These are the release notes for the Sophos Central platform.
View the Sophos Central product documentation.
Sophos Central now delivers management for STP (Spanning Tree Protocol) features for Sophos switches. Maintenance release 02.1.1837 is also available for all Sophos Switch hardware now. Read more
The TLS report now provides comprehensive visibility of TLS encryption of messages. You can see which TLS version was applied to a message, as well as the reason for non-delivery of a message that didn't meet the TLS requirements of your Secure Message Policy. Read more
| Issue ID | Description |
|---|---|
| CPERF-11073 | Fixed an issue that prevented PDB admins with no customers assigned from being visible for MFA reset actions. |
| CPLAT-62860 | Fixed an issue that prevent the export of custom dashboards. |
Sophos DMARC Manager is a new add-on offering that provides comprehensive management ad reporting of DMARC, SPF, and DKIM records, including SPF flattening. The add-on also includes BIMI, MTA-STS and TLS-RPT. Read more
We now generate an alert in Sophos Central when a data ingestion integration is unhealthy or offline. We also send an email notification to all admins, or only to the admins you specify. This is for all third-party integrations for our MDR and XDR customers.
Central Switch Stacking provides a management overlay to reduce the management complexity when running Sophos switches wired together as a switch stack. Read more
A new version of the ConnectWise Automate plugin has been released to improve sorting, filtering performance across the alerts and dashboard pages. Read more
Sophos AI Case Summary and AI Command Line analysis are now generally available. These GenAI-powered features make investigations faster, insights clearer, and our product even easier to use, helping us deliver a powerful advantage to customers of all sizes. Read more
AI Search, which makes it easy to query your security data using natural language, is now available for all Sophos XDR and Sophos MDR customers. We've also enhanced it to include endpoint telemetry as well as detection data. Read more
| Issue ID | Description |
|---|---|
| CPERF-9505 | Fixed an issue to resolve discrepancies between Admin Role counts and Role member counts. |
| CPERF-10936 | Fixed an issue to allow the '!' character in the email address when creating an admin in PDB/EDB (already supported in CDB). |
| CPERF-11084 | Fixed an issue where the incorrect HTTP status code was being returned for
duplicate role creation via the Common API call /common/v1/roles.
|
| CPERF-9121 | Fixed an issue that was causing Entra ID directory sync failures. |
| CPLAT-61578 | Fixed an issue where License Expiry Notification emails were incorrectly sent to non-admin users. |
Sophos Managed Risk has expanded its capabilities with vulnerability management for internal assets, leveraging industry-leading Tenable Nessus technology. The new IASM capabilities are available for all new and existing Managed Risk customers at no additional cost. Read more
Sophos AP6 Series access point now supports multiple mesh SSID support in Sophos Central. Read more
| Issue ID | Description |
|---|---|
| CPLAT-61968 | The "Apply License Key" button will no longer be accessible for MSP tenants beginning with the release of version 2025.26 on the Partner Dashboard. As a result, MSP tenants will be required to update their licenses exclusively through the Update Billing conversion flow from MSP to Term. |
We'll now generate an alert in Sophos Central when a data ingestion integration is unhealthy or offline. You can also set up email notifications based on the alerts. We're starting with the Microsoft 365 Management Activity integration and will add alerts for all other integrations over the coming months. Read more
We have consolidated the MDR and XDR agent terminology to make it simpler to manage for MDR customers. Read more
Clicking a device in the "Computers and servers" page now opens a flyout on the same page. Read more
We've added on-premises network detection and support for the domain controller as an agent-based resource, giving better usability and performance. Read more
| Issue ID | Description |
|---|---|
| CPUI-12704 | Removed "Give Feedback" link from Help Menu dropdown in top navigation bar. |
If you're enrolled in the New AI Features EAP, you now have access to AI Search for endpoint data as well as detections. This feature lets analysts query the data in the Sophos Data Lake using natural language. Read more
You can now enable MDR analysts to respond to incidents in your Microsoft 365 environment. Simply set up the M365 Response Actions integration to let them contain and neutralize attacks. The integration is included in all MDR licenses at no additional cost. Read more
| Issue ID | Description |
|---|---|
| CPERF-10244 | Fixed an issue so that API credentials can be created with special ascii characters in the Name and Description fields. |
| CPERF-10748 | Fixed an issue that was preventing the Manage Administrators page from loading in the Partner Dashboard for some partners. |
| CPERF-10747 | Fixed an issue with Central dashboard pages not loading properly for some users. |
| CPLAT-61736 | Fixed the issue where cases from one tenant were visible under a different tenant when accessed via managing partner dashboard. |
| CPLAT-61468 | Fixed an issue where when tenants were launched by PDB/EDB admins showed incorrect alert counts on widgets |
| CPLAT-60566 | Fixed Sophos Central support access disabling issue |
| CPLAT-61382 | This fix updates a few Sophos objects in the ConnectWise Automate database, which used to reference obsolete tables. Prior to this update those objects interfered with MSP's backing up the database. |
When defining your network locations in DNS Protection, Sophos Central now offers you a list of known IP addresses to select from, including the public IP addresses of your Sophos Firewalls. Read more
| Issue ID | Description |
|---|---|
| CPERF-10647 | A recent regression interrupted the ability for a Distributor to generate API credentials. This has been fixed and Distributors can now generate API credentials. |
| CPERF-10104 | Access to Sophos resources, such as the Central Dashboard (CDB), requires both authentication and authorization. Previously, audit logs recorded only successful logins. With this update, a new audit log entry is now generated when a user is denied access due to insufficient authorization, improving visibility into failed access attempts. |
| CPLAT-61446 | Before BST, licensing sync was disabled for this customer to prevent any licensing, protection issues. However, the enablement of license sync was overlooked for this customer after the BST. Once the sync was enabled, the issue was successfully resolved. |
| CPLAT-61220 | Previously for the Global Policy Template push related Audit Logs, they are anonymous entries per design. Since this causes concerns to the customer, hereby we modified the logic to use the email of the Partner/Organization admin who makes the push as the modifier of the audit log, both for the log entries in the PDB/EDB side and CDB side. |
| CPUI-12469 | Fixed an issue with broken "SSL/TLS decryption" link which caused endless redirection. |
| CPUI-12415 | There was no code change made to fix this issue. 2025.11 release was skipped, and after 2025.14 release deployment, this issue was resolved. |
| CSA-18757 | This fixes corrects a defect where detections were being shown prior to a data deduplication process. This resulted in duplicate detections being referenced and causing the Detection tab to be shown as empty. The fix has been provided and deployed with this release and all detections appear properly in the Threat Analysis Console. |
| Issue ID | Description |
|---|---|
| CPERF-10244 | Fixed an issue so that API credentials can now be created with special ascii characters in the Name and Description fields. |
| CPERF-10748 | Fixed an issue that was preventing the Manage Administrators page from loading in the Partner Dashboard for some partners. |
| CPERF-10747 | Fixed an issue with Central dashboard pages not loading properly for some users. |
| CPLAT-61736 | Fixed the issue where cases from one tenant were visible under a different tenant when accessed via managing partner dashboard. |
| CPLAT-61468 | Fixed the issue where when tenants were launched by PDB/EDB admins showed incorrect alert counts on widgets |
| CPLAT-60566 | Fixed Sophos Central support access disabling issue |
| CPLAT-61382 | This fix updates a few Sophos objects in the ConnectWise Automate database, which used to reference obsolete tables. Prior to this update those objects interfered with MSP's backing up the database. |
See the following documents:
See Sophos Central Platform Known Issues list for a full list of known issues with Sophos Central.
You can find technical support for Sophos products in any of these ways:
Copyright © 2025 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos, Sophos Anti-Virus, and SafeGuard are registered trademarks of Sophos Limited. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.