Антивирус Sophos For Mac Os
Our Mac OS antivirus software offers the best Mac virus removal and protects your system. Scan your system at the push of a button and repair folders with just one click. Our Apple virus scan software is free. Download it now for your Mac with macOS 10.13 (Sierra) and later versions! For additional features get our Free Security Suite. Mac OS X 10.12, 10.13, 10.14, or 10.15; minimum 4 GB of free disk space, minimum 4 GB of RAM. How do renewals work? Sophos Home offers clear and easy to understand subscription pricing. We offer one- and two-year pricing options, and discounts for continuing customers. Renewals are done automatically at the end of the subscription period, with.
Preview release notes
These are the release notes for Sophos Anti-Virus for macOS Preview.
Choose the operating system your product runs on. Threat Detection Engine for all platforms. MacOS Endpoint Release Notes. For Sophos Central users. Sophos Anti-Virus 10. Sophos Managed Threat Response. For Enterprise Console users. Sophos Anti-Virus 9 Recommended. Sophos Anti-Virus 9 Preview. Applies to the following Sophos products and versions Sophos Firewall Prerequisites This article requires that you have already set up an SSL VPN Remote Access tunnel on your Sophos Firewall. How to configure SSL VPN for Mac OS X You can configure SSL VPN for Mac OS X using Tunnelblick VPN client by following the steps below. Sophos Home Premium for Mac costs $60 per year, though it's often deeply discounted. It supports Macs running macOS 10.11 (OS X El Capitan) or later, with a minimum of 4GB of storage available.
You may find that you cannot yet download and use the latest version on the list below. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.
Version 9.9.8 New
Resolved issues
Issue ID | Description |
---|---|
MACEP-4973 | Resolved blank captive portal. |
Components Updated
Sophos Anti-Virus | 9.9.8 April 2020 | 9.9.7 January 2020 | 9.9.6 November 2019 | 9.9.5 October 2019 | 9.9.4 September 2019 | 9.8.5 August 2019 | 9.8.4 April 2019 | 9.8.2 January 2019 |
---|
Version 9.9.7
Resolved issues
Issue ID | Description |
---|---|
MACEP-4657 | Improved device control support for large capacity removable storage devices to ensure that they are blocked after restart. |
Version 9.9.6
This release contains performance improvements.
Resolved issues
Issue ID | Description |
---|---|
MACEP-4493 | Resolved an intermittent issue where web pages may fail to load. |
MACEP-4600 | Improved memory usage when Threat Case creation is enabled. |
MACEP-4602 | Resolved an issue with modified permissions on the man8 directory when using disk encryption. |
MACEP-4606 | Improved support for macOS 10.15 Catalina when using MDM profiles. |
Version 9.9.5
New features
- This release contains improved support for macOS 10.15 Catalina.
Version 9.9.4 Updated
New features
- This release contains support for macOS 10.15 Catalina.
- This release contains security and performance improvements.
Updated components
The threat detection engine version is 3.77.1. For information about the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
Issue ID | Description |
---|---|
MACEP-4414 | Resolved an intermittent issue on macOS 10.14 Mojave where the Captive Network Assistant page could fail to load. |
MACEP-4410 | Addressed CVE-2020-10947. |
Version 9.8.5
Resolved issues
Issue ID | Description |
---|---|
MACEP-4314 | Resolved an issue in which Sophos Anti-Virus may incorrectly report successful updates as failures. |
Version 9.8.4
Updated components
The threat detection engine has been updated to 3.76.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
Issue ID | Description |
---|---|
MACEP-3604 | Resolved an issue on macOS 10.14 Mojave that prevented some customers from connecting to Wi-Fi networks that require a captive portal. |
Version 9.8.2
Updated components
The threat detection engine has been updated to 3.75.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
Issue ID | Description |
---|---|
MACEP-3668 | Resolved a rare kernel panic that can be caused when reading extended file attributes on APFS. |
MACEP-3722 | Installer now provides links to online EULA and Privacy Policy. |
Version 9.7.7
This release contains compatibility improvements.
Updated components
The threat detection engine has been updated to 3.74.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Resolved issues
Issue ID | Description |
---|---|
MACEP-3454 | Resolved an issue where some systems may hang on boot with certain USB-C devices. |
Known issues
Issue ID | Description |
---|---|
MACEP-1054 | Issues when Web Protection is used in conjunction with Apple Parental Controls on macOS El Capitan (10.11). On macOS El Capitan (10.11), when Web Protection is active, sites that are correctly blocked by Apple Parental Controls display a blank page, rather than the expected Parental Control block page. |
The installer will download a full version of macOS when it performs its first auto-update. | |
DEF89762 | The Scan now with Sophos Anti-Virus item in the Finder contextual menu may sometimes not be displayed correctly. |
Issues with copying infected files to a quarantine folder. | If the immediate scanner moves or copies an infected file to a quarantine folder, the action is intercepted by the on-access scanner. This is because Spotlight indexes the quarantine folder when a file is quarantined there. To work around this, in the Spotlight preferences, put the quarantine folder into the list of excluded folders. |
Certain configuration changes do not trigger alerts in Sophos Enterprise Console. | If you make any of the following configuration changes in the Sophos Anti-Virus updating preferences pages, they do not trigger a differs from policy alert in Sophos Enterprise Console:
|
- Web Control with Sophos Enterprise Console is not supported.
- Authentication caching in OS X may prevent you from unlocking the preferences panel immediately after an upgrade. To unlock the preferences panel, log out, then log in to your Mac again.
- After you install Sophos Anti-Virus, the Scan with Sophos Anti-Virus command is not immediately contained in a Finder shortcut menu. It appears when you log in to your Mac again.
- After you uninstall Sophos Anti-Virus, the Scan with Sophos Anti-Virus command is still present in a Finder shortcut menu. It disappears when you log in to your Mac again.
- In Sophos Enterprise Console and Sophos Control Center, you can set up email alerting for Virus alerts, Scanning errors or Other errors. Mac OS X computers do not support the Scanning errors option and therefore do not send these alerts.
Support
You can find technical support for Sophos products in any of these ways:
- Visit the Sophos Community at community.sophos.com/ and search for other users who are experiencing the same problem.
- Visit the Sophos support knowledge base at www.sophos.com/en-us/support.aspx.
- Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
- Open a ticket with our support team at https://secure2.sophos.com/support/contact-support/support-query.aspx.
Legal notices
Copyright © 2020Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
1. Installing and Updating Sophos
1.1. Introduction
These instructions are primarily for people who want to install Sophos Anti-Virus onto their personal laptop and/or desktop. Please check with your local IT Support Staff about antivirus protection for college and departmental systems as local arrangements often apply, and installing the version intended for personal systems may cause problems.
This guide outlines the steps required to install the Sophos anti-virus software on Apple Mac computers. Although currently relatively little malware targets OS X systems, it is in on the increase. Some malware can compromise the security of your system, and may capture information you use to connect to other systems such as over the Internet, so we do recommend that Mac users install anti-malware software such as Sophos as a precaution.
If you haven't already obtained Sophos you can download it via the following link:
Please note:
Before installing the Sophos software you must uninstall any other anti-virus software you may have installed on the machine (read the software manufacturer's instructions on how to do this).
For comprehensive instructions on installing and configuring the Sophos software refer to the appropriate Sophos installation guide from the Sophos Documentation pages. The following is a brief outline of the first-time installation of Sophos on an Apple Mac.
Sophos Anti-Virus for Mac OS X version 9.6.4 now supports the latest macOS 10.13 (High Sierra). Due to a new security mechanism that Apple has released with macOS 10.13. called Secure Kernel Extension Loading (SKEL), all non-Apple kernel extensions must be manually added to a trusted list. This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. For further details please refer to this Sophos advisory.
1.2. Installing the Sophos Software
The file you download from our website (which will be named something like sophos8osx2013.dmg
) is a special type of file called a disk image. Depending on the method you use to download the file, it may automatically mount a disk image called Sophos 8.x for OS X 10.4+
or similar on your Mac desktop and open it automatically.
However it is likely that the disk image won't mount automatically, in which case you will need to select it from the list of downloads, or find it (most likely in your Downloads
) folder and double-click on it to mount the image.
Once the disk image has been mounted you should see a volume called something like Sophos Anti-Virus OS X 10.4+
containing a file called Sophos Anti-Virus.mpkg
.
The Sophos installer for OS X 10.8 and above contains instead a file ending in .pkg
rather than .mpkg
.
Once you can see the installer, double-click on it to start the Sophos installation. The installer windows that you see may look a little different to those shown below. If so, you generally just need to accept the default settings to install Sophos.
Click Continue
to acknowledge that you wish to run the Sophos installer. The main Sophos Anti-Virus installer window will appear.
Click Continue
again to proceed with the installation (the version of Sophos you see may be more recent than that shown in the figure below).
This is a good opportunity to read about any changes in each new version of the client, but generally you can just click Continue
. The licence agreement will then be displayed.
Click on Continue
and you will be asked whether you agree to the terms of the agreement. If you do, click on Agree
to continue with the installation.
You may be prompted for a location to install Sophos. Normally you should accept the default location and click Install
to start the installation.
You'll probably be asked to enter your password to confirm that you want to install the software. Once you do the installation will start and you'll see the progress of the installation.
Sophos normally takes just a few minutes to install and then you'll see a completion screen (click on Continue
and then the following final screen.
Click on Close
to close the installation window. If Sophos wasn't installed before you should now see a shield in the menu bar (top right of the screen). The shield may initially be grey but after just a few moments should turn black to indicate that Sophos is now protecting your computer.
Due to a new security mechanism that Apple has released with macOS 10.13. called Secure Kernel Extension Loading (SKEL) you will be presented with a System Extension Blocked notification. To enable these extensions, open Security & Privacy System Preferences where you will see a message saying System software from developer 'Sophos' was blocked from loading. Click on Allow
to enable (note: blocked extensions will only show in this list for 30 minutes, they will re-appear the next time Sophos attempts to loads the extension).
The version of Sophos you have installed now needs to be updated so that it can detect recent malware. To do this make sure that you are connected to the Internet and then click on the shield to bring up the menu shown and select [Update Now]
.
If the [Update Now]
button is greyed out and the shield has changed to show a moving arrow, an update may already be in progress.
You should see a progress window as Sophos downloads and installs recent updates. If you don't see the progress window, click on the shield to bring up the menu and select [Show AutoUpdate Menu]
.
Once the update is complete, check the Sophos shield. So long as it is black then everything was successful and Sophos is working normally.
However if the shield has a cross on it the update failed.
If the shield is grey, then on-access scanning isn't working.
If the shield is grey with a cross on it then on-access scanning isn't working and the updating has failed!
If you experience any of these problems, contact your local IT Support Staff or IT Services for help.
1.3. Keeping Sophos Anti-Virus up to date
Sophos Anti-Virus uses a username and password to automatically download updates. These credentials are valid for around 14 months and expire around the start of November each year. Once they have expired, Sophos will no longer be updated, and your computer will be more vulnerable to new viruses and other malware etc.
This normally only applies to Sophos installed onto personal laptops and desktops. On college or departmental systems, Sophos (or other antivirus software) is often managed by your local IT Support staff and you should check with them before making any changes.
To make sure that you keep your computer(s) up to date, you will need to download and install a new Sophos package in October each year. Please see the FAQ for more details on how to check when your installation(s) of Sophos will stop updating.
So long as the updating credentials are current, Sophos Anti-Virus is configured to automatically download and install updates to keep your defences against viruses, trojans and worms as up-to-date as possible. On networked computers, this occurs once an hour.
To find out when the program last updated itself, click on the shield
on the menu bar and select [Show AutoUpdate Window]
.
You should see a window showing the last date and time that Sophos was updated.
You can also update Sophos manually at any time by clicking on the shield
on the menu bar and choosing [Update Now]
. You will see a window showing the progress of the update. The progress window is not displayed when Sophos updates automatically.
If either the automatic hourly update or the manual update fails for any reason the shield on the menu bar will have a cross in the middle of it.
Your computer does need to be connected to the Internet in order to download updates so if you see this icon when you are not connected this is normal and nothing to be concerned about. When you reconnect to the Internet it may take up to an hour before Sophos tries to update again and the shield returns to normal.
1.4. Further Information
If you encounter any problems there is a Frequently Asked Questions (FAQ) web page with answers to some of the most common issues that people encounter.
We provide some outline information on configuring Sophos options and scans in the next section and Sophos provide full documentation in their Sophos Anti-Virus for Mac OS X documentation.
2. Further Configuration and Setting up Manual and Scheduled Scans
2.1. Configuring On-access Scanning
The OS X client is configured with on-access scanning enabled. This means that when you open a file on your computer Sophos will first check whether it contains malware before it allows the file to be opened. Sophos Anti-Virus on-access settings are configured as follows.
- Scanning of network drives is disabled
- Disinfection is enabled
- If items cannot be disinfected, access to them will be blocked
In this section we provide details on how to change these settings, and on the most common options that you might want to change. For full details of all of the settings consult the Sophos Anti-Virus for Mac OS X documentation.
To access the settings click on the shield in the menu bar and select [Open Sophos Anti-Virus Preferences...]
.
The Sophos application will open together with two windows â the main Sophos window will open it and also the preferences window shown below. In the preferences window click on On-access Scanning
.
Before you can make any changes to the configuration the padlock in the bottom left of the screen needs to be open. If it isn't, click on the padlock and enter your password when prompted.
Near the top of the page you will be able to see whether On-access scanning is enabled, and you have the option to turn it off using the Stop Scanning
button (not recommended).
On-access scanning is enabled by default in the Sophos client and you should normally leave it running.
Next on the page are a couple of options that can be changed that affect which files Sophos checks for malware.
These are the options to scan [Inside archives and compressed files]
and [Files on network volumes]
. Enabling these options will mean that Sophos checks more files for malware, but may slow down the checking.
At the bottom of the page are the settings that control what Sophos does if it finds a virus.
By default disinfection is enabled and access to infected files is denied and the files moved to a standard location if this fails. The default location that Sophos uses is /Users/Shared/Infected
. This gives you the chance to inspect any infected files, attempt to disinfect them, and if that fails to try and recover data from them before deleting them from your system. If you prefer to delete any infected files immediately then choose the Delete infected files
option but we would recommend that you don't configure on-access scanning this way as occasionally it could lead to legitimate files being deleted by accident.
2.2. Configuring Other Preferences
2.2.1. AutoUpdate Preferences
You shouldn't normally need to alter the AutoUpdate settings unless your IT officer or IT Services staff have asked you to.
Occasionally you may need to check that you are using the correct set of credentials. The FAQ page explains how to check whether you are using an up to date set of credentials.
2.2.2. Logging and Messaging Preferences
Click on Logging
to view or change the log settings and on Messaging
to control the way that Sophos alerts you about malware. Normally you should not need to alter any of these settings. If you want to view the log file you can do this from the Logging
window by clicking on View Log...
.
2.3. On-demand (Immediate) Scanning
The on-access scanning gives you constant protection against viruses and other malware that might be contained in any files on your computer. In addition you can perform on-demand scans of all or part of your hard disk. As with on-access scanning you can also configure options that control the way that on-demand scans work.
To configure on-demand scans, open Sophos Anti-Virus by clicking on the Sophos shield in the menu bar and selecting [Open Sophos Anti-Virus...]
from the menu. You can also open Sophos Anti-Virus from the Applications
folder.
The main Sophos Anti-Virus window will appear as show. Once the Sophos program opens you can start a scan immediately by clicking on Scan Now
.
2.3.1. Configuring On-demand Preferences
To configure the options for the scan, select [Preferences...]
from the [Sophos Anti-Virus]
menu.
When the preferences window opens, if necessary click on On-demand Scanning
to view the options for on-demand scans. Before you can make any changes to the configuration the padlock in the bottom left of the screen needs to be open. If it isn't, click on the padlock and enter your password when prompted.
The default options for on-demand scans are shown below. By default cleanup isn't enabled so you may want to change this setting, for example to [Clean up infected files]
. If you choose this setting, a further setting will appear allowing you to choose what to do if cleanup fails.
Antivirus For Mac Sophos
In the screen shown below the default options have been changed so that Sophos will attempt to clean up any threats found and if this fails will move them to the folder /Users/Shared/Infected
. We generally don't recommend setting either of the settings When a threat is found
and If cleanup fails
to Delete infected files
as on rare occasions Sophos may delete a legitimate file. It is better to simply move the files which would allow you to retrieve them later if necessary.
2.3.2. Custom Scans
Sophos Free Mac Antivirus
You can also set up a custom scan such as a scan that will check part of your hard disk. To do this return the first Sophos Anti-Virus window and if necessary click on the arrow next to Custom Scans
to expand the window.
Click on the plus at the bottom left of the screen to create a new scan. You can set similar options as for the standard scan, as well as selecting what part of the Mac to scan. For full information refer to the Sophos Anti-Virus for Mac OS X documentation.
2.4. Further Information
For further information please refer to the Sophos Anti-Virus for Mac OS X documentation.