Release Notes & News

New Techvids Release - Sophos Central: Server Lockdown

2023-03-28T18:58:23Z

Simon from the Sophos Support team provides an overview of the Server Lockdown feature and how to configure it in Sophos Central. Watch the video: https://techvids.sophos.com/share/watch/csLxXqQjspCN2MxvzvLvvQ Related Documents Server Lockdown ...(read more)

New Techvids Release - Sophos Central: Create Scanning Exclusions

2022-11-25T18:45:19Z

In this video, Benedict from the Sophos Community shows you how to create Scanning Exclusions in Sophos Central. Adding Scanning Exclusions is the easiest way for customers to allow blocked applications, websites, or Potentially Unwanted Applica...(read more)

Coming Soon: Sophos Central updated look and feel

2022-06-07T22:10:00Z

In early July, Sophos Central sign-in screens and user interface will get an updated look and feel. While no functional changes are occurring, the user interface throughout Central will get: Updated colors Clean and modern font ...(read more)

Sophos Central: Recovering Tamper Protected Devices

2021-12-15T23:14:00Z

Follow along as Kushal from the Sophos Community team goes over how to recover a tamper-protected machine. Watch the full video: https://techvids.sophos.com/watch/BCRVKNsqy67fwPvdg7vZu8 Current OS Recovery covers the following systems:Windows 1...(read more)

Sophos Central Endpoint: Automated Software Deployment

2021-12-08T22:16:00Z

Follow Glenn, from the Sophos Community, as he walks you through automating your Sophos Central Endpoint deployment using an active directory via a start-up script. Watch the full video: https://techvids.sophos.com/watch/VgBe2uXdhckAp674xP26N5&n...(read more)

New Sophos Central login experience coming soon

2021-12-06T19:18:00Z

[Updated 12/7/2021 - Clarity regarding MFA] Hi, everyone - We wanted to give you a heads up about a new Sophos Central login experience that will be launching early next year. Beginning in mid-January when logging in, users will enter only their ema...(read more)

Sophos Central: How to Configure Controlled Updates

2021-12-01T21:29:00Z

Follow Simon Fu, from the Sophos Community, as he walks you through the process of configuring controlled updates in Sophos Central. Find the documentation here. Watch the full video: https://techvids.sophos.com/watch/KNFpPzKdvDijDQx3Atez9M&nbs...(read more)

Sophos Central: AD Sync Authentication No Longer Supported

2021-09-29T23:00:00Z

As of November 30th, 2021, Sophos will no longer support authentication into Sophos Central using admin credentials from the AD Sync utility (username and password); consequently, sync operations will start failing. API credentials will be ...(read more)

Protecting Sophos Central admins with multi-factor authentication (MFA)

2021-08-10T13:00:00Z

Starting in September, Sophos will be requiring multi-factor authentication (MFA) for all Sophos Central administrators. No action is necessary at this time. Beginning in early September, any Sophos Central administrators who aren't already usi...(read more)

Sophos Licensing: Scheduled maintenance on Saturday, August 8th from 7am to 10am (UTC)

2020-08-07T14:48:00Z

Hi All,

Please note that we are completing maintenance work on Saturday, August 8th between 07:00am to 11:00am (UTC).

Customers may have limited functionality during this window. Registrations and key activations will be unavailable during this period:

XG device registration should be re-tried after the maintenance window
Central Assets and Evaluations will not be synced during this time, manual re-sync will be performed by Sophos after the maintenance window.
SG UTM & Cyberoam devices are not impacted
On-Prem licenses with credentials are not impacted

Note: For customers experiencing continued issues after the maintenance window is complete (11:00am UTC), please contact Sophos Support.

Sophos Central Migration Tool v2.1.0 has been released

2020-07-28T17:02:00Z

Hi everyone,

Sophos Central Migration Tool v2.1.0 has been released! This tool helps administrators to move management of protected computers from Sophos Enterprise Console 5.0 and later to Sophos Central. Please see the following articles for more information:

Note: All versions of the Sophos Central Migration Tool prior to version 2.1.0 retire on the 31st July 2020. From this date, they will no longer work and will not be able to migrate computers.

Regards,

Yashraj

What's New in Central? - Jul/Aug 2019

2019-09-01T19:42:00Z

Hola, my digital chums. To all my American friends, I hope you had a wonderful National Honey Bee Day as well as enjoyed the month-long celebrations of National Hot Dog Month and National Ice Cream Month... (seriously, whatever you guys are on, I want some).

Sophos Central decided to skip having a summer holiday this year to ensure you and all your assets are safe and sound while you sun yourselves and drink Mai Tais by the pool (ain't you a fancy pants).

Ehem... So let's find out what delightful summer treats our Central engineering wizards have been working on!

General Availability
- Customizable Roles for Partner and Enterprise
- Email TLS Enforcement
Early Access Program
- EDR Threat Indicators EAP
- Email Data Loss Prevention EAP

(Feel free to click on any of the numbered items above to jump straight to any item in particular.)

General Availability

By General Availability (GA), we mean that this functionality has been released and is ready for you to dive into and start using. Often, new products or features first start out as Early Access Programs (EAP) before they become Generally Available after we've had your insights and feedback, helping us deliver the best possible products.

Customizable Roles for Partner and Enterprise

Thanks to awesome feedback from our community, we've added in the ability to create custom administrative roles for both the Partner and Enterprise interfaces.

Sometimes you want to share responsibility for your security amongst your admins so that you can distribute the workload and control access through segmentation.

Maybe you don't want the frontline helpdesk having access to changing policy and seeing the logging. Perhaps the network team want to own configuration and management of web, email, wireless, and firewall, and the endpoint team want to own endpoint, server, mobile, encryption, and phishing.

It's your call with custom roles. We think they're simple and flexible and we hope you do too!

Email TLS Enforcement

Want to make sure all the email servers you're sending mail to and receiving email from is always done so with Transport Layer Security (TLS)? We got you, fam.

Just flick on TLS Enforcement, either inbound only, outbound only, or bi-directional, and tell us which domain you want it enforced for (wildcards supported too). S I M P L E S^{S^{S^{S^S}}}

Early Access Programs

EAPs are our way of letting customers get access to upcoming products and features ahead of their release. This month we are launching two new EAPs which customers can join right away and get their hands on our latest innovations before they are released.

EDR Threat Indicators EAP

Firstly, I need to get something out of my system.

Aaaaaaaaaaaaaaah, much better. This is an EAP I've been exceptionally excited for.

EDR - Endpoint Detection and Response - is one of the hardest activities there is in security. In essence, trying to find the threats that snuck past your defenses and, once found, launching an all-out tactical assault upon them (HADOUKEN!).

Where do you even start?! Staring into an abyss of tables of uncorrelated data and logs, row after row, record after record. Taking a wild stab at a few queries and pounding your head against the keyboard until your forehead looks like a cobblestone road?

Nope, none of that, silly. You just take a look at the Threat Indicators of course!

Threat Indicators are a queue of suspicious items that our machine learning models have detected on your network. Dive into your Threat Analysis Center to see both the dashboard widget as well as a link in the leftnav to the Threat Indicators queue.

Our architecture does not rely on a single machine learning model to find these indicators. Instead, multiple models share their intelligence with each other to provide context - much in the same way that humans correlate information from multiple logs and sources to build a bigger picture.

View the details on an indicator, see what machines it has been found on, whether is has executed (run on the machine), and even submit the indicator to SophosLabs for analysis - a fancy, detailed report on its capabilities and nature will be displayed.

You can even generate a threat case to instantly identify the root cause, showing the chain of events that explains how that threat made it on to the machine in the first place.

This is a feature that will always be constantly tweaked and improved through the use of new and additional machine learning models as we attempt to close the gap and automate the time-consuming (for humans) activity of identifying suspicious events.

Kevin has great coverage of this awesome EAP on the Community blog and even has a link to a fab video demo on Vimeo too! Nice one, Kev.

Email Data Loss Prevention EAP

Email is still one of the most common ways users accidentally (or purposefully) send personally identifiable information (PII) and other forms of sensitive information outside of the company network. GDPR and its giant fines for data loss say hi.

Put a stop to emails with data-leaky body content and attachments, inbound and outbound, with our latest enhancements to our existing content control policies.

Policies are a snap to create using our pre-made Content Control Lists (CCLs) that cover a broad spectrum of data types for PCI, HIPAA and more such as credit card information, social security information, addresses, telephone numbers and healthcare records.

Feel free to create your own CCLs with regex support for easy pattern matching for any type of data (except HTML, you can't parse HTML with regex. Because HTML can't be parsed by regex). The policy wizard guides you through every step of building a quality rule so you won't have to spend ages dwelling through configuration settings.

Reporting looks pretty too!

Richard has posted a really detailed article on our Community blog covering all these new features so make sure you head over and give it a jolly good read!

They say that nothing perfect lasts forever... Here marks the end of yet another What's New in Sophos Central. I'm sure going to miss you all! Aw shucks, who's cutting onions? Quick, cut to the facts!

The offsprings of two sets of two identical twins are technically cousins, but genetically siblings. Probably crashes Ancestry.com too.
That wonderful smell of freshly cut grass after you've mowed the lawn is actually a chemical distress signal. Basically you're smelling the deliciously silent screams of the hundreds of thousands of poor defenseless blades of grass you just mercilessly shred into tiny pieces. How could you!?

What's New in Central? - May/Jun 2019

2019-07-01T14:52:00Z

Well well well, what do we have here? A bunch of superturboawesome Sophos Central bells and whistles to make your minds drool? YUP!

It's that time of the everytwomonths when I dust off the old typewriter (Kremlin know how to security good) and write about what's new in Sophos Central. So let's have at it!

General Availability
Coming Soon
- AD Sync for Devices and Groups

(Feel free to click on any of the items above to jump straight to any item in particular.)

General Availability

Intercept X for Server with EDR

Sound the trumpets - Endpoint Detection and Response (EDR) is finally here for Intercept X for Server. Everything you know and love from Intercept X with EDR for endpoint now applies to Server too!

EDR is a suite of features that enable even the most general of sysadmins to take on the roll of threat hunter, threat analysis, and incident responder. Hunt down indicators of compromise across your entire estate of endpoints and servers, submit files directly to SophosLabs for detail yet simple to understand analysis, and more!

This release is specifically of EDR v1.1, which we shipped to endpoint back in April. Kevin in the Product team posted about this wonderful release on Sophos Community so make sure you give his post a read. For more info specific to this Server release, the Sophos News post from Alex in the product team dives into more detail.

UI Improvements for Unified Endpoint Management

Our Unified Endpoint Management (UEM) team have been working away on a number of user interface improvements to make using Sophos Mobile even more of a joy than it already is.

The first fancy new UI feature is the dynamic Central Overview dashboard widget. This widget changes what it displays based on the deployment status and health of your UEM-managed devices.

If you haven't got any managed devices (but you're licensed for Mobile), the widget will highlight you have no devices managed and will guide you to start managing them. Once you have managed devices, the widget will start displaying the health information of those devices, highlighting that you have devices without good health that need investigating. Once all your devices have good health, the widget displays the platform breakdown of your estate (how many Android, how many iOS, etc).

Next, you'll now find mobile devices are deeply integrated into Central, visible within the Devices page in the Overview section - all your devices in one place. You'll easily see the management status of each device, whether Sophos Secure Workspace or Sophos Mobile Security are installed, as well the device name, OS, device user, and last communication timestamp. You'll also get a handy filter to filter by OS, device health, and last sync time.

The last new UI feature is the device page in the Central Overview (when you click on a mobile device in the device list). Device events, status, information, and quick summary of the deployment status are all visible here, as well buttons for each of the important actions you might need to make such as locate, lock, unenroll, and wipe. Oh, and there's a button to jump you into the dedicated Mobile section, saving you the time clicking through the left navigation menu for Mobile and finding the device again.

Kudos for the whole team on this - I LOVE Sophos Mobile and have been using it to manage my own devices for several years now. True story; Sophos Mobile saved me from losing a rental car in a jungle in Thailand. I got... somewhat lost... while out walking in the jungle, looking for a famous albeit secluded waterfall. The genius that is me had also left his phone in the car to charge... With the help of a German tourist, a few weeks of Duolingo's German course, and their phone (Danke schön) I was able to log into Sophos Central and trigger the locate feature. One minute later and I knew exactly where the car was (and enjoyed a nice leisurely two hour walk back to where it was). Thanks team!

Improved Installer for macOS

For all of you macOS admins with a passion for the command line and/or scripting, we've updated our macOS endpoint installer so it now supports a number of handy arguments so that you can easily configure the installation. This aligns our macOS installer with our Windows installer which also supports command line arguments for configuration.

These new arguments are perfect for our Partners who manage multiple customers in Sophos Central and for customers using scripted deployment tools. You can configure everything from the customer ID where you want the endpoint to be assigned, set proxy authentication credentials, change the computer description, change the username from machine/username to domain/username, select Message Relays to ease WAN bandwidth use during install, and much more.

Drop by our knowledgebase to see full details on these new command line arguments.

Cloud Optix Updates

If you read last month's post (and if you didn't, count my feelings well and truly hurt), you'll have heard all about the security, oversight, and compliance wonders we've brought to public cloud environments through our new product Sophos Cloud Optix.

We've just released a number of enhancements to Cloud Optix that we think you're going to love. We’ve given network visualizations for Amazon Web Services a new look and the ability to show Sophos UTMs. We’ve also added more Microsoft Azure security and compliance features, visualizations for Google Cloud Platform, an option to change how often environments are scanned, and more.

I won't go into much more detail and ruin the surprise as Richard has given a great writeup of these new features (and I'd just be copying and pasting to be honest) so jump over to our Community blog and read on.

Smart Banner Customization for Email

I'll keep this one short and sweet. If you take your mind back to last month's post (because you totally read it, right? You wouldn't want to hurt my feelings, would you?) you'll remember the brilliant new feature called "Smart Banners" for Sophos Email. When enabled, these banners are automatically added to emails and highlight whether the email is trusted, unknown, or untrusted. As of now, you can customize the text in these smart banners. Niiice.

Quarantine Un-Scanned Emails for Email

Another short and sweet one for you. For inbound emails that we've been unable to successfully scan, you can now select to quarantine the email (in addition to delete and deliver).

Possible causes for un-scannable content:

Inability to access the file
Corrupt file
Correct identification of a file, but unexpected content is encountered
Scanner times out
Large compressed attachment

Coming Soon

Coming Soon is a section where I put things that are so ridiculously close to release that I didn't want to wait until next time to write about. As soon as they're out, I'll come back here and ninja edit this... No-one will ever know...

AD Sync for Devices and Groups

This is one we know many of you have been asking for. You may have heard us talking about this feature as "Device Discovery".

In short, we're updating our Active Directory Synchronization tool to, in addition to syncing users and user groups, include the ability to sync computers and servers as well as their group structure into Central in order to make management much more straightforward. Once you've set up a sync, you'll be able to see any devices you aren't already protecting and managing right from within Central itself. Crackin'!

We're also adding in the ability to reset your sync data which will remove all groups and devices (unless they're currently protected with cybercrime-fighting Sophos ninjas like Intercept X) and also an option to repair the links between devices in Central and their Active Directory counterparts (because we all know that admin that "tidies" up the AD structure for "fun).

You're still here? It's over. Go home. Go! (#saveferris) Oh, you're expecting my fun facts, are you? Greedy. Okay. Fine. Here you go, you insatiable monster.

Koala fingerprints are so indistinguishable from humans that they have, on occasion, been confused at a crime scene. Good thing my partner in crime is Blinky Bill!
Cleopatra (VII Philopator, the last active ruler of the Ptolemaic Kingdom of Egypt) lived closer in time to the opening of McDonalds than to the construction of the Great Pyramids. Sadly the nearest McDonalds is 2.2km away but there's a great Pizza Hut 5min away.

@secbug

What's New in Central? - Mar/Apr 2019

2019-04-26T17:36:00Z

Howdy, folks! My oh my, things never seem to slow down in the world of Sophos Central. This post covers five awesome new features and products that have gone General Availability (our nerdy way of saying "released" or "you can buy dis").

I imagine this isn't your first "What's New in Central?" rodeo so I'll cut to the chase. Let me say it for you... SHOW ME WHAT YOU GOT!

General Availability

(Feel free to click on any of the items above to jump straight to any item in particular.)

General Availability

Cloud Optix

Oh boy oh boy oh boy. This is a big one!

More and more businesses are making the move to the public cloud, using providers such as Amazon Web Services, Google Cloud, or Microsoft Azure (<- we support these). The days of having racks of servers in your office are coming to an end. But with moving your infrastructure to the cloud, that comes with a lot of risks and a whole bunch of complexity. How do you maintain oversight, insight, and control over infrastructure you can't touch?

We launched Sophos Cloud Optix to address these issues. You can be up and running in less than 10 minutes (srsly) all you need to do is provide us with an API key for your Azure, AWS, or Google Cloud environment. Immediately you'll be able to accurately see what you have running in the cloud at all times.

Boom. An instant network diagram showing you where traffic (and data!) is flowing in, out, and within your fluffy cloudy stuff.

Combined with the power of our AI (<3 SophosLabs) and automation capabilities, compliance, governance and security monitoring in the cloud has never been so easy.

From detection of suspicious traffic patterns on the network (i.e. a data breach in action), shared access keys to your cloud provider account, and data storage left open to the public internet and more (and more... and more...). All areas that can see a company hit the headlines for the wrong reasons. So many of the major data breaches that have hit the news in recent months have been due to something as simple as AWS S3 buckets, simply misconfigured by the admin that set them up. Cloud Optix has your back!

In an ever-changing, auto-scaling public cloud environment, automatically detecting changes to your cloud environments in real time is a life saver. Cloud Optix continuously monitors compliance, with custom or out-of-the box templates for standards such as SOC2, HIPAA and GDPR – with reports generated in seconds.

Do yourself a favour and hop on over to Sophos News and read all about this truly awesome new product. You won't be disappointed!

Intercept X EDR v1.1

EDR just levelled up and learned some new tricks along the way!

Modern attacks aren't just viruses or worms these days. More and more, SophosLabs are seeing attackers make use of built-in features of Windows to perform the majority of their attack. PowerShell, a scripting tool that's part of Windows, is heavily used by attackers to circumnavigate poor endpoint defenses.

We've long had capabilities, as part of Intercept X, to detect and block these kinds of attacks but now, with EDR v1.1, you'll have insight into the command line arguments used to run PowerShell, who ran it, when, where, what process initiated it, and a fingerprint of that process (so you can do some hunting for it using our existing Threat Hunting feature in EDR or share intelligence with your allies).

There are plenty of more features to come as we work our way towards v2.0. For now, head on over to Sophos News where we've got a great video to explain more.

Smart Banners for Email

Let's face it. Users continue to struggle to identify a safe email from a risky one. Social engineering attacks ( continue to rise and email remains one of the most popular vectors cybercriminals use to initiate their attacks.

Sophos Email now has a Super Handy New Feature™ - an easy to understand, color-coded banner that we'll add to incoming emails to let you know whether it's trusted, unknown, or untrusted. In addition, we include a handy button to quickly add a sender to your personal "allow" or "block" lists.

Richard has put together a great post on our Community blog so head on over and learn more about this risk-reducing feature (Super Handy New Feature™)!

Encryption for Email

Fresh out of our Early Access Program, our shiny encryption buffs for Sophos Email have been released. This is arguably the easiest email encryption solution out there, with an awesome portal for recipients to securely reply to your emails without any complex key exchange necessary.

I talked about this last month during the Early Access Program so feel free to read that, or jump on over to the Community blog where there's a bunch more detail including a great video!

Enhanced Alert Notification Settings

Last but absolutely not least is a huge overhaul and expansion of our alerting features in Sophos Central.

Every admin is different. Some admins want an alert for each and every event that happens in their network, some only want to know about specific types of events, some only care about specific devices that they are responsible for (my machines!). We heard your thoughts and feelings around alerts and we decided to completely revamp how we do alerts and give you all the flexibility you could possibly want.

	Not every admin needs to receive alerts (managers, you're welcome) so you can now easily flick on or off which admins will get any alerts at all.
	Sometimes you need alerts to go to an email address that isn't registered as an admin in Central (for instance a distribution list for a team or the inbox of a funky app that turns emails into dashboard events). Just add that email address and they'll start getting alerts!
	Some types of events you might want to hear about immediately, some events maybe once a day or not at all. With the new frequency feature, you can configure alert email frequency by the severity of the event, the type of product, or the category of the event itself. Immediately, Hourly, Daily, Never. There's are your frequencies. For now at least. Use it and tell is your experience.
	If you're browsing through the alerts page and spot a type of event you want to be alerted for differently, you can set an exception right from the alert itself! (An act of love, we know :P)

And if you're not happy with all that amazing flexibility, you can create custom rules to use all the features above in different combinations, with different frequencies, for different admins or admin roles... You're in control of alerts now and we've given you a HUGE amount of flexibility here to ensure you can have the kinds of alerting you want.

Check out the documentation if you want to learn more.

Phew! We made it. Until next time... Th-Th-The, Th-Th-The, Th-Th... That's all, folks! As usual, I'll leave you with two fun facts:

The blob of toothpaste you put on your brush - that has a name! It's called a "nurdle". Not to be confused with a "nurgle" (something you really don't want to do - ask any Warhammer fan).
Hippopotamus' milk is pink. Don't ask me how I know. Don't.

@secbug

What's New in Central? - Jan/Feb 2019

2019-02-22T11:34:00Z

Greetings my sophisticated friends and a happy February to you all! As always, the Central platform is bustling with new features and early access programs. Attackers never cease to innovate and neither do we - take that badguys #boomheadshot. Yup, I'm as professional as ever... Moving swiftly on.

This month we have a huge number of truly awesome things to tell you about so kick back with a hot cup of cocoa and read on.

General Availability
Early Access Program
- Intercept X for Server EDR EAP
- Email Encryption EAP

(Feel free to click on any of the numbered items above to jump straight to any item in particular.)

General Availability

XG Firewall Management

This is a landmark release - Sophos XG Firewall has now joined the Sophos Central platform! You can now connect your XG Firewall to your Central account and remotely manage it wherever you are - no complicated configuration required.

We've developed a secure and innovative way to provide full access to a connected XG Firewall's interface so that you can jump into the firewall right from within your Central account. This is fantastic for managing appliances that are all over the globe, in different offices or regions, without the need to expose the web admin to the internet or configure VPN tunnels.

This release marks a major milestone in our vision for the Sophos Central cybersecurity platform. All major pillars of effective cybersecurity can be orchestrated from a single platform, through a single console, completely redefining what it is to do security.

We couldn't be prouder!

Head on over to the Sophos Blog to learn more about this amazing release.

Threat Analysis Center

With the advent of bringing EDR to Intercept X for Server, and our exciting plans for our intelligent EDR solution over the course of 2019, we are launching a whole new section of the Sophos Central Admin dashboard - the Threat Analysis Center.

All Threat Cases, and Threat Searches, across all device types - endpoints and servers - will be unified into the Threat Analysis Center. As we evolve our EDR solution over the coming months, this new section will provide a single location for detection and remediation to be performed, as well as investigations and analyses of threats.

You can find the new Threat Analysis Center right in the Overview of the Sophos Central Admin dashboard as you log into Central.

More details can be found on our Community blog.

Sign In with Azure AD

We've extended the authentication options for Central Admin, Enterprise, and Self-Service to now support Microsoft Azure AD Federation.

This means you can leverage your existing Azure AD credentials to log into Central, as well as enabling the use of whatever 2FA/MFA you're using in Azure. And don't panic - your credentials aren't exposed to us - Azure AD handles the authentication on our behalf.

To get this working, you do need to authorize Sophos Central to access your Azure AD credentials via the Azure AD Admin.

For more info on the whole process, check out our knowledge base.

Global Policies for Enterprise and Partner

We're dedicated to ensuring the Central platform makes everyone's lives simpler and safer. This month, we're bringing the concept of Global Policies to our Enterprise and Partner dashboards.

Global Policies make managing multiple sub-estates or multiple customers a breeze. You can now define policy "templates" then allow you to bundle up global settings and base policies. These templates can then be applied to one or more sub-estates or customers.

Setting up or changing policy configuration across numerous sub-estates or customers is now trivial and rapid!

Click either Partner or Enterprise(available next week) to learn more about these new features.

Sub-Estate Region Selection for Enterprise

We understand that enterprises have offices all over the globe and, especially with different data protection laws in each region, it's sometimes needed to ensure that data from a region stays in that region.

For that reason, we're introducing a new feature to enable the setup of a new sub-estate to be in a different region from that of the Enterprise dashboard. Your headquarters might be in the United States but your engineering team might be in Germany. Now you can keep your German colleague's data in Germany and your American colleagues' data in America.

Hop on over to our knowledge base to learn more about how to start making use of this great new feature.

Audit Logs for Partner

When your admins are hopping in and out of customers accounts, hunting down threats and remediating them, or making policy changes, it's good to have a trail of what they've been up to so that they are accountable for those changes.

You can now find the Audit Logs in the Partner dashboard. Head on over to our documentation page to learn the ins and outs of.

Phish Threat Updates

Our excellent user awareness, training, and phishing tool, Phish Threat, has received a couple of nifty updates this month too.

The first new addition is Randomized Attacks! You can now select up to five different attack email templates which will be served out in a random order to your users. This will save you time running multiple campaigns simultaneously as well as improve the effectiveness of the awareness training. More details can be found on our Community blog.

Our second addition is that Phish Threat is now available in Dutch. You'll now be able to carry out phishing simulations and a variety of cybersecurity awareness course in Dutch. Geweldig nieuws! More details can be found on our Community blog.

Email Content Control

Our last feature being made Generally Available this month gives you the power to filter emails based on keywords and filetypes, both inbound and outbound. This is part of our new Data Loss Prevention policy.

You can craft lists of keywords to look for in subject lines, body content, and file attachment names. When Email finds one of these keywords, an action is performed - pick between Quarantine, Strip attachments and deliver, or Delete.

Using Sophos' True File Type detection technology, define a list of file types to filter emails attachments by (or use Sophos' list of recommended file types to block) and perform an action - Quarantine, Strip attachments and deliver, or Delete.

The power of True File Type detection ensure that even if a file extension has been renamed, for example .zip to .jpg - a common tactic to circumnavigate email filters. We analyse the file and determine its true file type so that all you have to think about is what types of files you want to filter.

More detail can be found on this Community Blog post.

Early Access Programs

Intercept X for Server EDR EAP

Our first, and perhaps most exciting bit of news, is EDR is coming to Server (I can hear your cheers of joy from here). As is customary, we will first have an Early Access Program for this new feature before we make it Generally Available. And EAP does not mean “beta” – this thing is ready to be put through its paces!

All of the tasty EDR goodness you know and love from Intercept X on the endpoint will be available for Windows Servers. Do note that the EAP will initially be of EDR v1.0 however the EAP will be updated in April with EDR v1.1. GA is currently planned for May.

The biggest takeaway is that this really strengthens our EDR offering and should make selling EDR, in general, much much easier. EDR + the best Protection around, for both endpoints and servers, all in the industry’s most advanced and featureful cybersecurity platform – Sophos Central. Gone are the awkward conversations where you have to explain we don’t have EDR for Server – HERE IT IS. BOOM. #micdrop. (Yikes, I really need to grow up…)

To join, simply log into Sophos Central > Select Early Access Programs > Select ‘Join’ > Accept the terms and get stated.

Email Encryption EAP

Rounding up our EAPs this month, we're bringing easy-to-use encryption to Email!

You'll be able to encrypt either the whole email or just the attachments with flexible policy control. Encrypting an email is as simple as adding a custom tag to the email subject line or using the Office 365 add-in button.

Recipients are prompted to create a password they use to receive encrypted email and are prompted to set this up before encrypted emails are delivered. All subsequent emails are encrypted using this password.

We have a portal that recipients can use to reply to emails securely, ensuring confidential communications remain encrypted at all times.

We are leveraging encrypted PDF technology to achieve this for the majority of file types and email body content however, if the document is a Microsoft Office document (.docx, .xlsx, .pptx, .???x), we will use the native encryption to Office to ensure encrypted documents are frictionless to use.

If you want to learn more, head to our Community blog.

Well that brings us to a close of this month's Central Update. I'll leave you with two fun facts:

There are about 450 types of cheese in the world. 240 come from France (for which I am eternally grateful).
England is smaller than New England yet England as 3.7 times the population of New England. Go figure!?