Enable corporate keyring synchronization

Prerequisites:
  • You use Sophos SafeGuard Enterprise 8.0.
  • You have configured external user management for the Self Service Portal, using the same Active Directory user database that is configured in SafeGuard Enterprise.
  • Sophos Secure Workspace is managed by Sophos Mobile. This requires a Mobile Advanced license.
  • Sophos Mobile Security must be able to communicate with your SafeGuard Enterprise server over HTTPS.

To enable corporate keyring synchronization, you set up a connection between Sophos Mobile and Sophos SafeGuard Enterprise as follows:

  1. On the menu sidebar, under SETTINGS, click Setup > System setup, and then click the SGN tab.
  2. Click the Certificate link to download the certificate of the Sophos Mobile server.
  3. Open SafeGuard Management Center and go to Tools > Configuration Package Tool.
  4. On the Servers tab, click Add, browse for the certificate file and then click OK. Do not change the value of the Server name field.
  5. Optional Select Recovery via mobile to enable the synchronization of BitLocker and FileVault recovery keys with the Sophos Secure Workspace app.
  6. On the Managed client packages tab, configure the following settings:
    • In the Configuration Package Name field, select Managed Client (Default).
    • In the Primary Server field, select your SGN server.
    • In the Transport Encryption field, select SSL.
  7. Click Create Configuration Package.
  8. On the SGN tab of Sophos Mobile Admin, click Upload a file to upload the configuration package that you created in the SafeGuard Management Center to Sophos Mobile.
  9. Click Save to save the SafeGuard integration settings.