- For further information see Sophos Central Intercept X, Central Server Intercept X Advanced and Sophos Exploit Prevention cumulative hotfix. Application crashes, BSoDs, system hang or performance related issues Intercept X crashes Get a process dump of hmpalert.exe crashing; Get a SDU created after the dump and after the problem has been reproduced.
- If you already have an active Sophos Central account, you can start your trial from the Sophos Central Admin Console. Log in to Sophos Central, click Free Trials, and select Intercept X Advanced for Server with EDR.
Sophos Intercept X for Servers will entail the following key benefits for your enterprise or business in case you are hosting data over dinCloud Hosted Virtual Servers:- Sophos Deep Learning Technology, which is an even advanced form of Machine Learning (ML) will detect and prevent yet undiscovered threats, in addition to the known cyber threats. The two solutions work as a synchronized security system, sharing information in real time and responding automatically to threats. If you are already running Intercept X, adding XG Firewall not only gets you an industry-leading next-gen firewall, but also transforms your IT security and gives you tremendous benefits as part of an integrated cybersecurity ecosystem. Sophos Intercept X for Server protects against malicious attacks Leveraging powerful technologies including the ability to detect never-before-seen malware with deep learning, stop ransomware and roll back affected files, block hacking attempts that attempt to leverage known exploit techniques, and root cause analysis designed to provide a visual insight into how an attack occurred, what assets were affected and recommendations on how to prevent future risk.
Ensuring that your endpoint and server protection is correctly configured is one of the most important things you can do for your organization’s security.
This article will give you some quick tips and links to resources so you can get the most out of your Sophos protection.
Getting started
In Sophos Central policies are used to apply protection settings such as specific exploit preventions, application control, and peripheral control. Policies can apply to endpoints, servers, users or groups depending on how you want to set things up. How to create a policy.
Application Control
Controls which applications should be blocked. For example, uTorrent and Steam games.
Endpoint setup | Server setup
Data Loss Prevention
Stops specific file types or content in a file from being transferred from a device. For example, stop files containing account numbers being sent from a device.
Endpoint setup | Server setup
Windows Firewall
Blocks inbound connections from specific domains or networks. For example, stopping all private networks accessing a device.
Endpoint setup | Server setup
Peripheral Control
Controls what can be plugged into a device. For example, blocking USB sticks and optical drives.
Endpoint setup | Server setup
Threat Protection
Configures protection features. We strongly suggest always using Sophos recommended settings.
Endpoint setup | Server setup
Update Management
Schedules updates to a specific time. For example, setting them after office hours.
Endpoint setup | Server setup
Web Control
Stops users downloading risky files or accessing inappropriate websites. For example, block .exe file downloads.
Endpoint setup | Server setup
File Integrity Monitoring (Server only)
Monitors important files and folders for signs of tampering. For example, critical Windows directories or key programs.
How to set one up.
Tamper Protection
Tamper protection stops unauthorized users and types of malware from uninstalling Sophos protection. You should always have it enabled. Learn more.
Do I need to log in and check for alerts?
Users often ask how often they should log in to check for alerts and actions. The good news is that Sophos Central automatically emails admins when there is an event requiring their attention. Here’s how to configure alerts.
Check your security posture with EDR
Endpoint Detection and Response (EDR) is a powerful tool to help you find threats across your network. It’s easy to get started by checking the list of the most suspicious potential threats for investigation in your organization.
We give you curated threat intelligence so you can quickly decide whether a potential threat needs taking care of. Watch the EDR how-to videos.
More information
Components Updated
| Sophos Central Server Intercept X Windows Server 2008 R2 and later | 2.0.20 April 2021 | 2.0.19 February 2021 | 2.0.19 January 2021 | 2.0.18 October 2020 | 2.0.17 May 2020 | 2.0.16 January 2020 | 2.0.11 September 2019 | 2.0.8 May 2019 | 2.0.5 February 2019 |
|---|---|---|---|---|---|---|---|---|---|
| HitManPro.Alert | 3.8.1.504 | 3.8.1.504 | 3.8.0.523 | 3.8.0.523 | 3.7.17.321 | 3.7.15.446 | 3.7.14.40 | 3.7.12.466.466 | 3.7.10.762.174 |
| Sophos Machine Learning Engine | 1.7.0.19 | 1.7.0.19 | 1.7.0.19 | 1.5.3 | 1.5.3 | 1.5.3 | 1.1.148 | 1.1.148 | 1.1.148 |
Other release notes
You should also read the Sophos Server Core Agent release notes. They cover the changes, resolved issues and known issues for the core components.
For information about the changes to the SophosServer Core Agent, see the Sophos Server Core Agent release notes.
For information about the changes to Sophos Central Server Anti-Virus, see the Sophos Central Server Anti-Virus release notes.
For improvements and new features in Sophos Central, see What's new in Sophos Central.
Updates that require a restart
Occasionally an update requires a restart. Sophos never forces this restart and there is no impact on protection or threat detection updates during the period before the restart.
Intercept X For Server
We recommend that you schedule a restart during your next maintenance window to ensure that you are running the latest version.