Endpoint

Sophos Central Server Protection

For Sophos Central customers

About these release notes

These are the release notes for Sophos Central Server Protection for Windows Server 2008 R2 and later operating systems.

Note You may find that you cannot yet download and use the latest version on the list below. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.

For improvements and new features in the Sophos Central Admin console, see What's new in Sophos Central.

Components we install

Sophos installs components required for features that aren’t available in your license or that aren’t currently enabled in your Sophos Central policies. This makes it easier to enable the features if you upgrade your license or policies.

Updates that require a restart

Occasionally an update requires a restart. Sophos never forces this restart and there is no impact on protection or threat detection updates during the period before the restart.

We recommend that you schedule a restart during your next maintenance window to ensure that you are running the latest version.

Versions

Components

Sophos Central Server Protection

Windows Server 2008 R2 and later

1.5.6

May 2018

Update

1.5.6

April 2018

1.5.5

February 2018

1.5.4

January 2018

1.5.2

November 2017

Update

1.5.2

October 2017

1.5.1

September 2017

1.4.1

April 2017

1.4.0

January 2017

1.3.0

July 2016

1.2.1

July 2016

1.2.0

May 2016

Sophos Anti-Virus

10.7.6

10.7.6

10.7.6

10.7.6

10.7.6

10.7.6

10.7.2.49

10.6.3.1039

10.6.3.1039

10.6.3

10.4.2.1

10.4.2.1

Threat detection engine

3.70.2

3.70.2

3.70.2

3.70.2

3.70.2

3.70.2

3.69.2

3.68.0

3.66.2

3.65.2

3.65.2

3.64.0

Sophos AutoUpdate

5.8.411

5.8.411

5.8.411

5.8.411

5.8

5.8

5.8

5.6

5.6

5.3.0

5.3.0

5.3.0

Sophos Management Communications System

4.7.15

4.7.15

4.7.15

4.7.15

4.7.15

4.7.15

4.6.0

4.1.1

4.1.1

4.0.1

4.0.1

4.0.1

Server LockDown

7.1

7.1

7.1

7.0.6

7.0.6

7.0.6

7.0.6

7.0.5

7.0.5

7.0.5

7.0.5

7.0.4

Sophos Diagnostic Utility

1.15.0

1.15.0

1.15.0

1.15.0

1.15.0

1.15.0

1.15.0

1.9.2

1.9.2

1.9.2

1.9.2

1.9.2

Sophos Update Cache

1.1.9

1.1.9

1.1.9

1.1.9

1.1.9

1.1.9

1.1.9

1.1.7

1.1.7

1.1.3

1.1.3

1.1.3

Sophos Web Control

1.5.1539

1.5.1539

1.5.1539

1.5.1539

1.5.1539

1.5.1539

1.5.1539

1.3.5

1.3.5

1.3.5

1.3.5

1.3.5

Sophos Malicious Traffic Detection

1.3.2

1.3.2

1.3.2

1.3.1

1.3.1

1.3.1

1.3.1

1.2.4

1.2.4

1.2.4

-

-

Sophos Health

2.0.4

2.0.4

2.0.4

2.0.4

2.0.4

2.0.4

2.0.4

1.2.1

1.2.1

-

-

-

Sophos Security Heartbeat

4.3.2

4.3.2

4.3.2

4.3.2

4.3.2

4.3.2

4.3.2

4.1.1

4.1.1

-

-

-

Sophos System Protection

2.6.0

2.6.0

2.6.0

2.6.0

2.6.0

2.6.0

2.6.0

1.3.0

1.3.0

-

-

-

HitManPro.Alert (CryptoGuard)

3.6.15.616

3.6.14.615

3.6.14.615

3.6.11

3.6.11

3.6.8.604.25

3.6.8.604.25

3.6.3.583

3.6.3.583

-

-

-

SophosClean

3.7.20.1

3.7.20.1

3.7.20.1

3.7.20.1

3.7.20.1

3.7.20.1

3.7.20.1

3.7.14.155

3.7.14.155

-

-

-

Sophos UI

1.3.1

1.3.1

1.3.1

1.3.1

1.3.1

1.3.1

1.3.1

-

-

-

-

-

Sophos Uninstaller

1.2.0

1.2.0

1.2.0

1.2.0

1.2.0

1.2.0

1.2.0

-

-

-

-

-

Sophos Endpoint Defence

1.0.4

1.0.4

1.0.4

1.0.3.28

1.0.3.28

1.0.3.28

1.0.3.28

-

-

-

-

-

Sophos Endpoint Self Help

1.5.23

1.5.23

1.5.23

1.5.23

1.5.23

1.5.23

1.5.23

-

-

-

-

-

Version 1.5.6 Update

HitManPro.Alert (CryptoGuard) has been updated to address a customer issue.

Version 1.5.6

This version adds updated support for the competitor removal tool.

Version 1.5.5

New features

  • Server Lockdown (SLD) now supported on Windows 2016.
  • HitManPro.Alert (CryptoGuard) has been updated to address a number of customer issues.

Version 1.5.4

New features

Sophos AutoUpdate has been updated to include the Registry key required to process the Microsoft January 2018 patch.

Version 1.5.2

New features

  • Sophos Anti-Virus has been updated to support changes in the Windows Server 1709 release.
  • Sophos Device Control has been updated to support the latest devices from Kingston Data Traveler Datalocker IronKey.

Version 1.5.1

New features

  • Sophos Endpoint User Interface

    You can perform some tasks directly on the server such as scanning, checking the security status or cleaning up threats using the new user interface.

Version 1.4.0

New features

  • Sophos Security Heartbeat

    This sends regular reports on the security “health” of servers to Sophos XG Firewalls that are registered with Sophos Central. If a report shows that a server might have been compromised, the Firewall can restrict its network access.

Updated components

  • Sophos Anti-Virus (SAV) has been updated from 10.6.3 to 10.6.3.1039.
  • Sophos Health, Sophos Security Heartbeat, and Sophos System Protection have been added.

Version 1.3.0

New features

  • Malicious Threat Detection

    Malicious Threat Detection (MTD) is now available on Windows servers. This detects traffic between an endpoint computer and a server that indicates a possible attempt to take control of the endpoint. The MTD option is shown as "Detect network traffic to command and control servers" in the Sophos Central server policy.

Updated components

  • Sophos Anti-Virus (SAV) has been updated from 10.4.2.1 to 10.6.3.
  • Malicious Traffic Detection has been added.

Version 1.2.1

Updated components

  • Server Lockdown (SLD) has been updated from 7.0.4 to 7.0.5. This update provides security and performance enhancements.
  • The threat detection engine has been updated from 3.64.0 to 3.65.2.

Version 1.2.0

New features

  • Servers can update from Update Cache

    Windows Servers can now update from a Sophos Update Cache on your network. Previously only workstations could do this. For information about setting up an update cache, see Sophos Central Help.

  • Binary diff-based updating

    Sophos AutoUpdate can now download binary diffs of changed files and serve them to endpoints. This reduces network traffic. However, note that compressed files are only downloaded (not served to endpoints).

  • Web Control

    Sophos Web Control, which lets you control which websites can be accessed, is now supported on servers. You'll be able to set up this feature in your server policies after the next update of Sophos Central (scheduled for May 24).

Updated components

  • Sophos AutoUpdate has been updated from 5.2.0 to 5.3.0.
  • MCS has been updated from 2.0.2 to 4.0.1.
  • Sophos Update Cache has been updated from 1.0.8 to 1.1.3.

Known issues and limitations

Component Issue ID Description
Sophos Cloud agent installer WINEP-1577 The logged on user who runs SophosInstall.exe must be a member of the SophosAdministrator group in order to migrate an on-premise–managed computer to Sophos Cloud. Otherwise, the installation will fail.

If you have experienced this issue, add the user account to the SophosAdministrator group and re-run the installer.

Sophos Cloud agent installer WINEP-1423 When migrating an on-premise–managed computer to Sophos Cloud, a Sophos endpoint software update may cause the installation to fail. This happens when a computer is migrated without using the Sophos Cloud Migration Tool, by running the Sophos Cloud agent installer (SophosInstall.exe) on the computer either interactively or in a quiet mode. The update frequency is configured in Sophos Enterprise Console (Updating Policy > Schedule tab > Check for updates every n minutes) by the Enterprise Console administrator.

To avoid or work around this issue, you can do either of the following:

  • Stop the Sophos AutoUpdate Service before running the Sophos Cloud agent installer.
    1. Check the updating status by right-clicking the Sophos shield in the notification area in the taskbar and ensuring that View updating status is grayed out and cannot be selected. If an update is currently in progress, wait for it to complete before continuing.
    2. Open Windows services: depending on your operating system, click Start > Run and type “services.msc”, or click Start, type “services.msc” in the Start menu search box, and then press Enter.
    3. Right-click on the Sophos AutoUpdate Service and select Stop.
  • Increase the update interval in the updating policy in Enterprise Console to 60 minutes before starting the migration.
  • If you have experienced this error, re-run the installer at a later time when no update is in progress.

Additional information

System requirements

Sophos Central Server protection for Windows Server is supported on Windows 2008 R2, 2012, 2012 R2, 2016 and version 1709. For detailed system requirements, see http://www.sophos.com/en-us/support/knowledgebase/121027.aspx.

Support for migration from on-premise management

It is now possible to automatically migrate a computer managed by Sophos Enterprise Console or Sophos Control Center to be managed by Sophos Cloud. Please see the Sophos Cloud Migration Tool Help for more details.

For known migration issues, see the issues for Sophos Cloud agent installer in Known issues and limitations.

Support for Windows Server 2012 and 2012 R2

  • Endpoint Security and Control uses toast notifications instead of balloon notifications to display messages on screen.
  • If Sophos Anti-Virus cleans up a threat that affects a Windows Store app, it marks the app as tampered with. This causes Windows to offer the user the ability to re-download and re-install the app.
  • Rootkit scanning is not supported on REFS file systems. If the user attempts a rootkit scan on this file system, a message will be logged in the SAV log telling them that rootkit scanning is not supported.

Sophos Device Control

Sophos Device Control does not block removable storage devices that are used as system drives, as this typically destabilizes the operating system.

Shared Windows components

When you install Sophos software, some Windows components that might also be used by non-Sophos software are also installed or upgraded:

Sophos software Shared Windows component
Name File names Versions Date of inclusion with Sophos software
Sophos Anti-Virus Microsoft XML Core Services msxml4.dll 4.30.2100.0 September 2009
msxml4r.dll 4.30.2100.0 September 2009
ATL Library atl90.dll 9.0.30729.6161 December 2014
Microsoft Visual C/C++ Runtime Libraries msvcm90.dll 9.0.30729.6161 December 2014
msvcp90.dll 9.0.30729.6161 December 2014
msvcr90.dll 9.0.30729.6161 December 2014

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2018 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.