logs

Enterprise administrators can access audit logs to track changes across Sophos Enterprise Admin. They can also get access to audit logs in Sophos Central Admin that they have permissions to.

Central Admin exports lists of Computers, Servers and People

Sophos Central Admin now has the ability to export to CSV the lists of Computers, Servers and People on the Overview pages.

August 7, 2018

Improvements for People pages with many users

We've updated the People pages in the Overview and Products sections. On the Users tab, all columns are now sortable, all the data shown is searchable, and we've added new columns for Last Active and Group Name.

July 24, 2018

Intercept X Advanced for Server - now available

We've now completed the global roll-out of Intercept X Advanced for Server. New deep learning, exploit prevention, anti-hacker and Root Cause Analysis capabilities can now be enabled in your Server Protection policies. For details on enabling the new features: Read more

July 17, 2018

Intercept X Advanced for Server

Server Protection Advanced is now called Intercept X Advanced for Server and includes powerful deep learning, exploit prevention, anti-hacker features and Root Cause Analysis. We're rolling out the new features over the next few weeks. Read more

Server Protection Standard - New features, new name

Server Protection Standard is now called Server Protection and includes Peripheral, Application and Web Control, along with DLP, Malicious Traffic Detection and Synchronized Security Heartbeat. New features now available at no extra cost, but you need to turn them on. Read more

Root Cause Analysis for servers

Now part of Intercept X Advanced for Server, Root Cause Analysis helps you to investigate the chain of events around a malware infection. Data may be sent to Sophos to help us to improve your protection, but you can opt out in Account Details > Account Preferences. Read more

Sophos Wireless

Sophos Wireless now includes support for our next-generation APX Series access points. The three new APX models provide the first Synchronized Security functionality between Wireless, Endpoint and Mobile. With 802.11ac Wave 2 technology, they are custom-built for overall enhanced performance. This release also includes enhancements to Rogue AP detection, bulk provisioning and many other UI improvements. Read more

July 3, 2018

Phish Threat 2 - attachments campaigns

SophosLabs sees malware on up to 77 percent of blocked mail. Train employees to spot these attacks with new malicious attachment simulations.

June 19, 2018

Sophos Email Advanced

Introducing Sophos Email Advanced and new features for Email Standard. Sandboxing, advanced URL protection, DKIM, DMARC, and more. Read more

Central Enterprise gets RBAC

We’ve added role-based access control (RBAC) for Sophos Central Enterprise. This lets you use pre-defined roles to give your admins different levels of access, depending on their responsibilities.

June 11, 2018

New alerts options

Soon you'll see new options for handling alerts. You'll be able to view and resolve alerts in groups, use new filters, and control who gets email alerts and how often they get them.

Monitor and manage Windows Firewall

Sophos Central now monitors Windows Firewall on most Windows desktops and servers. It can also control whether it’s active for public, private or domain connections.

Server Protection – Intercept X Early Access Program (Beta) update

We've added a new exploit mitigation that detects abuse of Application Procedure Calls, used recently as the method of spreading the WannaCry worm. Read more

HTTPS updating

You can now enable HTTPS updating for all endpoints (Windows, macOS and Linux) with a single, global setting for your account.

May 14, 2018

Server Protection - Intercept X

Want better protection for Windows servers? Try our Early Access Program (EAP), which adds Intercept X features including Deep Learning, Root Cause Analysis, Master Boot Record protection, exploit prevention and anti-hacker options. Read more

Early Access Program data sharing

The Server Protection - Intercept X EAP may send data to Sophos from May 10, 2018. This helps us improve your protection, but you can opt out in Account Details > Account Preferences if you want to.

New Device Encryption features

Device Encryption now supports unattended activation when “Require startup authentication” is set to off. Get started faster with the on-boarding wizard, and use the updated Encryption dashboard for a more detailed overview.

Using Synchronized Security?

We'd love to get your feedback. Take a short survey to tell us about your experiences. Read more

MFA - Sign in with SMS

You can now sign in to Sophos Central Admin or Sophos Central Enterprise with an SMS text message as a second factor - or you can still use Sophos/Google Authenticator.

Phish Threat 2 - new features

The most trialed Sophos Central product for two months – now featuring security training campaigns, more customization options, and improved campaign scheduling. Read more

April 24, 2018

AWS map in Server Protection

We've added a map view for AWS workloads. We also now discover workloads in every public AWS region, even ones you're not actively using, as attackers can use them to hide. So you can reduce risk by ensuring all your instances are protected, see your whole AWS EC2 environment in a single view, and still easily drill down to details.

March 26, 2018

Sophos Wireless

Sophos Wireless now makes your life much easier: the latest version has better throughput under load, lets you search clients, and has simple support for VLAN for Hotspot. Read more

Sophos Mobile 8

The new version of Sophos Mobile is here. We’ve added macOS management and configuration, app management on Windows 10, extended management for Android and iOS, and much more. Read more

March 6, 2018

Remote Desktop support

We've added Remote Desktop Services support, including tracking of license usage, to Server Protection. Read more

More Server Protection updates

You can now use Server Lockdown on Windows Server 2016, and have Linux servers and Macs updated from an update cache on your network.

Tamper protection passwords

You can now get the password you need to uninstall Sophos software, even if you've deleted the computer from Sophos Central. Read more

February 21, 2018

New threat protection

We've added options to the threat protection policy so that you can turn our new active adversary features on or off. These features prevent credential theft, APC violations, privilege escalation, code caves, and more. This is in addition to the deep learning options already announced. Read more

Sophos for Virtual Environments

Sophos for Virtual Environments 1.2 lets guest VMs move between Security VMs to stay protected even if they can’t connect to their current Security VM.Read more

SAV for vShield retirement

We'll retire Sophos Anti-Virus for vShield on March 31st, 2018. To stay protected, migrate to Sophos for Virtual Environments before then -- it uses the same licenses, so there's no extra cost. Read more

February 12, 2018

Use automatic installation? Read this

Next time you download the Sophos Endpoint installer for Windows, you must change your settings. But you'll never need to download it again -- our new installer doesn't expire. Read more

New macOS installer

We’ve released a new Sophos Endpoint installer for macOS. If you have old installers, they'll stop working in mid-February -- delete them and download the new one. Read more

OS X 10.9 support

Macs running OS X 10.9 will stop getting Sophos updates when we release Sophos Anti-Virus for macOS 9.7.4. We ended support for OS X 10.9 last April.Read more

Installation from a cache

You can now do initial installation of Sophos Endpoint on Windows from an update cache on your network, saving you internet bandwidth. Read more

January 23, 2018

Major Intercept X release

The latest version of Intercept X is here. The new version includes deep learning, an advanced form of machine learning, to detect malware and potentially unwanted applications. It also includes new credential theft, privilege escalation and code cave protection, and much more. The new features will be enabled by default over the next several weeks unless you have turned them on/off already in the threat protection policy. Read more

Multi-factor authentication

Multi-factor authentication (MFA) is here. For Sophos Central Admin, super admins decide whether admins must log in with MFA. For Enterprise Dashboard, admins must always use MFA. Read more

New Phish Threat email templates

New phishing templates for TalkTalk Group, Google, Santander Bank, and more are now available in Phish Threat. Browse templates