Installing Sophos Endpoint Protection using a JumpCloud Command on MacOS

Over the next few weeks. I am going to be writing a series of posts about Jumpcloud. Jumpcloud is a DaaS (Directory as a Service.) I have been working with JumpCloud for roughly the last year. During this time, I have migrated four different companies from various authentication platforms (Microsoft Active Directory, Qnap Authentication and local authentication) to the DaaS across a multitude of different operating systems.

Over the next few posts, I am going to share some commands or scripts that I have personally written for my environment to help to do the simple things. Such as install applications, check the status of systems and more.

The first command I will be sharing is installing Sophos EndPoint Protection on macOS. Something to note about all of these commands is that they require some files to be publically accessible. They can be on AWS S3 or a cheap and cheerful Linode server; it makes no odds.

The full command to copy and paste into the command box.

mkdir /tmp/Sophos && cd /tmp/Sophos && 
curl -o /tmp/Sophos/ "http://somewebserver/" && 
unzip && 
rm && 
sudo chmod a+x /tmp/Sophos/Sophos\\ Installer && 
sudo chmod a+x /tmp/Sophos/Sophos\ && 
sudo /tmp/Sophos/Sophos\\ Installer --install && 
rm -rf /tmp/Sophos

Let me break this down.

The first part creates a directory in the /tmp/folder called Sophos.

mkdir /tmp/Sophos && cd /tmp/Sophos &&

The next part downloads to /tmp/Sophos the zip file from your repo or hosting location and unzip into the folder, it then removes the original zip.

curl -o /tmp/Sophos/ "http://somewebserver/" && 
unzip && 
rm &&

The third part modifies the permissions on the installer and associated files to allow it to run

sudo chmod a+x /tmp/Sophos/Sophos\\ Installer && sudo chmod a+x /tmp/Sophos/Sophos\ &&

The final section tells the Sophos installer to execute silently and then remove the /tmp/Sophos folder to tidy up after.

sudo /tmp/Sophos/Sophos\\ Installer --install && rm -rf /tmp/Sophos

If you have any other applications you would like to see commands created, please let me know in the comments, and I will see what I can do.

7 thoughts on “Installing Sophos Endpoint Protection using a JumpCloud Command on MacOS”

    • Hi Christian,

      I have written a quick script that in testing, seems to work.

      Copy the below into a command window and edit it to point to the correct URL for your Sophos central windows setup.

      $url = 'https://URLTO/SophosSetup.exe'
      $output = "C:\Temp\Sophos.exe"
      Invoke-WebRequest -Uri $url -OutFile $output
      C:\Temp\Sophos.exe --quiet

      If you wouldn’t mind testing it on a non-essential Windows 10 machine (I tested it on a Windows 10 VM on my mac and it worked perfectly) after a couple of minutes I saw the VM show up in the Sophos Central Console.

      Normal disclaimer applies – I take no responsibility to anything it does or doesn’t do etc

  1. Do end-users have to manually allow Sophos to load due to Sophos? Is there any way to get around “system software from developer ‘Sophos’ was blocked from loading” through jumpcloud?

    • Hi Dev,

      Unfortunately that is still the case.

      I think that is a macOS security requirement rather then a Sophos requirement.

      Although if Sophos is installed on an older version macOS, and you want to update Sophos to the latest version for any reason it doesnt need re-approving.

      I am still trying to find a way around it, but havent had much luck yet.


  2. Hi Richard,

    This has helped me put Sophos into our new starters machines faster and much more smoothly.

    Thank you for your amazing work.



Leave a Comment