Installing Sophos Endpoint Agent in MacOS

We have a split shop (Lenovo’s and macs) with Sophos that we’ve pushed to Catalina devices using Automox worklets with the scripts that Sophos provides when you log into Sophos central you should be able to find them in the protect devices > installation options area.

Keep in mind Sophos on Catalina causes pop-ups “full disk access required” so you’ll want to move some of the Sophos packages into the full disk if you’re deploying to Catalina.

Here’s the Sophos KB: Here’s a kb for that: https://support.sophos.com/support/s/article/KB-000039014?language=en_US

These are what needs to be moved, I think that KB got altered but this is what’s working for us to prevent the popup:

1. Sophos Endpoint UIServer


2. SophosAgent


3. SophosAntiVirus


4. SophosAutoUpdate


5. SophosCleanD


6. SophosScanAgent


7. SophosServiceManager


8. Sophos Diagnostic Utility

Automox Worklet “Sophos macOS Install Script”

Evaluation Code

Exit 1

Remediation Code

# !/bin/bash

mkdir /private/var/tmp/sophos

cd /private/var/tmp/sophos



# Installing Sophos

Curl -L -O https://api-cloudstation-us-east-2.prod.hydra.sophos.com/api/download/KEYFROMYOURSOPHOSCENTRAL/SophosInstall.zip 

unzip SophosInstall.zip



chmod a+x /private/var/tmp/sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer

chmod a+x /private/var/tmp/sophos/Sophos\ Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper



sudo /private/var/tmp/sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer --install



/bin/rm -rf /private/var/tmp/sophos

This also just came out yesterday:

https://support.sophos.com/support/s/article/KB-000033340?language=en_US

And this may help your dells

#######Script Starts#########



 



# Silent Install Sophos AV Client



 



# Path for the workdir



$workdir = "c:\temp\"



 



$sixtyFourBit = Test-Path -Path "C:\Program Files"



 



$SophosInstalled = Test-Path -Path "C:\Program Files\Sophos"



 



If ($SophosInstalled){



Write-Host "Sophos Already Installed!"



} ELSE {



Write-Host "Begining the installation"



 



# Check if work directory exists if not create it



 



If (Test-Path -Path $workdir -PathType Container){



Write-Host "$workdir already exists" -ForegroundColor Red



} ELSE {



New-Item -Path $workdir -ItemType directory



}



 



# Download the installer



 



$source = "Insert your Endpoint link from Sophos central dashboard for the client - right-click to get link location and copy"



$destination = "$workdir\SophosSetup.exe"



 



# Check if Invoke-Webrequest exists otherwise execute WebClient



 



if (Get-Command 'Invoke-Webrequest'){



Invoke-WebRequest $source -OutFile $destination



} else {



$WebClient = New-Object System.Net.WebClient



$webclient.DownloadFile($source, $destination)



}



 



# Start the installation



Start-Process -FilePath "$workdir\SophosSetup.exe" -ArgumentList "--quiet"



 



Start-Sleep -s 35



 



Start-Process -FilePath "C:\Program Files\Sophos\Sophos UI\Sophos UI.exe" -ArgumentList "/AUTO"



}



 



#######Script Ends#########

I’m looking into this - might need a day or two, I’ll reply back once I have the answer.

@uapilado - Go to Account Details in the upper right hand corner. Go to the Sophos Support section and you’ll see the unique ID

The unique ID for this Sophos Central account is:

If that doesn’t work, you can get it in the browser dev tools… hover over that zip file and you’ll see it

Right click, copy url

image1452×448 59.6 KB