Enable corporate keyring synchronization

Prerequisites:
  • You use Sophos SafeGuard Enterprise 8.0 or later.
  • You have configured external user management for the Self Service Portal, using the same Active Directory user database that is configured in SafeGuard Enterprise.
  • Sophos Secure Workspace is managed by Sophos Mobile. This requires a Mobile Advanced license.
  • Your Sophos Mobile server can connect to your SafeGuard Enterprise server via HTTPS.
To enable corporate keyring synchronization, you set up a connection between Sophos Mobile and Sophos SafeGuard Enterprise as follows:
  1. On the menu sidebar, under SETTINGS, click Setup > Sophos setup, and then click the SGN tab.
  2. Click the Certificate link to download the certificate of the Sophos Mobile server.
  3. Open SafeGuard Management Center and go to Tools > Configuration Package Tool.
  4. On the Servers tab, click Add, browse for the certificate file and then click OK. Do not change the value of the Server name field.
  5. Optional Select Recovery via mobile to enable the synchronization of BitLocker and FileVault recovery keys with the Sophos Secure Workspace app.
  6. On the Managed client packages tab, configure the following settings:
    • In the Configuration Package Name field, select Managed Client (Default).
    • In the Primary Server field, select your SGN server.
    • In the Transport Encryption field, select SSL.
  7. Click Create Configuration Package.
  8. On the SGN tab of Sophos Mobile Admin, click Upload a file to upload the configuration package that you created in the SafeGuard Management Center to Sophos Mobile.
  9. Click Save to save the SafeGuard integration settings.