Skip to content
Avanet
Sophos Central update - LLDP for APX series, Outlook add-in for Phish Threat and more

Sophos Central update - LLDP for APX series, Outlook add-in for Phish Threat and more

Sophos Central is being diligently updated, and it’s time once again to briefly summarize the new features and minor updates from the last few months.

Launch of Intercept X Advanced and EDR

We already reported on the name changes for the endpoint products in an earlier blog post. The Endpoint Advanced + Intercept X bundle has become Intercept X Advanced, which you can now officially order from us. Intercept X Advanced EDR is also being activated by Sophos in the DACH region this November.

Sophos Wireless update 2.1

With the release of the new APX series, it was clear that Sophos would continue to invest in the development of its wireless solutions. The major release of Sophos Central Wireless to version 2.1 added the following new functions:

Improved diagnostics

  • More options for event logging and reports
  • Collection of logs specifically for audits
  • Packet captures can be generated directly on the access point and then exported via the cloud for analysis
  • Export of AP logs to syslog servers

We highly recommend the following Sophos video, which shows these features in more detail within the Sophos Central dashboard.

To the video: What’s new in Sophos Central - Wireless

LLDP

APX series access points can now identify themselves on the network thanks to support for LLDP (Link Layer Discovery Protocol). Switches that support LLDP according to standard 802.1ab are now able to recognize Sophos APX access points. The following information is provided via LLDP:

  • MAC address
  • Model
  • Serial number
  • Firmware version
  • Management port
  • Management IP address

For security reasons, LLDP packets are only transmitted over a wired connection. Just to reiterate: this function is unfortunately reserved for the new APX series only. The classic APs (15, 55, 100) are excluded.

Roaming Assist

This function allows so-called “sticky clients” to enjoy seamless roaming without having to disconnect from the network. A sticky client is a wireless client that remains connected to an access point even when it is far away and would ideally connect to the next AP.

GUI optimisations

In the latest update, Sophos has not only worked on new features but also on the GUI. You may have noticed that the “Wireless System Settings” page has been tidied up and split into separate tabs. The “Access Points” page has also become much clearer. Additionally, the signal strength graphic for a client now uses the unit dBm, providing a more detailed view.

Phish Threat - Outlook add-in

Sophos Central Phish Threat regularly receives new campaigns. This month alone, around 30 new campaigns in the areas of “Training”, “Phishing”, “Credential theft,” and “Attachments” have been added. In addition, there is now a very practical Sophos Outlook add-in that lets you report a phishing email in Outlook with a single click. You can see exactly how it works in the following video.

To the video: Sophos Phish Threat Outlook Add-in

The add-in is available for the following platforms:

  • Microsoft Outlook for Windows (2013, 2016)
  • Microsoft Outlook for Mac (2016)
  • Outlook Web Access
  • Office 365

Mobile 8.5

Sophos Mobile 8.5 brings some new features to desktop management for macOS and Windows 10 systems. Apple’s Device Enrollment Program (DEP) and Volume Purchase Program (VPP) are now supported, and an “App Management” function for deploying and updating macOS applications has been added. It is also now possible to delay operating system updates in macOS.

On Windows 10, the “Device Guard settings” can now be managed centrally, and a new “kiosk mode” has been introduced.

There are also a number of new configuration options for iOS and Android. For Android, there is now full zero-touch enrollment for Samsung Knox. New functions for mass enrollment have been added, and Android Enterprise has received a large number of new features that can be managed centrally via Sophos Mobile. For iOS, there is now AirPrint management and the option to delay iOS upgrades for up to 90 days.

Mobile Security also comes with new features. The former antivirus for Android smartphones has grown into a complete mobile threat defense solution. The machine learning/deep learning engine that you may already know from products such as Intercept X or Intercept X Advanced for Server has been integrated into the Android Mobile Security app. Mobile Security is no longer just manageable via Sophos Mobile but also works with other EMM solutions such as Microsoft Intune.

Update: 25.10.2019 - Sophos Central Mobile Security has been renamed to Sophos Central Intercept X for Mobile. It is still the same product with a new design.

Sophos Email Gateway

Header information and wildcards (*)

In the “Reporting / Logging” area you can now view detailed header information for an email message. For example, you can see which mail server accepted the email and at what time, as well as the return codes the respective mail servers provided. You can also see whether the email contained an attachment. It’s also worth mentioning that the “Inbound allow/block” list now supports wildcards (e.g., *example.com).

Search has also been simplified and sped up considerably. For example, when you search for a mailbox in the message queue, the list is automatically filtered as you type.

Enterprise Dashboard

For everyone who uses the Enterprise Dashboard to manage multiple Central accounts, it is now possible to detach sub-estates so that they become standalone Sophos Central accounts again. Sub-estates can also be deleted completely.

Under “Logs,” there is now a new “Audit log” entry. This makes it very easy to track who has made changes in the enterprise account or a tenant’s account.

Sophos Central Enterprise Dashboard audit log

Windows Server

File Integrity Monitoring

The “Sophos Central Server Protection” module now includes a new policy called “File Integrity Monitoring”. You can now monitor critical Windows system files for changes. You can also add your own files, folders, or even registry keys whose changes should be recorded. This new feature helps you meet specific compliance requirements of the PCI Data Security Standard.

Windows Server 2019 support

Sophos Central Server Protection now also supports Microsoft Windows Server 2019, although the requirements have increased to 5 GB of disk space and 4 GB of RAM. The following Windows Server operating systems are currently supported:

  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2 (64 bit)
  • Windows Server 2012 (64 bit)
  • Windows Server 2008 R2 (64 bit)
  • Windows Server 2008 (32- or 64-bit)

Message relays for macOS

Message relays now also work on macOS. If you have already set up message relays for your Windows computers, your macOS devices will immediately start using your existing relays and any you create in the future.

End of Sale - Sophos Clean

One important piece of information to finish with: Sophos Clean is no longer being offered as a standalone product. However, Clean is still included in Intercept X. Sophos Clean customers cannot renew their license and must migrate to Intercept X. We can accept orders for Sophos Clean for all regions until 1 November 2018.

David

David

David is responsible for content, structure, and digital implementation at Avanet. His focus is on making complex technical topics clear, precise, and search-friendly.