Sophos Central Admin Frequently Asked Questions (FAQ)

  • Article ID: 119598
  • Rating:
  • 27 customers rated this article 4.1 out of 6
  • Updated: 21 Apr 2016

This article provides a list of frequently asked questions regarding Sophos Central Admin.

Applies to the following Sophos product(s) and version(s)
Sophos Cloud Dashboard
Sophos Cloud

What is Sophos Central Admin?

Sophos Central Admin is our platform for delivering complete security as a service. The vision for Sophos Central Admin is to offer complete security management from the cloud. This includes protecting user devices and servers.

Software as a service or 'SaaS' means you do not have to install any server-side products, maintain backups, or monitor performance - this is all provided by us. A web console also allows you to manage all your computers from any supported web browser.

How do I sign up for an evaluation?

You can sign up for a free 30 day no obligation trial here:

How do I log in to Sophos Central Admin?

Sophos Central Admin is accessible at  See 'How do I sign up for an evaluation?' if you do not have an account.  For more information see article 119674.

What platforms can I protect and manage?

Windows, Mac, Sophos Secure OS (Linux), Linux, iOS and Android devices, Cloud Web Gateway,  can be protected, for more information on supported versions, please see the Tech Specs page.

How do I change my license to Sophos Central Admin (or buy a new license)?

To change your license please contact your existing partner or contact Sales. For new licenses please see: 'How to buy'.

: If you have evaluated Sophos Central Admin, you will need to provide your chosen Partner with the license number of the account you wish to continue using in order to convert the evaluation into a fully licensed account.  You can locate your evaluation account number within Sophos Central Admin under 'Login Name' > 'Administration & Licensing'>License Info e.g. L1234567891.

Is Sophos Central Admin replacing Enterprise Console?

No, we will continue to release and support versions of Enterprise Console. Sophos Central Admin provides an alternative method of managing computers but we do hope that over time existing customers will want to migrate to it. Enterprise Console will continue to be an actively developed product for customers who do not want to fully switch to a cloud based solution.

Can I migrate my currently managed computers to Sophos Central Admin from Sophos Enterprise Console, Sophos Control Center or Sophos Enterprise Manager?

Absolutely, for more information see article 121475 which details at a high level how to migrate and if it's appropriate at the current time for you to do so.  There is also a tool which can assist on-premise customer.  Information can be found in article 122264.

Can I use the protection of a Sophos Central Adminmanaged client to provide the scanning engine for other Sophos products?

At this time the Sophos Central Admin managed endpoint is not supported to be used in conjunction with the following products to provide the scanning engine:

  • Sophos PureMessage for Microsoft Exchange.
  • Sophos for Sharepoint.
  • PureMessage for Domino.
  • Sophos Anti-Virus for NetApp.
  • Other SAVI clients apart from the command line scanner SAV32CLI.

Can I protect my servers?

Certainly, see our Sophos Central Admin Server Protection Frequently Asked Questions (FAQ) for more information on the supported platforms and server specific features.

Can I deploy the Sophos Central Admin Installer using Active Directory or tools such as SCCM?

Yes, see article 119265 for guidance on deploying the endpoint installer in a variety of ways.

What web browsers does the Sophos Central Admin management interface support?

Sophos Central Admin aims to support the current and previous versions of the major browsers.  For more information see article 119639.

What are the platform requirements for the Sophos Central Admin client software?

The 'Tech specs' page provides the platform requirements for Sophos Central Admin Endpoint.

What ports do I need to open on my firewall?

For connecting to the Sophos Central Admin website for administration purposes you will need to be able to establish an outbound connection to TCP port 443 (HTTPS).  For the managed computers they need to establish outbound TCP connections to port 443 (HTTPS) for management and port 80 (HTTP) for updating.  For more information regarding the domains that need to be accessed, see article 121936.

Do you support querying the back-end API for customer reporting or automation?

Not at the current time, we plan to make this available in the future.

How do I deploy an un-managed client using the Sophos Central Admin installer?

There are no supported scenarios for deploying the client software un-managed.  The endpoint software is required to communicate with Sophos Central Admin to obtain updating credentials and to therefore download the anti-virus component of the product.  

My existing security software is not detected by the Sophos Central Admin Installer what can I do?

We are constantly monitoring for new third-party security products we may want to automatically remove as part of the Sophos Central Admin installer.  If your existing product is not detected or fails to be removed please see article 119619.

Can I centralize updates to save network bandwidth using a local repository?

A web proxy which offers caching, for example, Sophos Unified Threat Management (UTM) should be able to do this for you automatically.  For guidance on using a proxy such as Squid, see article 121131.  

Where can I find information on proxy support?

Article 119263 details the proxy support information for Sophos Central Admin.

As a Sophos partner, how can I manage multiple customers?

Via the Sophos Central Partner Dashboard -  for more information see article 121583.

How is customer data secured in the Cloud?

All stored data is encrypted and all applications are secured and running on secured operating systems. The system is load balanced and has fail-over between 3 sites, each running 2 instances of the software, any one of which is able to provide full service.  Communication from the client to the Cloud is performed over HTTPS to secure the data and to enable the client to trust the server.

Where is the data hosted?

We host the service using Amazon Web Services (AWS). During initial account setup, administrators can elect whether their data resides in the EU or the USA.  Access to data is strictly controlled and audited. 

What data is gathered and how is it used?

Sophos' privacy policy can be found here:

You can see in areas such as reports and policies that information such as usernames are transmitted and stored to allow per user reporting and policy assignment. To provide reassurance on a common concern, since scanning runs locally on each machine, confidential files such as those containing employees' home addresses will not be transmitted to the cloud.

For more information see article 121254.

When will you be performing updates to the system?

We plan to perform scheduled updates to Sophos Central Admin on Tuesdays. The times when updates will take place are as follows:

  • BST 6 A.M. to noon.
  • EDT 1 A.M. to 7 A.M.
  • PDT 10 P.M. Monday to 4 A.M. Tuesday.


  • Updates are not expected to take the full allocated 6 hours.
  • They are typically every two to three weeks.
  • For urgent updates we may perform maintenance outside of the above schedule. 
  • There will be no disruption to protection during this time however you may see the occasional transient error message.
  • You may need to clear the cache of your web browser to see all updates to Sophos Cloud.
  • A 'readme' file is updated with significant changes and can be found here.

What is billing in Sophos Central Admin?

More information on billing can be found in article 120040.

How do I cancel my account?

If you decide not to purchase Sophos Central Admin at the end of the 30 day trial, no further action is required. Sophos Central Admin evaluation accounts that are not used for an extended period of time will be removed.

Can my employees install the software on their personal computers as part of a single license?

If the device is managed by the IT department or is part of a BYOD scheme then it can be covered by a user license.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent