Question

Sophos Endpoint Protection Deployment with JAMF

Forum|Forum|6 years ago
July 26, 2019
5 replies
100 views

johnsonzhang_an

After some struggling we finally managed to get it working. So the steps are like:

Deploy Sophos KEXT ID to all Macs via a Configuration Profile -> Approved Kernel Extensions
2H5GFH3774
We took a script from this post (https://www.jamf.com/jamf-nation/discussions/23168/sophos-cloud-installs) and make customizations to fit our needs. Basically the script will download the zip installation package shown in your Sophos Central admin console, unzip it, and then install it.

The script looks like this, please replace the downloading URL.

#!/bin/sh

cd /tmp

if [[ -d "/tmp/Sophos Installer.app" ]]; then
    rm -rf /tmp/Sophos*
fi

# Update the URL as indicated in Sophos Admin Panel
curl -O https://api-cloudstation-us-east-2.prod.hydra.sophos.com/api/download/xxxxxxxxxxxxxxxxxxxxxxx/SophosInstall.zip
unzip SophosInstall.zip

chmod a+x ./Sophos Installer.app/Contents/MacOS/Sophos Installer
chmod a+x ./Sophos Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper

./Sophos Installer.app/Contents/MacOS/Sophos Installer --install

exit 0

Create a "Policy" in JAMF to run this script on local machines. After installation the machines will automatically register to your admin console and fetch updates.

NOTE: For larger corporation deployment I suppose you can also use the Composer method to do a local distribution of the installation package in order to prevent huge bandwidth usage. The one thing you need to pay attention to should be the KEXT ID thing mentioned above.

+10

tjhall
Contributor
Forum|Forum|6 years ago
July 26, 2019

Base the Sophos script installtion policy on a "kext approved - exists" smart group.
Otherwise there's a risk the installtion failing due to the installation happening before that kexts have been approved.

+17

KyleEricson
Valued Contributor
Forum|Forum|6 years ago
November 23, 2019

@johnsonzhang_anx thanks this fixed my issue.

Read My Blog: https://www.ericsontech.com

+17

danlaw777
Valued Contributor
Forum|Forum|6 years ago
November 27, 2019

Does sophos allow you to monitor your macs with their software? or is it done through Jamf Pro?

jwoltering
New Contributor
Forum|Forum|5 years ago
August 21, 2020

We have followed all steps described here with the script mentioned above, but Jamf shows the following error when the policy with the installation script was executed:

Script result:   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100  534k    0  534k    0     0   831k      0 --:--:-- --:--:-- --:--:--  830k
100 2807k    0 2807k    0     0  2151k      0 --:--:--  0:00:01 --:--:-- 2151k
Archive:  SophosInstall.zip
  inflating: Sophos Installer.app/Contents/CodeResources  
  inflating: Sophos Installer.app/Contents/Info.plist  
  inflating: Sophos Installer.app/Contents/PkgInfo  
  inflating: Sophos Installer.app/Contents/_CodeSignature/CodeResources  
  inflating: Sophos Installer.app/Contents/MacOS/Sophos Installer  
  inflating: Sophos Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper  
  inflating: Sophos Installer.app/Contents/Resources/ps_rootca.crt  
  inflating: Sophos Installer.app/Contents/Resources/ico_header_cloud.png  
  inflating: Sophos Installer.app/Contents/Resources/ico_st_alert.png  
  inflating: Sophos Installer.app/Contents/Resources/ico_device_encryption.png  
  inflating: Sophos Installer.app/Contents/Resources/ico_intercept_x.png  
  inflating: Sophos Installer.app/Contents/Resources/InvalidDataIcon.tiff  
  inflating: Sophos Installer.app/Contents/Resources/ico_st_cancel.png  
  inflating: Sophos Installer.app/Contents/Resources/ico_st_error.png  
  inflating: Sophos Installer.app/Contents/Resources/SophosBootstrap.icns  
  inflating: Sophos Installer.app/Contents/Resources/build-info.plist  
  inflating: Sophos Installer.app/Contents/Resources/SophosBootstrap-Options.plist  
  inflating: Sophos Installer.app/Contents/Resources/ico_st_success.png  
  inflating: Sophos Installer.app/Contents/Resources/ico_enduser_protection.png  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/MainMenu.strings  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/de.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/MainMenu.strings  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/ja.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/en.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/MainMenu.strings  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/es.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/MainMenu.strings  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/it.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/background.tif  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/AlertCautionIcon.tiff  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/Success.tiff  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/MainMenu.nib  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/blue_bullet.png  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/Base.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/MainMenu.strings  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/Localizable.strings  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InfoPlist.strings  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationSummarySuccess.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationSummaryInstallFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationSummaryDownloadFailed.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationSummaryCancelled.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationProgressInstalling.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Resources/fr.lproj/InstallationProgressDownloading.rtfd/TXT.rtf  
  inflating: Sophos Installer.app/Contents/Library/LaunchServices/com.sophos.macendpoint.Installer.HelperTool  
  inflating: Sophos Installer Components/SophosCloudConfig.plist  
2020-08-20 15:47:44.631 Sophos Installer[3359:50652] Starting Sophos Bootstrap Installer.
2020-08-20 15:47:47.245 Sophos Installer[3359:50652] Installation failed with: Failed to get deployment token. (43). See SophosDiagnostics for detailed information.

```
#!/bin/sh

```

Any ideas?

al_c
New Contributor
Forum|Forum|5 years ago
September 28, 2020

~~Look like I got this working. However, clients don't seem to be checking in with the Sophos management server...~~

It took a while to update. It's checking in. Thanks for the script!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded