Do you use Sophos Cloud? If so, one of the more recent scripts in this thread works well for us.

Yes, Sophos Cloud.... thank you, i´ll try.

This script works fine for us.

#!/bin/sh

cd /tmp

if [[ -d "/tmp/Sophos Installer.app" ]]; then
    rm -rf /tmp/Sophos*
fi

# Update the URL as indicated in Sophos Admin Panel
curl -O your cloud url 
unzip SophosInstall.zip

chmod a+x ./Sophos Installer.app/Contents/MacOS/Sophos Installer
chmod a+x ./Sophos Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper

./Sophos Installer.app/Contents/MacOS/Sophos Installer --install

exit 0

@SirSir And what should i do with the SophosCloudConfig.plist? :-)

@mickl089

Are you talking about all the Configuration Profiles needed to run Sophos? If so, make sure you have all of this taken care of and deployed to your machine(s) before installing.

Edit: I haven't used a config.plist for the installation of Sophos before, just make sure to get the Sophos download link into that script and it should auto-configure to your Sophos Cloud.

@SirSir Even with that KB link, I still have an issue with Sophos starting the servicemgr service on Big Sur. Catalina is fine, but something is not right with the PPPC and/or System Extensions that I have set up. Waiting on Sophos to respond back to a case we have open.
Also, there are discrepancies in that article between the numbered steps and the screenshots. The information is not the same between the two. Specifically under Big Sur steps 2-4. It looks like the discrepancy is only about display name which I believe is arbitrary and shouldn't make a difference, but given my issues, I'm wondering if that is actually the case.

So far as I know, they're still not officially supporting Big Sur, no?

Sophos officially supports Big Sur as of 10.0.4, but SophosScanD currently will stop functioning after updating to Big Sur from Catalina or Mojave.

@dmillertds It depends on where you look. Most KB articles still say Big Sur is not supported, however they haven't been updated in months. If you look at the release notes for 10.0.4, it claims Big Sur is fully supported as well as support for the M1 chip via Rosetta2. Sophos 10.0.4

@SirSir How did you get the download link? I can download Sophos in our Cloud Central, but I don't get the download link displayed or copied out :-(

Now i´ve got a solution to install via Self Service: install pkg dropped in private/var/tmp/sophos and then a command under "files and processes: /private/var/tmp/sophos/Sophos Installer.app/Contents/MacOS/Sophos Installer --install --quiet

but then there is a prompt that you have to confirm, the install is not really silent. any suggestions?

@mickl089 That is the same command I run except I don't have the --quiet part on mine and it installs silently.

@jrippy is your command with sudo or without?

@mickl089 Without sudo as Jamf runs commands as root already.

@jrippy does this also apply to a script that I run instead of a command?

edit: one more question: Sophos needs a permission for the network extension, i created a config profile for this. is it possible to include this config profile somehow in my policy to prevent this event during the installation?

@mickl089 As far as I am aware, whether the script runs in the Script payload or in the Files and Processes payload, it should run as root. I might be wrong about that, will just have to check.
As for the Network Extension config profile, you may just have to send that out a day or two before the install goes out to try to blanket your install base. If Sophos isn't installed yet, it shouldn't cause the config profile to fail, but if Sophos is installed before the config profile, you will run into issues as you've probably seen.

So I've tried a few variations of these install deployment scripts for Sophos and each time it comes back to a basic issue of it can't find the files /directories its created in the first place (/private/tmp/Sophos Installer) when it goes to run the chmod. I'm fairly new to jamf/deployments/macs so I apologize if I'm missing something obvious. I've tried running the scripts as my user, as a policy, and as a script via Jamf Remote tool.

Realized the issue, it wasn't reading the space in Sophos Installer. Not sure if that's due to settings in my BBEdit or saving it as an .sh.  Removing the spaces before I sent it to composer and likewise in the script made this work for me.

@Mr_Meaves Glad you got it figured out.  The spaces can definitely be tricky.