Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Overview
This article explains why Zero-day Protection log entries are shown in the Log Viewer for the reason of eligible even if Sophos Firewall is not licensed for Zero-day Protection.
Product and Environment
Sophos Firewall
Explanation
The Control Center may show a number of suspected files that would have been analyzed by Zero-day Protection. These files were allowed through Sophos Firewall, they would have been analyzed in the sandbox, and then either properly allowed or blocked if the customer has a Zero-day Protection license. Therefore, those files are shown as eligible in the Log Viewer.
Updated Disclaimer
[edited by: Erick Jan at 2:08 PM (GMT -7) on 17 Apr 2023]