Endpoint

Sophos for Virtual Environments

Preview

About these release notes

These are the release notes for Preview versions of Sophos for Virtual Environments managed by Sophos Enterprise Console.

Important

When you install Sophos for Virtual Environments you should always use the installer for the version you are subscribed to. Mismatching versions can cause the installation to fail.

Note

You may find that you cannot yet download and use the latest version on the list below. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.

Version 1.3

Versions

Sophos for Virtual Environments

Version 1.3.2

July 2019

Version 1.3.1

April 2019

Version 1.3.0

January 2019

Version 1.3.2

Updated components

This release includes updates to protect against the TCP SACK PANIC kernel vulnerabilities.

  • We've upgraded OpenSSL to 1.1.1c
  • We've updated Ubuntu kernel patches and updates.
  • We've added temporary mitigation for the kernel panic. After you upgrade, this provides protection until you restart the Sophos Security VM. See https://community.sophos.com/kb/en-us/134289

You must restart Sophos Security VM to apply the security updates. Guest VM agents will remain unchanged on version 1.3.1.

Version 1.3.1

Updated components

  • The threat detection engine has been updated to 3.75.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We now support the following platforms:
    • Windows 10 19H1 support for guest VMs
    • Windows Server 2019 19H1 support for guest VMs

vSphere 5.5 has limited support.

Restart Sophos Security VM to apply the security updates. Guest VM agents will update automatically.

Resolved issues

Issue ID

Description

VIRTHV - 2519

Fixed an issue where Japanese Characters were incorrectly rendered in GVM Scanning Service Event logs

VIRTHV - 2567

Fixed a PCI DSS compliance issue with SVE and SMB

VIRTHV - 2663

Fixed an issue when registering the FQDN for the ESXi host.

Current issues

  • Can't install SVM to Hyper-V from 19H1 32-bit platform. This is valid for the pre release variants of 19H1. This issue only affects the Hyper-V SVM installer.

Version 1.3.0

Updated components

  • The threat detection engine has been updated to 3.73.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We now support Ubuntu version 18.04. You need to reboot when upgrading from previous versions.
  • We now support the following platforms:
    • Windows 10 Redstone 5 support for guest VMs
    • Windows Server 2019 support for guest VMs
    • vSphere 6.7 support for guest VMs

vSphere 5.5 now has limited support.

Resolved issues

Issue ID

Description

VIRTHV-1902, VIRTHV-1903

Fixed a communications issue between the Sophos for Virtual Environments guest agent and the Security VM. A failed connection attempt could result in the guest agent not being able to connect to the Security VM unless it was restarted.

VIRTHV-2299

Resolved an issue where in some instances the networking pages of the Security VM installer were missing some of the relevant information.

VIRTHV-2330

In certain circumstances, the cleanup bundle sent to guest VMs wasn't deleted after use. This took up increasing space. We've changed the deletion process to fix this issue.

Version 1.2

Versions

Sophos for Virtual Environments

1.2.0 Hotfix

April 2018

Version 1.2.0

February 2018

1.2.0 Hotfix

This release addresses a potential security issue in the installation process of the Sophos Guest VM Agent on protected guest VMs.

Upgrading from 1.2.0

The upgrade only impacts the installation of the Sophos Guest VM Agent on new guest VMs. Existing guest VMs do not need to be changed. You will get the updated versions of the Sophos Guest VM Agent automatically.

Version 1.2.0

New features

  • Guest VM migration. You can enable guest VMs to move between Security VMs. This keeps guest VMs protected if they can't connect to their current Security VM. It also spreads the workload between Security VMs.
  • RS3 support. You can now protect guest VMs running Windows 10 RS3 or Windows Server 2016 RS3.
  • Engine update. We've updated the Sophos threat detection engine to version 3.70.2.

Upgrading from 1.1.1

You will be upgraded to 1.2.0 automatically. However, you must do as follows:

If you want Guest VM migration, reinstall Sophos Security VM.

If you don't want Guest VM migration, just restart Sophos Security VM to apply the security updates.

Resolved issues

Issue ID Description
VIRTHV-1274 We've resolved an issue where guest VMs that require SMB message signing or don't allow unauthenticated guest access to SMB shares couldn't access the Sophos Guest VM Agent installer

Version 1.1

Versions

Sophos for Virtual Environments

1.1.1

January 2018

1.1.0

August 2017

Engine update

Version 1.1.1

This release supports the changes required by Microsoft to protect against speculative execution side-channel vulnerabilities (the spectre and meltdown vulnerabilities).

Note

We recommend that you read the Microsoft knowledge base article (KB 4072698), which addresses other steps you may need to take when protecting server platforms against these vulnerabilities.

Upgrading from 1.1.0

You will be upgraded to version 1.1.1 automatically.

Version 1.1.0 Engine update

New features

  • We've updated the Sophos threat detection engine to version 3.69.2.

See Known issues for any new issues.

Upgrading from 1.0.1

You will be upgraded to version 1.1.0 automatically. However, you must restart Sophos Security VM to apply security updates.

Version 1.0

Versions

Sophos for Virtual Environments

1.0.1

June 2017

Engine update

1.0.1

May 2017

1.0

Feb 2017

Version 1.0.1 Engine update

New features

  • We've updated the Sophos threat detection engine to version 3.68.2.

See Known Issues for any new issues.

Version 1.0.1

Upgrading from 1.0

You will be upgraded to version 1.0.1 automatically. However, you must restart Sophos Security VM to apply security updates.

Resolved issues

Issue ID

Description

VIRTHV-1120

Sophos Security VM is now configured with VMXNET 3 virtual NICs. These offer better performance than the "flexible" NICs used previously.

VIRTHV-1163

We've resolved an issue that resulted in Sophos Security VM having an up-to-date status of "Unknown" in Enterprise Console.

VIRTHV-1139

We've resolved an issue that caused Sophos Security VM installation to fail on VMware ESXi if you specified a dynamic port group as the virtual LAN.

VIRTHV-1172

The Sophos Security VM installer for VMware ESXi now checks that the Security VM name does not contain spaces, which cause error messages.

Version 1.0.0

This is the first release of Sophos for Virtual Environments managed by Sophos Enterprise Console.

Known issues

  • When installing the Sophos Guest VM Agent on a Windows server operating system disable Windows Defender, if it is present.
  • Sophos for Virtual Environments limits the number of subnets that can be connected to a Hyper-V Security VM to 3.

Migrate to Sophos for Virtual Environments

You can migrate to Sophos for Virtual Environments from these products.

  • Sophos Anti-Virus for vShield in a VMWare ESXi environment
  • Sophos Anti-Virus running locally on each guest VM in either a VMware ESXi environment or a Microsoft Hyper-V environment
  • Other vendors' anti-virus products in either a VMware ESXi environment or a Microsoft Hyper-V environment

You can find more details in the Sophos for Virtual Environments Startup guide -- Enterprise Console edition.

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2019 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.