Recovery for unmanaged endpoints (Sophos SafeGuard clients standalone)

SafeGuard Enterprise also provides Challenge/Response for unmanaged endpoints (Sophos SafeGuard clients standalone). They have no connection to the SafeGuard Enterprise Server and are managed locally. As they are not registered in the SafeGuard Enterprise Database, their identification needed for a Challenge/Response is not available. Therefore, Challenge/Response for unmanaged endpoints is based on the key recovery file (XML) created during endpoint configuration, see Create configuration package for unmanaged endpoints. The key recovery file is generated for each unmanaged endpoint and contains the defined machine key which is encrypted with the company certificate. During Challenge/Response, the key recovery file must be made available to the helpdesk officer, for example, on a USB flash drive or on a network share. When the helpdesk officer is able to access the recovery file, a response can be generated. If the file is not accessible, recovery is not possible.