RESOLVED Advisory: Sophos Central Partner and Enterprise dashboard – Central Mobile not available when managing Customer’s Central Admin dashboard

When a Partner or an Enterprise Admin launches their Central Admin customers dashboard, they may not see Central Mobile unless they have the super admin role for their partner or enterprise admin user.

The following sections are covered:

Applies to the following Sophos products and versions

Sophos Central Admin

Sophos Central Enterprise Dashboard

Sophos Central Partner

Partners that are unable to see the Central Mobile feature when managing their Sophos Central Customers:

  • Check that your Partner or Enterprise Admin user has the Super Admin role applied and then launch into your customers dashboard to manage their mobile devices.

Note: This is a temporary workaround to be able to manage your customer’s mobile devices.

Sophos is actively working to resolve this issue. This article will be updated as more information becomes available.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Advisory: Sophos Central Firewall Manager (SCFM): Devices disconnected and are unable to be added

We are currently investigating reports of XG devices being disconnected in SCFM. Device IP/Domain configuration has been removed and is unable to be added.

Applies to the following Sophos product(s) and version(s)

Sophos Central Firewall Manager

Some customers are unable to manage their XG devices on SCFM.

The problem has now been resolved. There will be residual lingering slowness issue whilst devices are reporting in. This should normalize within a couple of hours.

If you are still having this issue, please log a support case and reference this article.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Advisory: Sophos Central Partner and Enterprise dashboard – Central Mobile not available when managing Customer’s Central Admin dashboard

When a Partner or an Enterprise Admin launches their Central Admin customers dashboard, they may not see Central Mobile unless they have the super admin role for their partner or enterprise admin user.

The following sections are covered:

Applies to the following Sophos products and versions

Sophos Central Admin

Sophos Central Enterprise Dashboard

Sophos Central Partner

Partners that are unable to see the Central Mobile feature when managing their Sophos Central Customers:

  • Check that your Partner or Enterprise Admin user has the Super Admin role applied and then launch into your customers dashboard to manage their mobile devices.

Note: This is a temporary workaround to be able to manage your customer’s mobile devices.

Sophos is actively working to resolve this issue. This article will be updated as more information becomes available.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Advisory – Sophos Central: QR code image not displayed when creating a new Google or Sophos Authenticator MFA option

We are currently investigating reports of some customers being unable to create a new Google/Sophos Authenticator for use with Sophos Central multi-factor authentication due to the QR image not being generated properly.

Note: This issue only affects attempts to create a new Google/Sophos Authenticator, and does not affect customers logging in with previously created QR codes.

Applies to the following Sophos product(s) and version(s)

Sophos Central Admin

Sophos Central Partner

Sophos Central Enterprise Dashboard

Customers are unable to create a new Google/Sophos Authenticator for use with Sophos Central multi-factor authentication.

3/19 – Sophos is currently investigating this issue.

Please use the SMS Text Message option in the meantime.

Note: Once this issue is resolved, customers will be able to modify their login settings and create a Google/Sophos Authenticator for MFA.

  1. Choose the Back button from the QR code generation screen.
  2. Select the SMS Text Message option as the method of multi-factor authentication.

This article will be updated when more information becomes available

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Sophos Diagnostic Utility (SDU): Using the utility and sending files to Sophos Technical Support

The Sophos Diagnostic Utility (SDU) collects vital system information as well as log files for all Sophos products that are installed on the computer.

If you have not already done so you can download and install or locate the SDU by following article Sophos Diagnostic Utility (SDU): How to locate and download. The instructions below describe how to run and send the results to Sophos Technical Support.

The following sections are covered:

Applies to the following Sophos products and versions

Sophos Diagnostic Utility

Sophos Anti-Virus for Linux 9.15.0

Sophos Linux Security 10.4.0

In managed Sophos environments, the Sophos Diagnostic Utility may be available in more than one location.

Running Sophos Diagnostic Utility from Autoupdate cache, Distribution Location, or ZIP extraction

  • Double-click on sdugui.exe to launch the Sophos Diagnostic Utility user interface.
  • Double-click on sducli.exe to run the Sophos Diagnostic Utility via Command Prompt.

Running an installed version of the Sophos Diagnostic Utility (EXE Version)

  • Go to Start | Programs | Sophos | Sophos Diagnostic Utility and select Sophos Diagnostic Utility.

Related:

  • No Related Posts

Advisory: Scheduled Cyberoam and NetGenie server maintenance on Saturday March 30, 2019 starting at 14:00 (UTC)

Scheduled Cyberoam and NetGenie server maintenance on Saturday, March 30 starting at 14:00 (UTC). Estimated time to complete maintenance is 1 hour.

A website banner will be displayed on the Cyberoam and NetGenie portal indicating there is ongoing maintenance occurring. This will be shown during the duration of the scheduled maintenance period.

Applies to the following Sophos product(s) and version(s)

Cyberoam UTM with Cyberoam OS

NetGenie

During this maintenance period:

  • Customers may experience issues connecting to the Customer or Partner Portal.
  • Activation and registration of Cyberoam products may be unavailable.

Please follow this KBA for the latest updates and information.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Resolved – Advisory – Sophos XG Firewall: DDNS updates not working

We are investigating reports of some XG customers experiencing issues with DDNS updates failing when using Sophos as the service provider.

Applies to the following Sophos products and versions

Not product specific

Sophos has resolved this issue.

Any customers still experiencing issues, please raise a support case and reference this KB.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Install Sophos Anti-Virus with On-access scanning provided by Fanotify and Talpa on-access disabled.

This article describes the steps to install Sophos Anti-Virus with On-access scanning provided by Fanotify and Talpa on-access disabled.

The following sections are covered:

Applies to the following Sophos products and versions

Sophos Anti-Virus for Linux

Sophos Anti-Virus for Linux

Sophos Anti-Virus for Linux

In some environments, it is necessary to install Sophos Anti-Virus for Linux without Talpa on-access scanning starting and for SAV to install with fanotify on-access enabled.

The install commands for this are : –

For a Central managed install:

# ./SophosInstall.sh –disableTalpa –disableFanotify=false

For a Sophos Enterprise Console managed install:

# ./install.sh –disableTalpa –disableFanotify=false

After the install, the configuration options used can be confirmed with:

root@ubuntucl5:/opt/sophos-av/bin# ./savdstatus

Sophos Anti-Virus is active and on-access scanning is running

root@ubuntucl5:/opt/sophos-av/bin# ./savconfig disableFanotify

false

root@ubuntucl5:/opt/sophos-av/bin# ./savconfig disableTalpa

true

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Sophos Anti-Virus for Linux: Docker containers support

As containers are becoming more widely deployed on Linux Servers, the need for security is paramount to ensure any running containers have not been injected with malware.

Sophos Anti-Virus for Linux has been enhanced to improve detection of malware in Docker containers using on-access scanning and to improve the way in which detections in Docker containers are presented within the Sophos management consoles. Now, when a threat is identified within a Docker container, the threat report will state the path and hostname of the container. This will be displayed as container hostname=<hostname>.

This article details the addition of support for Docker containers within Sophos Anti-Virus for Linux.

Applies to the following Sophos products and versions

Sophos Anti-Virus for Linux 10

Sophos Anti-Virus for Linux 9

Threat detection within Docker containers has been available since the following versions of Sophos Anti-Virus for Linux:

  • Sophos Anti-Virus for Linux version 9.13.0 and later
  • Central-managed Sophos Anti-Virus for Linux version 10.1.1 and later

For Sophos Anti-Virus for Linux to detect threats in Docker containers, the Talpa on-access driver must be used. The Fanotify kernel interface does not support scanning inside containers.

A recent, supported version of Docker will need to be installed and configured, preferably from the operating system vendor’s package repositories.

The Sophos Anti-Virus for Linux Docker scanning functionality is available on supported releases of the following platforms:

  • Red Hat Enterprise Linux 7 – Server
  • CentOS 7
  • Oracle Linux 7
  • Ubuntu 16.04 and 18.04
  • SUSE Linux Enterprise Server 12 and 15

For more information on Sophos Anti-virus for Linux, take a look at the knowledge base article Endpoint Security and Control: Retirement calendar for supported platforms and operating systems.

From the Docker website:

When antivirus software scans files used by Docker, these files may be locked in a way that causes Docker commands to hang.

One way to reduce these problems is to add the Docker data directory (/var/lib/docker on Linux, %ProgramData%docker on Windows Server, or $HOME/Library/Containers/com.docker.docker/ on Mac) to the antivirus’s exclusion list. However, this comes with the trade-off that viruses or malware in Docker images, writable layers of containers, or volumes are not detected. If you do choose to exclude Docker’s data directory from background virus scanning, you may want to schedule a recurring task that stops Docker, scans the data directory, and restarts Docker.

For more information on what operating systems that Docker support, take a look at its Compatibility Matrix.

Note: In Sophos Anti-Virus for Linux, exclusions; a directory is defined with a trailing “/” so in the above example, the exclusion would be “/var/lib/docker/”.

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable for us to ensure that we continually strive to give our customers the best information possible.

Related:

  • No Related Posts

Using mkinstpkg to create deployment packages for Sophos Anti-Virus for Linux, v 9

In Sophos Anti-Virus for Linux/Unix v9 there is a new location for the deployment package tool – mkinstpkg. This package is no longer available in the CID (Central installation directory).

Known to apply to the following Sophos product(s) and version(s)

Sophos Anti-Virus for Linux/Unix 9

Operating systems

Linux

Unix

What To Do

To create a pre-configured deployment package, follow these instructions:

  1. Go to the directory /opt/sophos-av/update/.
  2. Do one of the following:
    • To create a tar format deployment package, called savinstpkg.tgz, type: ./mkinstpkg
    • To create an RPM format deployment package (Linux Only), called savinstpkg-0.0-1.i586.rpm, type:

      ./mkinstpkg -r

      Note: The filename may vary slightly depending on the RPM setup.
  3. Use your own tools to copy this package to the computers where you want to install Sophos Anti-Virus.

Configuration options can be set when creating the package with mkinstpkg such as setting the install package to default to Fanotify instead of Talpa for on-access scanning (please see 118231 and 118216). The example in this case would ./mkinstpkg –extra-options=”–preferFanotify”

More information on this configuration options can be found in section 11 Appendix “Command Line Options for Mkinstpkg” in the Sophos Anti-Virus for Linux Start-up guide.

For more information on creating and using deployment packages, please see the Enterprise Console guide for managing Linux and Unix computers:

http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx

Related:

  • No Related Posts