Thread Info
  • State Suggested Answer
  • +3 person also asked this people also asked this
  • Replies 35 replies
  • Answers 1 answer
  • Subscribers 18 subscribers
  • Views 42261 views
  • Users 0 members are here
Options
Suggested

10.0.3 Update - SophosScanD stopped

Sam Shrefler

Immediately after an autoupdate installed 10.0.3, SophosScanD is now no longer able to run.   When I run the diagnostic tool, it says the System Extensions "Sophos Can Extension" and "Sophos Network Extension" aren't met, but under privacy settings all Sophos services and extensions are checked.

Top Replies

  • in reply to Ben Welch +2

    My users found that the 2 items that need to be allowed were under General, Advanced once you unlock with your credentials...and there is a prompt at the bottom of the screen saying "Some system software requires your attention before it can be used". You then click Details button and will find SophosWebNetworkExtension and SophosScanD both of which need to be selected. Also not the comment above that says the system needs to be restarted before it can be used. For my users once they have selected the 2 options and restarted SophosScanD is shown as working. Hope this helps.

    Jump to answer
Parents
  • 0

    Hi Sam,

    Can you let us know the output to:

    systemextensionsctl list

    Are you using and MDM solutions such as JAMF?

    An SDU would be helpful for our investigation:

    • Go into Central, find the device, and click on the generate SDU button
    • Once the sdu is uploaded, post the file name here so we can extract it and take a look
  • 0 in reply to David Lancaster

    2 extension(s)
    --- com.apple.system_extension.network_extension
    enabled active teamID bundleID (version) name [state]
    * 2H5GFH3774 com.sophos.endpoint.networkextension (10.0.3/221820) networkextension [activated waiting for user]
    --- com.apple.system_extension.endpoint_security
    enabled active teamID bundleID (version) name [state]
    * 2H5GFH3774 com.sophos.endpoint.scanextension (10.0.3/221821) com.sophos.endpoint.scanextension [activated waiting for user]

    Yes, we use WorkspaceOne for our MDM

Reply
  • 0 in reply to David Lancaster

    2 extension(s)
    --- com.apple.system_extension.network_extension
    enabled active teamID bundleID (version) name [state]
    * 2H5GFH3774 com.sophos.endpoint.networkextension (10.0.3/221820) networkextension [activated waiting for user]
    --- com.apple.system_extension.endpoint_security
    enabled active teamID bundleID (version) name [state]
    * 2H5GFH3774 com.sophos.endpoint.scanextension (10.0.3/221821) com.sophos.endpoint.scanextension [activated waiting for user]

    Yes, we use WorkspaceOne for our MDM

Children