This article provides a list of frequently asked questions regarding Sophos Cloud.
Applies to the following Sophos product(s) and version(s)
What is Sophos Cloud?
Sophos Cloud is our new platform for delivering complete security as a service. The vision for Sophos Cloud is to offer complete security management from the cloud. Security will ultimately include everything required to protect both users and all their devices, as well as networks.
Software as a service or 'SaaS' means you do not have to install any server-side products, maintain backups, or monitor performance - this is all provided by us. A web console also allows you to manage all your computers from any supported web browser.
At the moment Cloud provides a core set of simplified protection components for your computers (Antivirus, Device Control, Tamper Protection). Policies are user-based (not machine-based) so who logs on to a computer controls the protection settings and management of remote computers (those not connected to your local network) is easy to set up.
How do I sign up for an evaluation?
You can sign up here: http://www.sophos.com/products/free-trials/sophos-cloud.aspx.
How do I log in to Sophos Cloud?
Sophos Cloud is accessible at https://cloud.sophos.com. See 'How do I sign up for an evaluation?' if you do not have a login. For more information see article 119674.
When was Sophos Cloud released?
Sophos Cloud was released in the UK and US on the 29th July 2013. It will be made available globally in the next few months.
How many users can Sophos Cloud support?
The initial Sophos Cloud release is targeted at smaller organisations (fewer than 100 users) in the UK and US and will require a new license.
By the end of November, new and existing customers of all sizes and in all regions will be able to use Sophos Cloud.
What platforms can I protect?
Windows and Mac clients can be protected, for more information on supported versions, please see the Tech Specs page.
Note: The Mac client is currently in Beta and is tagged as such on the downloads page and emails sent by the system.
How do I switch from Sophos Endpoint Protection to Sophos Cloud?
You will need to have a license for Sophos Cloud. The Sophos Cloud installer will install onto an endpoint with an existing Sophos client or competitive product (see above questions on existing security software detection and additional endpoint components that cannot be removed by the Sophos Cloud installer).
How do I change my license to Sophos Cloud (or buy a new license)?
To change your licence please contact your existing partner or contact Sales. For new licences please see: 'How to buy'.
When will I see more functionality integrated into Sophos Cloud?
We have a road-map to add many of the key features of Sophos’ existing solutions over the next 6-18 months. The first additions will be Mac support, AD support and web filtering. Please keep checking back for updates.
Is Sophos Cloud replacing Enterprise Console?
No, we will continue to release and support versions of Enterprise Console. Sophos Cloud provides an alternative method of managing computers but we do hope that over time existing customers will want to migrate to it. Enterprise Console will continue to be an actively developed product for customers who do not want to fully switch to a cloud based solution.
Can I migrate my currently managed computers to Sophos Cloud from Sophos Enterprise Console, Sophos Control Center or Sophos Enterprise Manager?
Yes, you will need to install the Sophos Cloud protection agent over the existing endpoint software.
Note: If the computer has one or more of the following components installed these will need to be removed before running the Sophos Cloud installer:
- Sophos Compliance Agent.
- Sophos Patch.
- Sophos Client Firewall.
- Sophos Encryption as managed by Enterprise Console.
- Sophos Anti-Virus, if the following components have been enabled on the computer:
- Web control.
- Data control.
For more information on deployment options see article 119265.
Can I use the protection of a Sophos Cloud managed client to provide the scanning engine for other Sophos products?
At this time the Sophos Cloud managed endpoint is not supported to be used in conjunction with the following products to provide the scanning engine:
- Sophos PureMessage for Microsoft Exchange.
- Sophos for Sharepoint.
- PureMessage for Domino.
- Sophos Anti-Virus for NetApp.
- Other SAVI clients apart from SAV32CLI.
Can I deploy the Sophos Cloud Installer using Active Directory or tools such as SCCM?
Yes, see article 119265 for guidance on deploying the endpoint installer in a variety of ways.
What web browsers does the Sophos Cloud management interface support?
Sophos Cloud aims to support the current and previous versions of the major browsers. For more information see article 119639.
What are the platform requirements for the Sophos Cloud client software?
The 'Tech specs' page provides the platform requirements for Sophos Cloud Endpoint.
What ports do I need to open on my firewall?
For connecting to the Sophos Cloud website for administration purposes you will need to be able to establish an outbound connection to TCP port 443 (HTTPS). For the managed computers they need to establish outbound TCP connections to port 443 (HTTPS) for management and port 80 (HTTP) for updating.
Do you support querying the back-end API for customer reporting or automation?
Not at the current time, we plan to make this available in the future.
How do I deploy an un-managed client using the Sophos Cloud installer?
There are no supported scenarios for deploying the client software un-managed. The endpoint software is required to communicate with Sophos Cloud to obtain updating credentials and to therefore download the anti-virus component of the product.
My existing security software is not detected by the Sophos Cloud Installer what can I do?
We are constantly monitoring for new third-party security products we may want to automatically remove as part of the Sophos Cloud installer. If your existing product is not detected or fails to be removed please see article 119619.
Can I centralize updates to save network bandwidth using a local repository?
A web proxy which offers caching, for example, Sophos Unified Threat Management (UTM) should be able to do this for you automatically.
Where can I find information on proxy support?
Article 119263 details the proxy support information for Sophos Cloud.
As a Sophos partner, how can I manage multiple customers?
We have a partner portal on the road-map. In the meantime, a partner can log into each customer, optionally configuring additional administrative accounts.
Note: Requires a separate email address for login, e.g. email@example.com, and receive email alerts in the same way. This situation will be improved by the upcoming partner portal.
How is customer data secured in the Cloud?
All stored data is encrypted and all applications are secured and running on secured operating systems. The system is load balanced and has fail-over between 3 sites, each running 2 instances of the software, any one of which is able to provide full service. Communication from the client to the Cloud is performed over HTTPS to secure the data and to enable the client to trust the server.
Where is the data hosted?
We host the service using Amazon Web Services (AWS). During initial account setup, administrators can elect whether their data resides in the EU or the USA. Access to data is strictly controlled and audited.
What data is gathered and how is it used?
You can see in areas such as reports and policies that information such as usernames are transmitted and stored to allow per user reporting and policy assignment. To provide reassurance on a common concern, since scanning runs locally on each machine, confidential files such as those containing employees' home addresses will not be transmitted to the cloud.
When will you be performing updates to the system?
We plan to perform scheduled updates to Sophos Cloud on Tuesdays. The times when updates will take place are as follows:
- BST 6 A.M. to noon.
- EDT 1 A.M. to 7 A.M.
- PDT 10 P.M. Monday to 4 A.M. Tuesday.
- Updates are not expected to take the full allocated 6 hours.
- They are typically every one or two weeks.
- For urgent updates we may perform maintenance outside of the above schedule.
- There will be no disruption to protection during this time however you may see the occasional transient error message.
- You may need to clear the cache of your web browser to see all updates to Sophos Cloud.
What is billing in Sophos Cloud?
More information on billing can be found in article 120040.