Sophos Enterprise Console 5.4.0 release notes
April 2016
What's new
New features
- Download Reputation
Sophos Anti-Virus now warns end users if a download has a low reputation. This reputation is based on a file's source, how often it is downloaded and other factors, and indicates whether the file might be a risk. For more information, see knowledgebase Article 121319.
Note: Download Reputation requires Sophos Live Protection to be enabled.Note: Download Reputation is supported only on Windows 7 and later. It is not supported in the Firefox and Safari browsers. - Live Protection for on-demand scanning
In Sophos Enterprise Console 5.4.0, you can enable or disable Live Protection for on-demand scanning. This new functionality requires the Sophos Anti-Virus version that supports it, which is due to be released later in 2016. The new functionality will not take effect on endpoint computers until that version of Sophos Anti-Virus is installed on the computers.
- Link to Sophos CentralYou can now access the Sophos Central management console from Enterprise Console. Look for the Sophos Central button in the toolbar. Sophos Central is web-hosted software that enables you to protect and manage your computers, servers and mobiles.Note: Sophos Central was formerly called Sophos Cloud.
- Updated Microsoft system software prerequisites
For new installations, the Sophos Enterprise Console 5.4.0 installer attempts to install SQL Server 2012 Express Edition with Service Pack 2 (SP2), unless you choose to use an existing instance of SQL Server 2005 Express or later.
The installer installs .NET Framework 4.5.2, unless version 4.x is already installed.
- Configure Use of Fixed Packages
We are bringing back the fixed version software packages. You can now enable the use of fixed packages under , and you will be able to see and subscribe to fixed packages in the Software Subscription dialog box.
Note: If you use role-based administration, you must have the System configuration right to configure the use of fixed packages.If you have used fixed packages before the upgrade to Sophos Enterprise Console 5.4, the use of fixed packages will be enabled automatically.
If you have remote consoles, changing the configuration option in one of them will take effect in all consoles. If you have enabled the use of fixed packages in the registry as described in knowledgebase article 117348, the registry setting will take effect only on the computer where it has been configured, and it will take precedence over the configuration option in the console.
- Online Help
In Sophos Enterprise Console 5.4.0, hosted online Help replaces local help files. The Help can be found at https://docs.sophos.com/esg/enterprise-console/5-4/help/en-us/webhelp/index.htm.
Retired features
- Sophos Disk Encryption 5.61 has been retired. If you use Sophos Disk
Encryption and manage it via the Full disk encryption policy in Enterprise
Console, you should do one of the following:
- Uninstall Sophos Disk Encryption.
- Upgrade Sophos Disk Encryption to SafeGuard Enterprise 6.10.
For information and instructions, see knowledgebase article 123656.
Resolved issues
- For a list of resolved issues, see knowledgebase article 123896.
Other changes
Platform support
Starting with version 5.4.0, Sophos Enterprise Console (including the remote management console component) is no longer supported on Windows Server 2003, Windows Server 2003 R2, Windows XP, and Windows Vista.
For a full list of system requirements, see http://www.sophos.com/en-us/support/knowledgebase/113278.aspx.
Product retirements
- Please note that Sophos Enterprise Console versions 5.1, 5.2.0, 5.2.1 and 5.2.1 R2 are retired.
- Please note that Sophos Control Center is retired. It is not possible to upgrade directly to Sophos Enterprise Console 5.4.0 from Sophos Control Center. For more information, see Upgrading to Enterprise Console 5.4.0.
For more information on product retirements, see http://www.sophos.com/en-us/support/knowledgebase/119147.aspx.
System requirements
Supported operating systems and SQL Server versions
For operating system requirements and supported SQL Server versions, see http://www.sophos.com/en-us/support/knowledgebase/113278.aspx.
Other software requirements
The installer also attempts to install the following software:
- Microsoft .NET Framework 4.5.2 (unless version 4.x is already installed)
- Microsoft Message Queuing (MSMQ) (unless already installed)
You will need to have the following software installed:
- At least Internet Explorer 7 or later
For more information about installing required system software, refer to the Enterprise Console startup documentation published at http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx.
Port requirements
Enterprise Console requires certain ports to be open. For more information, go to http://www.sophos.com/en-us/support/knowledgebase/38385.aspx.
Hardware requirements
For hardware requirements, see https://www.sophos.com/en-us/support/knowledgebase/118635.aspx.
Upgrading to Enterprise Console 5.4.0
You can upgrade to Enterprise Console 5.4.0 directly from:
- Enterprise Console 5.3.1
- Enterprise Console 5.3.0
- Enterprise Console 5.2.2
- Enterprise Console 5.2.1 R2
- Enterprise Console 5.2.1
- Enterprise Console 5.2.0
- Enterprise Console 5.1
- Enterprise Console 5.0
If you are using Sophos Control Center 4.0.1 or 4.1, you will need to upgrade in two steps by following one of the supported upgrade paths:
- Upgrade to Enterprise Console 5.1 and then upgrade to Enterprise Console 5.4.0.
- Upgrade to Enterprise Console 5.2.2 and then upgrade to Enterprise Console 5.4.0.
See also knowledgebase article 119105 for more information about different upgrade paths.
The installers for earlier versions of Enterprise Console are available from the Sophos Enterprise Console Downloads page (http://www.sophos.com/en-us/support/downloads/console/sophos-enterprise-console.aspx).
Tool version compatibility for Enterprise Console
The following table shows version compatibility between Enterprise Console tools and Enterprise Console.
The Enterprise Console tools are available for download from https://www.sophos.com/support/downloads.aspx.
| Enterprise Console | Reporting Interface | Reporting Log Writer | Virtualization Scan Controller |
|---|---|---|---|
| 5.4.0 | * | 5.1 | 2.0 |
| 5.3.1 | * | 5.1 | 2.0 |
| 5.3.0 | * | 5.1 | 2.0 |
| 5.2.2 | * | 5.1 | 2.0 |
| 5.2.1 R2 | * | 5.1 | 2.0 |
| 5.2.1 | * | 5.1 | 2.0 |
| 5.2 | * | 5.1 | 2.0 |
| 5.1 | 5.1* | 5.1 | 1.0 |
* Since version 5.1, Reporting Interface database objects are installed as part of the Enterprise Console database installation, and the standalone installer on the Sophos Reporting Interface download page includes only Reporting Log Writer.
Known issues and limitations
Installation
- (DEF56407) Distributed installation: Sophos Management Service
doesn't start if a database instance is present without the appropriate network protocols enabled.
For distributed installations of Enterprise Console (with SQL Server on a different server) the Sophos Management Service may not start if the "SOPHOS" database instance was created by PureMessage for Microsoft Exchange, or if the chosen SQL Server instance has TCP/IP protocol disabled.
To work around this problem, do the following.
- When installing Sophos Enterprise Console and PureMessage together, you must first install Sophos Enterprise Console.
- If PureMessage for Exchange is already present, or if you are using a SQL Server 2005/2008 database on a different server (a remote database) and the issue occurs, use the SQL Server Configuration Manager to enable the TCP/IP protocol for the database instance and also start the SQL Server Browser service.
Upgrading
- (WKI79868) When you upgrade from Sophos Enterprise Console 5.0 to Sophos Enterprise Console 5.4.0, the Patch Assessment Event Viewer will be blank. Missing patches data
will appear in the Patch Assessment Event Viewer after the computers are
assessed for missing patches during their next scheduled assessment. (The patch
assessment interval is specified in the Patch Policy and can be set to "Every 8
hours", "Every day" (default), or "Every week".)
This issue does not appear when upgrading to Enterprise Console 5.4.0 from Enterprise Console 5.1 or later.
For more information about issues with upgrading Enterprise Console, see http://www.sophos.com/en-us/support/knowledgebase/114627.aspx.
Deployment
- (DEF84838) It is not possible to protect Windows 8 and Windows 8.1 computers
that are in a workgroup from Enterprise Console 5.4.0 running on Windows Server
2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012
R2.
For more information and instructions on how to enable deployment, see http://www.sophos.com/en-us/support/knowledgebase/118354.aspx.
General
- (DEF90191) On Japanese or Chinese Windows Server 2012 installations, Enterprise Console fails when the Chart tab is selected in the Reporting window. Workaround: Use scheduled reports instead.
- (DEF82914) Optional user-defined desktop messages are not displayed on computers running Windows 8. For more information, see http://www.sophos.com/en-us/support/knowledgebase/118233.aspx.
- (DEF58871, DEF58872) When discovering
computers or synchronizing to Active Directory, Enterprise Console may fail to differentiate between multiple computers with the same name, and
may switch them between groups alternately. This situation may arise where
identically-named computers are situated on different domains or sub-domains.
To work around this problem, do one of the following.
- Ensure that Sophos RMS (Remote
Management System) is installed and running on all identically-named
computers before attempting to find them from Enterprise Console.
Do not synchronize any Active Directory groups that contain machines which have identically-named computers. Manage the computers manually.
- Eliminate duplicate computer names on your network.
- Ensure that Sophos RMS (Remote
Management System) is installed and running on all identically-named
computers before attempting to find them from Enterprise Console.
Data control
For information about limitations of data control, see http://www.sophos.com/en-us/support/knowledgebase/63016.aspx.
Additional information
For release notes and other documentation for managed endpoint software, follow these links:
- Endpoint release notes
- Sophos Endpoint Security and Control for Windows
- Sophos Anti-Virus for Mac OS X
- Sophos Anti-Virus for Linux
- Sophos Anti-Virus for UNIX
Before using Sophos Reporting Interface, read the Sophos Reporting Interface documentation.
Sophos documentation is published at www.sophos.com/en-us/support/documentation.aspx.
Information from previous releases
For information about changes in earlier versions of Sophos Enterprise Console, see the following release notes:
- Sophos Enterprise Console 5.3.1 release notes
- Sophos Enterprise Console 5.3.0 release notes
- Sophos Enterprise Console 5.2.2 release notes
- Sophos Enterprise Console 5.2.1 R2 release notes
- Sophos Enterprise Console 5.2.1 release notes
- Sophos Enterprise Console 5.2.0 release notes
- Sophos Enterprise Console 5.1 release notes
Technical support
You can find technical support for Sophos products in any of these ways:
- Visit the Sophos Community at community.sophos.com/ and search for other users who are experiencing the same problem.
- Visit the Sophos support knowledgebase at www.sophos.com/en-us/support.aspx.
- Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
- Open a ticket with our support team at https://secure2.sophos.com/support/contact-support/support-query.aspx.
Legal notices
Copyright © 2016 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.