This article provides a list of frequently asked questions regarding Sophos Cloud.
Applies to the following Sophos product(s) and version(s)
What is Sophos Cloud?
Sophos Cloud is our new platform for delivering complete security as a service. The vision for Sophos Cloud is to offer complete security management from the cloud. Security will ultimately include everything required to protect both users and all their devices, as well as networks.
Software as a service or 'SaaS' means you do not have to install any server-side products, maintain backups, or monitor performance - this is all provided by us. A web console also allows you to manage all your computers from any supported web browser.
How do I sign up for an evaluation?
You can sign up here: http://www.sophos.com/products/free-trials/sophos-cloud.aspx.
How do I log in to Sophos Cloud?
Sophos Cloud is accessible at https://cloud.sophos.com. See 'How do I sign up for an evaluation?' if you do not have an account. For more information see article 119674.
How can I trial other features as an existing customer?
If you have already purchased a licence such as Sophos Cloud Endpoint Protection Advanced and now would like to look at Mobile; at the current time you will need to create a new evaluation. This will be created as a Sophos Cloud Enduser Protection licence which has all features for you to trial for 30 days.
What platforms can I protect?
Windows, Mac and iOS devices can be protected, for more information on supported versions, please see the Tech Specs page.
How do I switch from Sophos Endpoint Protection to Sophos Cloud?
You will need to have a license for Sophos Cloud. The Sophos Cloud installer will install onto an endpoint with an existing Sophos client or competitive product.
How do I change my license to Sophos Cloud (or buy a new license)?
To change your licence please contact your existing partner or contact Sales. For new licences please see: 'How to buy'.
Important: If you have evaluated Sophos Cloud, you will need to provide your chosen Partner with the licence number of the account you wish to continue using in order to convert the evaluation into a fully licensed account. You can locate your evaluation account number within Sophos Cloud under 'Account' > 'Administration', e.g. L1234567891.
Is Sophos Cloud replacing Enterprise Console?
No, we will continue to release and support versions of Enterprise Console. Sophos Cloud provides an alternative method of managing computers but we do hope that over time existing customers will want to migrate to it. Enterprise Console will continue to be an actively developed product for customers who do not want to fully switch to a cloud based solution.
Can I migrate my currently managed computers to Sophos Cloud from Sophos Enterprise Console, Sophos Control Center or Sophos Enterprise Manager?
It depends on the platform and the existing Sophos products installed. For more information on deployment options see article 119265.
Can I use the protection of a Sophos Cloud managed client to provide the scanning engine for other Sophos products?
At this time the Sophos Cloud managed endpoint is not supported to be used in conjunction with the following products to provide the scanning engine:
- Sophos PureMessage for Microsoft Exchange.
- Sophos for Sharepoint.
- PureMessage for Domino.
- Sophos Anti-Virus for NetApp.
- Other SAVI clients apart from SAV32CLI.
Can I deploy the Sophos Cloud Installer using Active Directory or tools such as SCCM?
Yes, see article 119265 for guidance on deploying the endpoint installer in a variety of ways.
What web browsers does the Sophos Cloud management interface support?
Sophos Cloud aims to support the current and previous versions of the major browsers. For more information see article 119639.
What are the platform requirements for the Sophos Cloud client software?
The 'Tech specs' page provides the platform requirements for Sophos Cloud Endpoint.
What ports do I need to open on my firewall?
For connecting to the Sophos Cloud website for administration purposes you will need to be able to establish an outbound connection to TCP port 443 (HTTPS). For the managed computers they need to establish outbound TCP connections to port 443 (HTTPS) for management and port 80 (HTTP) for updating.
Do you support querying the back-end API for customer reporting or automation?
Not at the current time, we plan to make this available in the future.
How do I deploy an un-managed client using the Sophos Cloud installer?
There are no supported scenarios for deploying the client software un-managed. The endpoint software is required to communicate with Sophos Cloud to obtain updating credentials and to therefore download the anti-virus component of the product.
My existing security software is not detected by the Sophos Cloud Installer what can I do?
We are constantly monitoring for new third-party security products we may want to automatically remove as part of the Sophos Cloud installer. If your existing product is not detected or fails to be removed please see article 119619.
Can I centralize updates to save network bandwidth using a local repository?
A web proxy which offers caching, for example, Sophos Unified Threat Management (UTM) should be able to do this for you automatically. For guidance on using a proxy such as Squid, see article 121131.
Where can I find information on proxy support?
Article 119263 details the proxy support information for Sophos Cloud.
As a Sophos partner, how can I manage multiple customers?
Via the Partner Portal, where applicable there will be a 'Cloud' tab where you can see all your cloud accounts. For the accounts where partner access has been granted you can fully administer the account on behalf of your customers.
How is customer data secured in the Cloud?
All stored data is encrypted and all applications are secured and running on secured operating systems. The system is load balanced and has fail-over between 3 sites, each running 2 instances of the software, any one of which is able to provide full service. Communication from the client to the Cloud is performed over HTTPS to secure the data and to enable the client to trust the server.
Where is the data hosted?
We host the service using Amazon Web Services (AWS). During initial account setup, administrators can elect whether their data resides in the EU or the USA. Access to data is strictly controlled and audited.
What data is gathered and how is it used?
You can see in areas such as reports and policies that information such as usernames are transmitted and stored to allow per user reporting and policy assignment. To provide reassurance on a common concern, since scanning runs locally on each machine, confidential files such as those containing employees' home addresses will not be transmitted to the cloud.
For more information see article 121254.
When will you be performing updates to the system?
We plan to perform scheduled updates to Sophos Cloud on Tuesdays. The times when updates will take place are as follows:
- BST 6 A.M. to noon.
- EDT 1 A.M. to 7 A.M.
- PDT 10 P.M. Monday to 4 A.M. Tuesday.
- Updates are not expected to take the full allocated 6 hours.
- They are typically every two to three weeks.
- For urgent updates we may perform maintenance outside of the above schedule.
- There will be no disruption to protection during this time however you may see the occasional transient error message.
- You may need to clear the cache of your web browser to see all updates to Sophos Cloud.
- A 'readme' file is updated with significant changes and can be found here.
What is billing in Sophos Cloud?
More information on billing can be found in article 120040.