Understanding Known Issues in Sophos Central: A Comprehensive Guide

Sophos Central is a unified security management platform that simplifies the administration of Sophos products. Like any complex software, Sophos Central has its share of known issues. This article provides a detailed overview of these issues, their impact, workarounds, and expected resolutions. This information, updated as of June 10, 2024, helps Sophos users stay informed and proactive in managing their security environment.

Navigating the Sophos Central Known Issues List

Sophos maintains a list of known issues to ensure transparency and assist users in troubleshooting potential problems. The list is categorized by affected area and includes key details such as affected versions, fix versions (if available), summaries, descriptions, and workarounds. Regular review of this list can save time and prevent frustration.

Central Platform Issues

This section covers the known issues related to the core Sophos Central platform, including dashboard functionality, licensing, and multi-factor authentication (MFA).

1. Central/Enterprise/Partner Dashboards: Remote Assistance Timeframe Display (CPLAT-56563)

• Affected Versions: CPG 2024.21
• Summary: The Remote Assistance timeframe drop-down selection defaults to '7 days' regardless of the previously chosen timeframe.
• Description: When viewing or updating the Remote Access setting, the timeframe dropdown consistently shows ‘7-days’. However, the actual expiration date for Remote Access remains based on the previous selection.
• Workaround: Verify the actual Remote Access expiration date displayed below the drop-down and cross-reference it with the audit log entry from when Remote Access was initially enabled.

2. Partner Dashboard: Flex License Customer Creation (CPLAT-55319)

• Affected Versions: CPG 2024.15
• Fix Versions: CPG 2024.24
• Summary: Partner Super Administrators cannot select Aruba, Bonaire, or Curacao from the country dropdown when creating a new MSP Flex licensed customer within the Partner Dashboard.
• Workaround: Select a different country temporarily and request the Partner/Customer Care team to update it afterwards.

3. Enterprise and Central Dashboards: Inaccurate License Usage Display (CPLAT-52441)

• Fix Versions: CPG 2024.24
• Summary: License usage shown on the License page can be inaccurate after upgrading or downgrading the same license type.
• Description: This issue affects Term or Master Licensed customers. The usage distribution between the old and new licenses might be uneven.
• Workaround: Ignore the license usage discrepancies. The original license will be removed from the License page automatically 30 days after its expiration. Note that Flex licenses are not affected.

4. Central Login MFA Issue: Incorrect Pattern Error (CPLAT-56381)

• Affected Versions: CPG 2024.21
• Summary: Users may encounter an "Incorrect pattern for [PIN]" error when using TOTP MFA with Chrome Password Manager.
• Workaround: Manually click the ‘continue’ button on the page after entering the TOTP code instead of using the ‘enter’ key.

5. Central Dashboard: Scheduled Reports Section Loading Issue (CPUI-10876)

• Affected Versions: CPG 2024.21
• Summary: The list of scheduled reports might not load if the Reports page link in the header is selected while within another product page
• Workaround: Refresh the webpage to load the Scheduled Reports section

6. Partner Dashboard - PSA Ticketing Integration: Duplicate Tickets (CPLAT-55906)

• Summary: Duplicate tickets may be created for the same endpoint detection event in PSA Ticketing integration.
• Description: This is due to multiple detections of the same kind but in different locations—such as within an archive file.
• Workaround: Handling the duplicate tickets depends on whether the archive file will be removed. If removed, only one ticket needs to be open. If the archive file remains, each individual path's alert/ticket will be valid until resolved.

7. Partner Dashboard > Create new Customer or Trial form: Country Selection Issue (CPLAT-55773)

• Affected Versions: CPG 2024.18
• Summary: When selecting the 'Country' using only a keyboard, the resulting 'State/Province' drop-down menu may show States/Provinces from other countries
• Workaround: Use a mouse to select the country from the drop-down list.

8. Enterprise Dashboard: Custom Dashboards Reflected in All Subestates (CPLAT-55393)

• Affected Versions: CPG 2024.15
• Summary: Custom dashboards created, edited, or deleted by an Enterprise Administrator are reflected in all subestates.
• Description: When an Enterprise Administrator creates, edits or deletes a Custom Dashboard within one Subestate, it will be also be created, updated, or deleted for all Subestates in the Enterprise environment.
• Workaround: Create custom dashboards that are specific to one subestate by using a local administrator for the Central account.

9. Central Dashboard: Custom firewall reports are only able to be sent to local Central Administrators (CSA-11622)

• Affected Versions: CPG 2022.18
• Summary: Custom firewall reports are only able to be sent to local Central Administrators (not Partner or Enterprise administrators)
• Workaround: Currently only local administrators are able to be used for Firewall report delivery at the Central Dashboard level

10. Central Dashboard Audit log - "anonymous failed authentication" (CPLAT-39841)

• Affected Versions: CPG 2022.09
• Summary: "anonymous failed authentication" entry is due to an expected API Service Principal JWT renewal error.
• Description: When using API credentials (Service Principals) - certain jwt token refresh errors can be logged in the Central Dashboards Audit log
• Workaround: These entries can be ignored. See Sophos Support Article KB-000043845 for more information.

11. Entra AD directory sync: Guest userType and Central Email mailbox (CPERF-8317)

• Summary: It is not possible to both sync AD users with the userType attribute 'Guest', and also prevent those users from having an associated Central Email mailbox (if licensed for Central Email
• Workaround: Configure your Sophos Central Entra Directory services sync to filter out/exclude syncing Guest users. - Filter users and groups - Sophos Central Admin

12. Enterprise Dashboard: Updating the license allocation (CPLAT-53760)

• Affected Versions: CPG 2024.06
• Summary: Updating the license allocation may take a few minutes to apply
• Workaround: N/A as long as the result is successful, open a Technical Support case for assistance.

13. Partner Dashboard: Sophos Customers page - A Cloud Optix trial icon (CPLAT-41524)

• Affected Versions: CPG 2022.21
• Summary: Sophos Customers page - A Cloud Optix trial icon may incorrectly show for next to some Customers.
• Workaround: Ignore the icon.

14. Central Dashboard: Partner contact information is blank (CPLAT-52264)

• Summary: Partner contact information is blank
• Workaround: Go to Sophos Partner Directory - Below the map on the left-hand side, enter the name of your Partner as it is shown on your Central Dashboard partner information page and select the result shown.

15. Central Dashboard: The 'Reset MFA' option (CPLAT-51642)

• Affected Versions: CPG 2023.37
• Summary: The 'Reset MFA' option will not be able to be selected if the account in question has not set up their MFA.
• Workaround: N/A

16. Central Dashboard Audit Logs: repeated "Access Denied" entries (CPLAT-48961)

• Summary: Customers (Central Dashboard and Enterprise Dashboard), as well as Partners (Partner Dashboard) - could see excess amounts of Audit log entries that reference both 'alerts:read' and 'endpoint-state:read'.
• Workaround: If there are any questions or concerns about these entries, please contact Sophos Technical Support for help or clarification on what is being logged. Please reference this Known Issue entry.

17. Some regions may see unreliable reception of SMS security codes (CPLAT-48387)

• Summary: The regulatory authorities in certain countries have specific SMS requirements, which may result in some customers not receiving SMS or receiving them as potential spam when signing in.
• Countries with special SMS requirements: Belarus, Egypt, Jordan, Kuwait, Philippines, Qatar, Russia, Saudi Arabia, Sri Lanka, Thailand, Turkey, United Arab Emirates (UAE), Vietnam.
• Workaround: You may use the Multi-factor Authentication's authenticator app or the email and pin method to complete the sign-in process in any scenario where the SMS code is not being received.

18. Partner Dashboard: Flex customer shows a trial icon on the Customers page (CPLAT-51673)

• Affected Versions: CPG 2023.37
• Summary: Flex customer shows a trial icon on the Customers page under the 'Central Firewall Reporting Advanced' column
• Workaround: This can be ignored

19. My Sophos API related integration stopped working (CPLAT-51647)

• Summary: If the API credential previously used is no longer present within Settings > API Credentials Management; and there is nothing in the Audit log showing it was removed, then the credential has

Staying Updated

The information provided here is based on the latest available data. However, software issues and resolutions evolve. Refer to the official Sophos support resources for the most current information and updates on these and other known issues.