Sophos Cloud Optix

If you've set up cloud environments such as Amazon AWS, Microsoft Azure, or Google Cloud Platform in Sophos Cloud Optix, this integration sends anomaly alerts from those environments to the Sophos Data Lake.

Supported anomaly alerts

The table below lists the types of anomaly alerts supported in Sophos Cloud Optix across various cloud environments, including Amazon AWS, Microsoft Azure, and Google Cloud Platform.

For more information about anomaly detection on Sophos Cloud Optix, see Anomaly detection.

Add your environment to Sophos Cloud Optix

Add your environment to Sophos Cloud Optix using the "Full Setup" method. The "Quick Start" method doesn’t work with the Sophos Central integration.

Read the following help pages to find out how to add your cloud environment to Sophos Cloud Optix.

• Add your AWS environment
• Add your Microsoft Azure environment
• Add your Google Cloud Platform environment

Enable the Sophos Cloud Optix integration

After you've added your environment to Sophos Cloud Optix, you must enable the Sophos Cloud Optix Central integration.

To enable the Sophos Cloud Optix integration, do as follows:

1. In Sophos Central, go to Threat Analysis Center > Integrations > Marketplace.
2. Click Sophos Cloud Optix.
3. Turn on Enable/Disable Integration.

4. In Exclude Environments, enter the names of any environments whose alerts you don't want to see in Sophos Central.

   If you don't see any environment names, you must go to Sophos Cloud Optix and set up your cloud environments.

5. Integration Status shows whether the integration is active or not.

   You can select Pause to temporarily pause the integration.

6. Click Save.

Alerts from all your Sophos Cloud Optix environments are sent to the Sophos Data Lake, except for those you've excluded.