Enable corporate keyring synchronization
Requirements
- You use Sophos SafeGuard Enterprise 8.0 or later.
- You’ve configured external user management for Sophos Mobile Self Service Portal, using the same Active Directory user database that’s configured in SafeGuard Enterprise.
- Sophos Secure Workspace is managed by Sophos Mobile. This requires a Mobile Advanced license.
- Your Sophos Mobile server can connect to your SafeGuard Enterprise server via HTTPS.
To enable corporate keyring synchronization, you set up a connection between Sophos Mobile and Sophos SafeGuard Enterprise as follows:
- On the menu sidebar, under SETTINGS, click Setup > Sophos setup, and then click the SGN tab.
- Click the Certificate link to download the certificate of the Sophos Mobile server.
- Open SafeGuard Management Center and go to Tools > Configuration Package Tool.
-
On the Servers tab, click Add, browse for the certificate file and then click OK.
Do not change the value of the Server name field.
-
Optional: Select Recovery via mobile to enable the synchronization of BitLocker and FileVault recovery keys with the Sophos Secure Workspace app.
-
On the Managed client packages tab, configure the following settings:
- In the Configuration Package Name field, select Managed Client (Default).
- In the Primary Server field, select your SGN server.
- In the Transport Encryption field, select SSL.
-
Click Create Configuration Package.
- On the SGN tab of Sophos Mobile Admin, click Upload a file to upload the configuration package that you created in the SafeGuard Management Center to Sophos Mobile.
- Click Save to save the SafeGuard integration settings.