We have been experiencing this issue since November of 2017 and finally pinned it down to Sophos as well. I had to disable Web Browser Projection on 900 PCs because this has rendered them useless. Hopefully Sophos can get this resolved. I hope they get the Internet Explorer Lockdown issue fixed as well.

Sorry, after another look, it is only applies to Sophos Web gateway so I don't think it is related. here it is anyway community.sophos.com/.../122679

put https:// before ip

Hi Haridoss, Thanks for the reply. I am actually not looking at multiple hosts, rather I am looking to run multiple SGN Server instances (IIS) on a single host for multi-tenancy support. The documentation though indicates one server per tenant, but it is not clear if that means on SGN Server (IIS) instance per host, or if there can be multiple SGN Server (IIS) instances on a single host using different ports. Are you able to clarify? Regards, Dean Thompson

We're talking about Sophos XG to implement safe search. For it to be implemented well you must enable HTTPs scanning, adding CNAMEs in DNS is different.

Hi, What's the IP of your Switch? Where are your vlan ID's? I assume it's on the layer 3 switch? If yes..create a static route for each vlan. Destination Ip will be your network in each vlan gateway will be your core switch's IP

Great, I have two machines where all the services died randomly, I was forced to uninstall everything, which of course didn't work properly either - managed to get it all uninstalled eventually..but now it wont reinstall: Logs below - any ideas? Probably going to have to refresh these machines. Any Sophos reps care to comment? I notice they never reply to anything. Started C:\Program Files (x86)\Sophos\CloudInstaller\SophosSetup_Stage2.exe 28/02/2018 2:13:23 PM, WARNING : Failed to determine if AutoUpdate is using a custom install location: Failed to query string value : Error code: 2 28/02/2018 2:13:23 PM, INFO : Driver is not already installed. 28/02/2018 2:13:23 PM, INFO : Starting Sophos Endpoint Defense clean installation (1.3.0.369) 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: DisplayName data: Sophos Endpoint Defense 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: Publisher data: Sophos Limited 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: InstallLocation data: C:\Program Files\Sophos\Endpoint Defense 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: UninstallString data: C:\Program Files\Sophos\Endpoint Defense\uninstall.exe 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: DisplayIcon data: C:\Program Files\Sophos\Endpoint Defense\uninstall.exe 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: DisplayVersion data: 1.3.0.369 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: VersionMajor data: 1 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: VersionMinor data: 3 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: URLInfoAbout data: http://www.sophos.com 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: InstallDate data: 20180228 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: HelpLink data: http://www.sophos.com/support 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: Contact data: Sophos Technical Support 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos Endpoint Defense\ value: Comments data: Protects your Sophos Endpoint 28/02/2018 2:13:23 PM, INFO : Registry configured successfully to register to Add Remove Programs. 28/02/2018 2:13:23 PM, INFO : Created new program directory C:\Program Files\Sophos\Endpoint Defense 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\CoreCustomerAdapter.dll to C:\Program Files\Sophos\Endpoint Defense\CoreCustomerAdapter.dll 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\CoreEndpointAdapter.dll to C:\Program Files\Sophos\Endpoint Defense\CoreEndpointAdapter.dll 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\integrity.dat to C:\Program Files\Sophos\Endpoint Defense\integrity.dat 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\NOTICE.txt to C:\Program Files\Sophos\Endpoint Defense\NOTICE.txt 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\public.pem to C:\Program Files\Sophos\Endpoint Defense\public.pem 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\SophosED.cat to C:\Program Files\Sophos\Endpoint Defense\SophosED.cat 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\SophosED.inf to C:\Program Files\Sophos\Endpoint Defense\SophosED.inf 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\SophosED.sys to C:\Program Files\Sophos\Endpoint Defense\SophosED.sys 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\SophosNA.exe to C:\Program Files\Sophos\Endpoint Defense\SophosNA.exe 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\SSPService.exe to C:\Program Files\Sophos\Endpoint Defense\SSPService.exe 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\Telemetry.exe to C:\Program Files\Sophos\Endpoint Defense\Telemetry.exe 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\TelemetryPlugin.exe to C:\Program Files\Sophos\Endpoint Defense\TelemetryPlugin.exe 28/02/2018 2:13:23 PM, INFO : Copying C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\uninstall.exe to C:\Program Files\Sophos\Endpoint Defense\uninstall.exe 28/02/2018 2:13:23 PM, INFO : Binaries copied successfully. 28/02/2018 2:13:23 PM, INFO : SSP AgentInstaller: Installing agents C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Config 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Outbound 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Logs 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Config\Rules 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Snapshots 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Saved Data 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Health 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean\Drop 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean\Staging 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Events 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\Staging 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\CloudOutgoingQueue 28/02/2018 2:13:23 PM, INFO : Creating directory: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\CloudIncomingQueue 28/02/2018 2:13:23 PM, INFO : Directory does not exist C:\ProgramData\Sophos\Sophos Data Recorder\Data. 28/02/2018 2:13:23 PM, INFO : Deleting 'C:\ProgramData\Sophos\Sophos Data Recorder' 28/02/2018 2:13:23 PM, INFO : Directory does not exist. 28/02/2018 2:13:23 PM, INFO : Directory does not exist C:\ProgramData\Sophos\Sophos System Protection\Data\Saved Data. 28/02/2018 2:13:23 PM, INFO : Moving 'C:\ProgramData\Sophos\Sophos System Protection\Data\Health\eph.dmp' to 'C:\ProgramData\Sophos\Endpoint Defense\Data\Health\eph.dmp' 28/02/2018 2:13:23 PM, INFO : File not found: C:\ProgramData\Sophos\Sophos System Protection\Data\Health\eph.dmp 28/02/2018 2:13:23 PM, INFO : Moving 'C:\ProgramData\Sophos\Sophos System Protection\Data\historian.db' to 'C:\ProgramData\Sophos\Endpoint Defense\Data\historian.db' 28/02/2018 2:13:23 PM, INFO : File not found: C:\ProgramData\Sophos\Sophos System Protection\Data\historian.db 28/02/2018 2:13:23 PM, INFO : Deleting 'C:\ProgramData\Sophos\Sophos System Protection' 28/02/2018 2:13:23 PM, INFO : Directory does not exist. 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\Config\SXA.conf' to 'C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf' 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\Config\EPH.conf' to 'C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf' 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\TelemetryPlugin.exe' to 'C:\Program Files\Sophos\Endpoint Defense\TelemetryPlugin.exe' 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\public.pem' to 'C:\Program Files\Sophos\Endpoint Defense\public.pem' 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\Config\Rules\rules.bin' to 'C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\rules.bin' 28/02/2018 2:13:23 PM, INFO : Copying 'C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\sed64\Config\Rules\RCA-binary-load.dat' to 'C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat' 28/02/2018 2:13:23 PM, INFO : About to create subkey 'EndpointDefense' under 'SOFTWARE\Sophos' 28/02/2018 2:13:23 PM, INFO : Setting up pipe key 28/02/2018 2:13:23 PM, INFO : About to create subkey 'Log' under 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:23 PM, INFO : About to create subkey 'Rca' under 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:23 PM, INFO : About to create subkey 'Telemetry' under 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:23 PM, INFO : Registering telemetry plugin 28/02/2018 2:13:23 PM, INFO : About to create subkey 'Acknowledged' under 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:23 PM, INFO : About to create subkey 'EventLog' under 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:23 PM, INFO : About to create subkey 'Incidents' under 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:23 PM, INFO : SSP AgentInstaller: Installed agents 28/02/2018 2:13:23 PM, INFO : Setting up monitoring keys 28/02/2018 2:13:23 PM, INFO : Setting up adapter policy keys 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'corc_revision_id' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'proxy_address' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'proxy_port' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'proxy_credentials' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'detection_feedback_send_data' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'detection_feedback_send_files' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'detection_feedback_on_demand_enable' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'whitelist_sha256s' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'whitelist_certificate_signers' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'corc_revision_id' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnDemandExcludeRemoteFiles' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnDemandExcludeFilePaths' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnDemandExcludeProcessPaths' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'WhiteListFilePaths' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'sample_upload_uri' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'sample_header_names' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'sample_header_values' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_allowed_app_list' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_blocked_app_list' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_blocked_category_list' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_desktop_notifications_enable' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_on_access_enable' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_on_demand_enable' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_report_only_enable' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnAccessEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnReadEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnWriteEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnExecuteEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnAccessExcludeRemoteFiles' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnAccessExcludeFilePaths' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'OnAccessExcludeProcessPaths' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'rca_upload_uri' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'rca_upload_header_names' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'rca_upload_header_values' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'snapshot_upload_uri' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'snapshot_upload_header_names' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'snapshot_upload_header_values' to [] 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'core_revision_id' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'machine_learning_enabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'MalwareDetectionEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'app_control_enabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'SEDEnabled' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'IgnoreSAV' to: 0 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'SEDPassword' to: '' 28/02/2018 2:13:23 PM, INFO : Setting policy value name 'unknown_file_telemetry_sample_rate' to: 1 28/02/2018 2:13:23 PM, INFO : Registry configured successfully to register to Sophos AutoUpdate. 28/02/2018 2:13:23 PM, INFO : Successfully registered MCS adapters. 28/02/2018 2:13:23 PM, INFO : Successfully registered telemetry plugin. 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\Services\EventLog\Application\Sophos System Protection value: CategoryCount data: 15 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\Services\EventLog\Application\Sophos System Protection value: CategoryMessageFile data: C:\Program Files\Sophos\Endpoint Defense\SSPService.exe 28/02/2018 2:13:23 PM, INFO : Wrote HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\Services\EventLog\Application\Sophos System Protection value: EventMessageFile data: C:\Program Files\Sophos\Endpoint Defense\SSPService.exe 28/02/2018 2:13:23 PM, INFO : Successfully registered SSP event log source. 28/02/2018 2:13:23 PM, INFO : Installing Sophos System Protection Service ... 28/02/2018 2:13:23 PM, INFO : Sophos System Protection Service successfully installed. 28/02/2018 2:13:23 PM, INFO : Registered SED to be tamper protected. 28/02/2018 2:13:23 PM, INFO : Installing driver... 28/02/2018 2:13:23 PM, INFO : Driver successfully installed. 28/02/2018 2:13:23 PM, INFO : Starting Sophos Endpoint Defense... 28/02/2018 2:13:26 PM, ERROR : Failed to start service - Sophos Endpoint Defense with error 31. 28/02/2018 2:13:26 PM, ERROR : Error installing Sophos Endpoint Defense: Failed to start service. 28/02/2018 2:13:26 PM, INFO : Starting rollback of failed installation. 28/02/2018 2:13:26 PM, INFO : Starting Sophos Endpoint Defense uninstallation (1.3.0.369) 28/02/2018 2:13:26 PM, WARNING : Failed to query if the driver can be unloaded or service stopped. 28/02/2018 2:13:26 PM, INFO : Stopping Sophos System Protection Service ... 28/02/2018 2:13:26 PM, INFO : Sophos System Protection Service successfully unregistered. 28/02/2018 2:13:26 PM, WARNING : Skipping unload - Driver is already unloaded. 28/02/2018 2:13:26 PM, WARNING : Failed to unregister SophosNA from SMSS with exception: RegGetValueW failed. Error: 1630. Value name='BootExecute'. 28/02/2018 2:13:26 PM, WARNING : SophosNA.exe has already been removed from System32. 28/02/2018 2:13:26 PM, INFO : Sophos Endpoint Defense successfully unregistered. 28/02/2018 2:13:26 PM, INFO : Unregistering MCS adapter: CORC 28/02/2018 2:13:26 PM, INFO : Wait for unload: C:\Program Files\Sophos\Endpoint Defense\CoreCustomerAdapter.dll 28/02/2018 2:13:26 PM, INFO : Unregistered CORC MCS adapter. 28/02/2018 2:13:26 PM, INFO : Unregistering MCS adapter: CORE 28/02/2018 2:13:26 PM, INFO : Wait for unload: C:\Program Files\Sophos\Endpoint Defense\CoreEndpointAdapter.dll 28/02/2018 2:13:26 PM, INFO : Unregistered CORE MCS adapter. 28/02/2018 2:13:26 PM, INFO : Unregistering MCS adapter: SED 28/02/2018 2:13:26 PM, INFO : SED adapter unload not needed: MCS adapter does not exist. 28/02/2018 2:13:26 PM, INFO : Unregistered from Sophos AutoUpdate. 28/02/2018 2:13:26 PM, INFO : Unregistered telemetry plugins. 28/02/2018 2:13:26 PM, INFO : Unregistered SSP event log source. 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\CoreCustomerAdapter.dll 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\CoreEndpointAdapter.dll 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\integrity.dat 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\NOTICE.txt 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\public.pem 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\SophosED.cat 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\SophosED.inf 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\SophosED.sys 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\SophosNA.exe 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\SSPService.exe 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\Telemetry.exe 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\TelemetryPlugin.exe 28/02/2018 2:13:26 PM, INFO : Removed file: C:\Program Files\Sophos\Endpoint Defense\uninstall.exe 28/02/2018 2:13:26 PM, INFO : Removed program directory C:\Program Files\Sophos\Endpoint Defense 28/02/2018 2:13:26 PM, INFO : SSP AgentInstaller: Uninstalling agents 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\rules.bin' 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat' 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf' 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf' 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\ProgramData\Sophos\Endpoint Defense\Data\historian.db' 28/02/2018 2:13:26 PM, INFO : Unregistering telemetry plugin: SOFTWARE\Sophos\Telemetry\Plugins\SSP 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\Program Files\Sophos\Endpoint Defense\TelemetryPlugin.exe' 28/02/2018 2:13:26 PM, INFO : File does not exist. 28/02/2018 2:13:26 PM, INFO : Deleting 'C:\Program Files\Sophos\Endpoint Defense\public.pem' 28/02/2018 2:13:26 PM, INFO : File does not exist. 28/02/2018 2:13:26 PM, INFO : Removing pipe key 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'Log' from 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'Rca' from 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'Telemetry' from 'SOFTWARE\Sophos\SystemProtection' 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'Acknowledged' from 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'EventLog' from 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:26 PM, INFO : About to delete (if exists) subkey 'Incidents' from 'SOFTWARE\Sophos\EndpointDefense' 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\CloudIncomingQueue 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\CloudOutgoingQueue 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Events\Staging 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Events 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean\Staging 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean\Drop 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Clean 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Health 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Saved Data 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Data\Snapshots 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Config\Rules 28/02/2018 2:13:26 PM, INFO : Folder not empty, not deleting: C:\ProgramData\Sophos\Endpoint Defense\Logs 28/02/2018 2:13:26 PM, INFO : Folder empty, deleting: C:\ProgramData\Sophos\Endpoint Defense\Outbound 28/02/2018 2:13:26 PM, INFO : Folder not empty, not deleting: C:\ProgramData\Sophos\Endpoint Defense\Data 28/02/2018 2:13:26 PM, INFO : Folder not empty, not deleting: C:\ProgramData\Sophos\Endpoint Defense\Config 28/02/2018 2:13:26 PM, INFO : Folder not empty, not deleting: C:\ProgramData\Sophos\Endpoint Defense 28/02/2018 2:13:26 PM, INFO : SSP AgentInstaller: Successfully uninstalled agents 28/02/2018 2:13:26 PM, INFO : Unregistered from Add Remove Programs. 28/02/2018 2:13:26 PM, INFO : Successfully uninstalled Sophos Endpoint Defense. 28/02/2018 2:13:26 PM, ERROR : SetupPlugin install error: Failed to start service.

Hi Andy, Thanks for the update. I just did a check on my endusers, apparently the issue has resolved by itself. No longer showing "services not running". Cheers!

I had trouble understanding some details in sophos mobile security app and really don't like the password used to get into phone, so I uninstalled the app. However, I think I uninstalled the app like I would for other apps and still have the password entry for phone. What to I need to do to get a clean removal of app including no password.?

Guide to install Sophos VPN mobile

Thank you for reply , but you mean static route

Hi, I have exect the same Problem on customer site, and it seems with this bug it is impossible to change exiting SMTP-profiles with AD recipient verification check is enabled. Changed profile will not be saved. Is there a workaround for this bug, or is there a possibility to change this profile at command line (I have to delete a domain entry)? regards, Thomas

Hello Robert Neal, rats, I was wrong regarding the Not since vs. Updated successfully . Finally I've got a set of logs and it looks like (well, one sample is not statistically relevant) the issue is somewhere else. On the endpoint iupd.cfg (from %ProgramData%\Sophos\AutoUpdate\Config\ ) is almost empty, i.e. just the [global.IntelligentUpdating] section is there, but not the subscription for SAVXP and RMSNT. Thus it doesn't attempt to update these, as the rest succeeds it naturally says Update successfully , SAVXP has not been updated and SEC correctly reports Not since . If you still have some machines with this seemingly contradictory status could you check iupd.cfg on them? Christian

Hello EricKant, what should Central-in-a-Box do for you? Do you want the look and feel of Central on the on-premise SEC? Or something else? Christian

Very bad support here 100% agree. Feels like the End of UTM, because of their focus to XG. Unfortunatly the software quality here is even worse. Sad since I worked already with Astaro 6. BTW: My case got closed with the resolution "fixed in version 9.508". So there will be 9.507 and 9.508...

As I indicated on Feb 13, you SHOULD distribute your UTM CA Certificate, because it is needed for Block and Warn pages (anytime an HTTPS site is blocked or warned, even with inspection disabled. Apparently your UTM had a memory corruption, which was cleared by the reboot. Either it tried to block/warn but had a problem with the block/warn page so it displayed the target page anyway, or as you suggested, it thought https inspection was supposed to be on for that site. Given that you randomness was between display-normal and display-with-CA-cert, the latter probably fits the scenario better.

I have 9.507, you don't?

Hi, I am trying to deploy a SVE 1.2 SVM on VMware6.0. The deployment fails with the error message: failed to deploy ssvm: hostname u'[IP ADDRESS]' doesn't match '[ESX HOST NAME] The first error in the log file is: 2018-02-28 12:36:08,335 [INFO][19080][ControllerProgress.__updateState]: State of '[ESX HOST NAME]' changed to 'Failed to send: C:\SVE certs\ESXI1-SVEVM.pfx' Any idea what could be causing this or how to proceed? thanks in advance!

Hello Dave, What have you entered into your 'Permitted Network Resources' section of the SSL VPN settings? This is where you enter the subnet for the internal LAN you want to access. Thanks.

A customer cant install sophos central. It is given an error cannot register with sophos central. What can I do about this