If you want to use Sophos Central to manage Mac endpoints that are already encrypted with FileVault, you need to apply a Sophos Central Device Encryption policy to these endpoints.
Applies to the following Sophos products and versions Sophos Firewall Prerequisites. This article requires that you have already set up an SSL VPN Remote Access tunnel on your Sophos Firewall. How to configure SSL VPN for Mac OS X You can configure SSL VPN for Mac OS X using the Tunnelblick VPN client by following the steps below. Uninstall Sophos Anti-Virus for Mac Using the Built-in or Standalone Tools, or via Terminal There are reports received that the removal tool is not working for macOS 11 (Big Sur). Please follow the steps on our BIG SUR EAP recommended reads, HOW TO: Remove System Extensions, this issue should be addressed when the General Availability support. Sophos Home Premium for Mac review: Up-to-date features at an unbeatable price For features, price-per-computer, and ease of configuration, Sophos comes out on top. By Glenn Fleishman.
Sophos Mac System Requirements
Before users can start:
- You must install the Sophos Central agent software on the endpoints.
- You must configure and turn on a Device Encryption policy in Sophos Central.
- Users must log on to their endpoints. They must be connected to and synchronized with Sophos Central. Note that remote logon is not supported.
These instructions tell you what users see and what they need to do:
- When users log on or when you apply a Sophos Central Device Encryption policy while the users are logged on, users are informed that Device Encryption has been set up to protect their computers.
- To turn on Sophos Central Device Encryption, users must enter their login password and click Create key.A new recovery key is created and stored centrally for recovery purposes. If there are other unencrypted internal disks, those disks are encrypted as well. You do not need a separate disk password for them.
- If there are internal disks that are already encrypted with a disk password, users must enter the disk password and click Proceed.The disk password is now managed by Sophos Central. The disk is unlocked automatically during startup.
The endpoint is now managed by Sophos Central Device Encryption.
Is macOS 11 supported?
Yes. Roll-out has successfully completed for Sophos Central and Sophos Enterprise Console (SEC). All customers have received the updated version that supports macOS 11 natively. No customer action is required unless they have devices with M1 processors which require Rosetta 2 to be installed.
Are M1 Processors supported for macOS 11?
M1 processors are currently supported with Rosetta 2. Customers that have M1 processor devices and are running macOS 11 will need to install Rosetta 2 in order to use Sophos Endpoint products. They do not need to join the early access program.
Sophos Mac Antivirus
Rosetta 2 should automatically prompt for installation if it isn’t already in use on the device. If not, manual installation is straightforward. See KBA39501 for further detail.
What is Rosetta 2?
Rosetta 2 is a commonly used tool that enables a Mac with Apple silicon to use apps built for a Mac with an Intel processor. For more information, please refer to https://support.apple.com/en-gb/HT211861
Sophos Mac 11
Will there be a performance difference when using Rosetta 2?
Native support using the full power and performance of the Apple hardware will always be faster than using Rosetta 2. For normal business users there should not be any discernible difference. For heavy users of disk or CPU (for example: video editing, heavy photoshop usage, compiling) they will notice a difference in performance.
When will M1 processors be natively supported?
An early access program for native Apple M1 processor support is planned to start in April.
Sophos Mac Install
Key link: KBA on Big Sur and M1 support