Sophos Endpoint Security and Control Standalone Startup Guide

Sophos Endpoint Security
and Control
standalone startup guide
Product version: 10.3 and later

Document date: October 2015
Contents
1 About this guide........................................................................................................................3
2 Before you begin......................................................................................................................4
2.1 System requirements..................................................................................................4
2.2 What you will need......................................................................................................4
3 Install Sophos Endpoint Security and Control..........................................................................5
3.1 What do the notification area icons mean?.................................................................6
4 Configure the firewall................................................................................................................7
4.1 Allow applications on Windows 7 or earlier.................................................................7
4.2 Allow applications on Windows 8 or later....................................................................8
4.3 Block unknown applications........................................................................................9
5 Technical support....................................................................................................................10
6 Legal notices..........................................................................................................................11
2
1 About this guide

This guide tells you how to install and configure Sophos Endpoint Security and Control on a
standalone computer.
The guide is for you if your computer is not connected to your organization's network.
If you are an administrator and want to install and configure Sophos Endpoint Security and Control
on a network, see the documentation for your Sophos management software instead. If you use
Enterprise Console, see the Sophos Enterprise Console quick startup guide and Sophos Enterprise
Console policy setup guide. The guides are available at
http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx. For information
about how to set up your home users, see
http://www.sophos.com/en-us/support/knowledgebase/63182.aspx.
3
Sophos Endpoint Security and Control
2 Before you begin
2.1 System requirements

For system requirements, go to the system requirements page of the Sophos website
(www.sophos.com/en-us/products/all-system-requirements.aspx).
You must have internet access in order to download the installation software from the Sophos
website.
2.2 What you will need

You will need the following information for installation and configuration:
■ Web address and download credentials for the Sophos Endpoint Security and Control
standalone installer.
■ Address of the update source, unless you will be updating from Sophos directly.
■ Credentials that are needed to access the update source.
■ Details of the proxy server that you may be using to access the update source (the address
and port number, the user credentials).
4
3 Install Sophos Endpoint Security and

Control
You must log on as an administrator to install Sophos Endpoint Security and Control.
If you have third-party security software installed:
■ Ensure that its user interface is closed.
■ Ensure that third-party firewall and HIPS software is turned off or configured to allow the
Sophos installer to run.
1. Using the web address and download credentials supplied by Sophos or by your system
administrator, go to the website and download the standalone installer for your version of
Windows.
2. Locate the installer in the folder where it was downloaded. Double-click the installer.
3. On the first page of the Sophos Endpoint Security and Control installation wizard, click
Next.
4. On the License Agreement page, click I accept the terms in the license agreement if you
agree to the terms and want to continue. Click Next.
5. On the Destination folder page, if necessary, change the folder to which Sophos Endpoint
Security and Control will be installed. Click Next.
6. On the Update source page, enter the location from which the computer will get updates.
Sophos recommends that you do this now.
a) In the Address box, select Sophos or, if your system administrator has given you an
address, enter that address.
b) In the Username and Password boxes, type the username and password that is needed
to access the update source provided by Sophos or by your system administrator.
c) If you access the network or internet via a proxy, select the Access the update source
via a proxy checkbox, click Next to enter the proxy details.
Note: To enter the update source later, select the I will enter these details later check box.
After the installation is complete, open Sophos Endpoint Security and Control and select
Configure updating.
By default, Sophos Endpoint Security and Control will update itself every 60 minutes, provided
the update source details are provided and the computer is connected to the network.
7. On the Select additional components to install page, select the Install Sophos Client
Firewall check box if you want to install firewall and click Next.
8. On the Remove third-party security software page, select the Remove third-party security
software check box if you have a third-party anti-virus or firewall software installed and click
Next.
5
9. On the Ready to install Sophos Endpoint Security and Control page, click Next.
You should see the software being installed on your computer.
Important: Third-party security software removal does not, by default, remove the associated
update tools, because other third-party security software might still be using them. However,
if they are not being used, you can remove them via Control Panel.
10. On the last page of the install wizard, choose whether to restart the computer and click Finish.
You need to restart the computer:
■ To enable the firewall.
■ To complete the removal of third-party security software.
Installation of Sophos Endpoint Security and Control is complete when the Sophos Endpoint
Security and Control icon is displayed in the notification area, at the far right of the taskbar.
3.1 What do the notification area icons mean?

The Sophos Endpoint Security and Control icon in the notification area, at the far right of the
taskbar, changes if there are pending alerts, or a problem with protection against threats. The
following table lists the icons that are displayed and the reasons why.
Icon Reason
When on-access scanning is not running on your computer.

When a firewall message is displayed.
When a controlled application message is displayed.
When a device control message is displayed.
When a data control message is displayed.
When a website is blocked.
When Sophos Endpoint Security and Control fails to update itself.

When a Sophos service has failed.
A notification appears along with one of the above icons that explains the cause.
For example, if on-access scanning is not enabled on your computer, the On-access scanning
disabled notification is displayed.
6
4 Configure the firewall

You must configure the firewall to:
■ Allow applications that you use and other essential applications, such as Windows Update, to
access the network or internet.
■ Block unknown applications.
There are different ways of allowing applications, depending on which version of Windows you
are using. On Windows 7 and earlier you can use interactive mode. On Windows 8 and later the
interactive mode is not available, so you need to use other methods.
4.1 Allow applications on Windows 7 or earlier
4.1.1 Deal with firewall messages

By default, Sophos Client Firewall for Windows 7 and earlier is in “interactive” mode, which means
that it displays a message each time an unknown application or service requests network access.
The message asks you whether to allow the traffic once, block it once, or whether to create a rule
for that type of traffic.
To get started, when a firewall message is displayed, block the unknown traffic once, for just that
occasion. For example, if the firewall displays a message about a hidden process, click Block
this process this time and click OK.
If you are unable to block traffic for just that occasion, the application generating the traffic might
not have been identified. In such a case, choose either allow or block, as appropriate. You can
change it again later by editing the firewall configuration. For more information, see the Sophos
Endpoint Security and Control Help.
There are some cases in which you should not block the traffic. For example, if you see a message
about your browser, email program, or other applications for internet/intranet access, you should
select the option to add a checksum or create a rule.
4.1.2 Enable applications to access the network or internet

You must enable the firewall to allow the applications that you use and other essential applications,
such as Windows Update, to access the network or internet.
1. Open the program for which you want to allow network or internet access, such as a browser
or email program.
2. The firewall displays a message informing you that a new or modified application has requested
network access. Click Add the checksum to existing checksums for this application and
click OK.
7
3. The firewall displays a second message informing you that an application (such as your browser
or email program) has requested network access. Click Create rule for this application using
preset, and ensure you select the appropriate setting for the program (such as Browser,
Email Client) in the box, and click OK.
To enable FTP download, see the Sophos Endpoint Security and Control Help.
You can also edit the firewall configuration to enable applications access the network or internet
in any mode. For information, see the Sophos Endpoint Security and Control Help.
4.2 Allow applications on Windows 8 or later

In Sophos Client Firewall for Windows 8 and later, that doesn't have an interactive mode, use
one of the following ways to allow applications to access the network or internet:
■ Allow applications one by one.
■ Import firewall configuration from another computer.
4.2.1 Allow applications one by one

You can add applications one by one in Sophos Endpoint Security and Control as follows.
1. On the Home page, under Firewall, click Configure firewall.
2. Under Configurations, click Configure next to the location that you want to configure.
3. Click the Applications tab.
4. Click Add, locate the application, and then double-click it.
The application is allowed as trusted. For greater security, you can apply one or more application
rules to specify the conditions under which the application can run. For more information about
application rules, see the Sophos Endpoint Security and Control Help.
4.2.2 Import firewall configuration from another computer

If you have several standalone Windows 8 or later computers running the same set of applications,
and you want them to use the same firewall rules, you can set up the firewall on one of the
computers (as described in Allow applications one by one (page 8)) and export the firewall
configuration for use on the other computers.
Note: If your organization uses Sophos Enterprise Console to manage security settings on
endpoint computers, the console administrator can export a centrally configured firewall policy
for use on endpoint computers. Please note, however, that some of the options in a centrally
configured firewall policy may not work on Windows 8 or later computers.
To use firewall configuration from another computer:
1. After you have set up the firewall on a Windows 8 or later computer, export the configuration
file. In Sophos Endpoint Security and Control, on the Home page, under Firewall, click
Configure firewall. In the Firewall configuration dialog box, click Export. Give your
configuration file a name and location, and then click Save.
8
2. Go to another computer on which you want to use the configuration. In Sophos Endpoint
Security and Control, on the Home page, under Firewall, click Configure firewall. In the
Firewall configuration dialog box, click Import. Select a configuration file and click Open.
Accept the default settings, unless you need to change any of those, and click OK.
3. Review the firewall configuration and edit the rules, if necessary.
For more information about exporting and importing firewall configuration, see the Sophos Endpoint
Security and Control Help.
4.3 Block unknown applications

You should now enable the firewall to deal with traffic automatically and block unknown applications.
1. In the notification area, at the far right of the taskbar, right-click the Sophos Endpoint Security
and Control icon to display a menu. Select Open Sophos Endpoint Security and Control.
2. In the Sophos Endpoint Security and Control window, in the Firewall section, click Configure
firewall.
The Firewall configuration dialog box is displayed.
3. In the General tab, under Configuration, click Configure.

4. In the location configuration dialog box, in the Working mode section, select Block by default
- all traffic which has no matching rule is blocked.
The firewall will log unknown traffic that it encounters in its log. You can also enable notifications
(balloon messages on Windows 7 or earlier or toast notifications on Windows 8 or later) when
firewall detects unauthorized traffic. For more information, see the Sophos Endpoint Security and
Control Help.
9
5 Technical support
You can find technical support for Sophos products in any of these ways:
■ Visit the SophosTalk community at community.sophos.com/ and search for other users who
are experiencing the same problem.
■ Visit the Sophos support knowledgebase at www.sophos.com/en-us/support.aspx.
■ Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
■ Open a ticket with our support team at
https://secure2.sophos.com/support/contact-support/support-query.aspx.
10
6 Legal notices
Copyright © 2013–2015 Sophos Limited. All rights reserved. No part of this publication may be
reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic,
mechanical, photocopying, recording or otherwise unless you are either a valid licensee where
the documentation can be reproduced in accordance with the license terms or you otherwise have
the prior permission in writing of the copyright owner.
Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos
Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned
are trademarks or registered trademarks of their respective owners.
Apache
The Sophos software that is described in this document may include some software programs
that are licensed (or sublicensed) to the user under the Apache License. A copy of the license
agreement for any such included software can be found at
http://www.apache.org/licenses/LICENSE-2.0
Boost C++ Libraries

Boost Software License - Version 1.0 - August 17th, 2003
Permission is hereby granted, free of charge, to any person or organization obtaining a copy of
the software and accompanying documentation covered by this license (the “Software”) to use,
reproduce, display, distribute, execute, and transmit the Software, and to prepare derivative works
of the Software, and to permit third-parties to whom the Software is furnished to do so, all subject
to the following:
The copyright notices in the Software and this entire statement, including the above license grant,
this restriction and the following disclaimer, must be included in all copies of the Software, in
whole or in part, and all derivative works of the Software, unless such copies or derivative works
are solely in the form of machine-executable object code generated by a source language
processor.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR
OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Common Public License

The Sophos software that is referenced in this document includes or may include some software
programs that are licensed (or sublicensed) to the user under the Common Public License (CPL),
which, among other rights, permits the user to have access to the source code. The CPL requires
for any software licensed under the terms of the CPL, which is distributed in object code form,
11
that the source code for such software also be made available to the users of the object code
form. For any such software covered under the CPL, the source code is available via mail order
by submitting a request to Sophos; via email to support@sophos.com or via the web at
http://www.sophos.com/en-us/support/contact-support/contact-information.aspx. A copy of the
license agreement for any such included software can be found at
http://opensource.org/licenses/cpl1.0.php
ConvertUTF
Copyright 2001–2004 Unicode, Inc.
This source code is provided as is by Unicode, Inc. No claims are made as to fitness for any
particular purpose. No warranties of any kind are expressed or implied. The recipient agrees to
determine applicability of information provided. If this file has been purchased on magnetic or
optical media from Unicode, Inc., the sole remedy for any claim will be exchange of defective
media within 90 days of receipt.
Unicode, Inc. hereby grants the right to freely use the information supplied in this file in the creation
of products supporting the Unicode Standard, and to make copies of this file in any form for internal
or external distribution as long as this notice remains attached.
crt
# $FreeBSD$
# @(#)COPYRIGHT 8.2 (Berkeley) 3/21/94
The compilation of software known as FreeBSD is distributed under the following terms:
Copyright (c) 1992-2013 The FreeBSD Project. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted
provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions
and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions
and the following disclaimer in the DOCUMENTATION and/or other materials provided with
the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
The 4.4BSD and 4.4BSD-Lite software is distributed under the following terms:
All of the documentation and software included in the 4.4BSD and 4.4BSD-Lite Releases is
copyrighted by The Regents of the University of California.
12
Copyright 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the
University of California. All rights reserved.
and the following disclaimer in the documentation and/or other materials provided with the
distribution.
3. All advertising materials mentioning features or use of this software must display the following
acknowledgement: This product includes software developed by the University of California,
Berkeley and its contributors.
4. Neither the name of the University nor the names of its contributors may be used to endorse
or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY
DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
DAMAGE.
The Institute of Electrical and Electronics Engineers and the American National Standards
Committee X3, on Information Processing Systems have given us permission to reprint portions
of their documentation.
In the following statement, the phrase "this text" refers to portions of the system documentation.
Portions of this text are reprinted and reproduced in electronic form in the second BSD Networking
Software Release, from IEEE Std 1003.1-1988, IEEE Standard Portable Operating System
Interface for Computer Environments (POSIX), copyright C 1988 by the Institute of Electrical and
Electronics Engineers, Inc. In the event of any discrepancy between these versions and the
original IEEE Standard, the original IEEE Standard is the referee document.
In the following statement, the phrase "This material" refers to portions of the system
documentation. This material is reproduced with permission from American National Standards
Committee X3, on Information Processing Systems. Computer and Business Equipment
Manufacturers Association (CBEMA), 311 First St., NW, Suite 500, Washington, DC 20001-2178.
The developmental work of Programming Language C was completed by the X3J11 Technical
Committee.
The views and conclusions contained in the software and documentation are those of the authors
and should not be interpreted as representing official policies, either expressed or implied, of the
Regents of the University of California.
NOTE: The copyright of UC Berkeley's Berkeley Software Distribution ("BSD") source has been
updated. The copyright addendum may be found at
fttp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License. Change and is included below.
13
July 22, 1999

To All Licensees, Distributors of Any Version of BSD:
As you know, certain of the Berkeley Software Distribution ("BSD") source code files require that
further distributions of products containing all or portions of the software, acknowledge within their
advertising materials that such products contain software developed by UC Berkeley and its
contributors.
Specifically, the provision reads:
"3. All advertising materials mentioning features or use of this software must display the following
acknowledgement: This product includes software developed by the University of California,
Berkeley and its contributors."
Effective immediately, licensees and distributors are no longer required to include the
acknowledgement within advertising materials. Accordingly, the foregoing paragraph of those
BSD Unix files containing it is hereby deleted in its entirety.
William Hoskins
Director, Office of Technology Licensing
University of California, Berkeley
dtoa.c
The author of this software is David M. Gay.
Copyright © 1991, 2000 by Lucent Technologies.
Permission to use, copy, modify, and distribute this software for any purpose without fee is hereby
granted, provided that this entire notice is included in all copies of any software which is or includes
a copy or modification of this software and in all copies of the supporting documentation for such
software.
THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
WARRANTY. IN PARTICULAR, NEITHER THE AUTHOR NOR LUCENT MAKES ANY
REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
ICU
ICU version 1.8.1 or later
COPYRIGHT AND PERMISSION NOTICE
Copyright © 1995–2008 International Business Machines Corporation and others
All rights reserved.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
associated documentation files (the "Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so, provided that
the above copyright notice(s) and this permission notice appear in all copies of the Software and
that both the above copyright notice(s) and this permission notice appear in supporting
documentation.
14
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY
RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS
NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA
OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
THIS SOFTWARE.
Except as contained in this notice, the name of a copyright holder shall not be used in advertising
or otherwise to promote the sale, use or other dealings in this Software without prior written
authorization of the copyright holder.
All trademarks and registered trademarks mentioned herein are the property of their respective
owners.
IEEE Software Taggant Library

This software was developed by The Institute of Electrical and Electronics Engineers, Incorporated
(IEEE), through the Industry Connections Security Group (ICSG) of its Standards Association.
Portions of it include software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/), and those portions are governed by the OpenSSL Toolkit License.
IEEE License
Copyright (c) 2012 IEEE. All rights reserved.
distribution.
acknowledgment:
"This product includes software developed by the IEEE Industry Connections Security Group
(ICSG)".
4. The name "IEEE" must not be used to endorse or promote products derived from this software
without prior written permission from the IEEE Standards Association (stds.ipr@ieee.org).
5. Products derived from this software may not contain "IEEE" in their names without prior written
permission from the IEEE Standards Association (stds.ipr@ieee.org).
6. Redistributions of any form whatsoever must retain the following acknowledgment:
"This product includes software developed by the IEEE Industry Connections Security Group
(ICSG)".
THIS SOFTWARE IS PROVIDED "AS IS" AND "WITH ALL FAULTS." IEEE AND ITS
CONTRIBUTORS EXPRESSLY DISCLAIM ALL WARRANTIES AND REPRESENTATIONS,
EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION: (A) THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE; (B) ANY WARRANTY
15
OF NON-INFRINGEMENT; AND (C) ANY WARRANTY WITH RESPECT TO THE QUALITY,

ACCURACY, EFFECTIVENESS, CURRENCY OR COMPLETENESS OF THE SOFTWARE.
IN NO EVENT SHALL IEEE OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE AND REGARDLESS
OF WHETHER SUCH DAMAGE WAS FORESEEABLE.
THIS SOFTWARE USES STRONG CRYPTOGRAPHY, WHICH MAY BE SUBJECT TO LAWS
AND REGULATIONS GOVERNING ITS USE, EXPORTATION OR IMPORTATION. YOU ARE
SOLELY RESPONSIBLE FOR COMPLYING WITH ALL APPLICABLE LAWS AND
REGULATIONS, INCLUDING, BUT NOT LIMITED TO, ANY THAT GOVERN YOUR USE,
EXPORTATION OR IMPORTATION OF THIS SOFTWARE. IEEE AND ITS CONTRIBUTORS
DISCLAIM ALL LIABILITY ARISING FROM YOUR USE OF THE SOFTWARE IN VIOLATION
OF ANY APPLICABLE LAWS OR REGULATIONS.
Info-ZIP
Copyright © 1990–2007 Info-ZIP. All rights reserved.
For the purposes of this copyright and license, “Info-ZIP” is defined as the following set of
individuals:
Mark Adler, John Bush, Karl Davis, Harald Denker, Jean-Michel Dubois, Jean-loup Gailly, Hunter
Goatley, Ed Gordon, Ian Gorman, Chris Herborth, Dirk Haase, Greg Hartwig, Robert Heath,
Jonathan Hudson, Paul Kienitz, David Kirschbaum, Johnny Lee, Onno van der Linden, Igor
Mandrichenko, Steve P. Miller, Sergio Monesi, Keith Owens, George Petrov, Greg Roelofs, Kai
Uwe Rommel, Steve Salisbury, Dave Smith, Steven M. Schweda, Christian Spieler, Cosmin Truta,
Antoine Verheijen, Paul von Behren, Rich Wales, Mike White
This software is provided “as is,” without warranty of any kind, express or implied. In no event
shall Info-ZIP or its contributors be held liable for any direct, indirect, incidental, special or
consequential damages arising out of the use of or inability to use this software.
Permission is granted to anyone to use this software for any purpose, including commercial
applications, and to alter it and redistribute it freely, subject to the following restrictions:
1. Redistributions of source code must retain the above copyright notice, definition, disclaimer,
and this list of conditions.
2. Redistributions in binary form (compiled executables and libraries) must reproduce the above
copyright notice, definition, disclaimer, and this list of conditions in documentation and/or other
materials provided with the distribution. The sole exception to this condition is redistribution
of a standard UnZipSFX binary (including SFXWiz) as part of a self-extracting archive; that is
permitted without inclusion of this license, as long as the normal SFX banner has not been
removed from the binary or disabled.
3. Altered versions—including, but not limited to, ports to new operating systems, existing ports
with new graphical interfaces, versions with modified or added functionality, and dynamic,
shared, or static library versions not from Info-ZIP—must be plainly marked as such and must
not be misrepresented as being the original source or, if binaries, compiled from the original
source. Such altered versions also must not be misrepresented as being Info-ZIP
releases--including, but not limited to, labeling of the altered versions with the names "Info-ZIP"
16
(or any variation thereof, including, but not limited to, different capitalizations), "Pocket UnZip,"
"WiZ" or "MacZip" without the explicit permission of Info-ZIP. Such altered versions are further
prohibited from misrepresentative use of the Zip-Bugs or Info-ZIP e-mail addresses or the
Info-ZIP URL(s), such as to imply Info-ZIP will provide support for the altered versions.
4. Info-ZIP retains the right to use the names “Info-ZIP,” “Zip,” “UnZip,” “UnZipSFX,” “WiZ,” “Pocket
UnZip,” “Pocket Zip,” and “MacZip” for its own source and binary releases.
Jansson
Copyright (c) 2009-2013 Petri Lehtinen <petri@digip.org>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
associated documentation files (the "Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial
portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
Lua
The Sophos software that is described in this document may include some software programs
that are licensed (or sublicensed) to the user under the Lua License. A copy of the license
agreement for any such included software can be found at http://www.lua.org/copyright.html
Microsoft software
This Sophos product may include certain Microsoft software, licensed to Sophos for inclusion and
use herein.
Mersenne Twister (mt19937ar.c)

Copyright (c) 1997–2002 Makoto Matsumoto and Takuji Nishimura. All rights reserved.
distribution.
17
3. The names of its contributors may not be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
OpenSSL Cryptography and SSL/TLS Toolkit

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License
and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually
both licenses are BSD-style Open Source licenses. In case of any license issues related to
OpenSSL please contact openssl-core@openssl.org.
OpenSSL license
Copyright © 1998–2011 The OpenSSL Project. All rights reserved.
distribution.
acknowledgment:
“This product includes software developed by the OpenSSL Project for use in the OpenSSL
Toolkit. (http://www.openssl.org/)”
4. The names “OpenSSL Toolkit” and “OpenSSL Project” must not be used to endorse or promote
products derived from this software without prior written permission. For written permission,
please contact openssl-core@openssl.org.
5. Products derived from this software may not be called “OpenSSL” nor may “OpenSSL” appear
in their names without prior written permission of the OpenSSL Project.
6. Redistributions of any form whatsoever must retain the following acknowledgment:
“This product includes software developed by the OpenSSL Project for use in the OpenSSL
Toolkit (http://www.openssl.org/)”
THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT “AS IS” AND ANY EXPRESSED
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR
18

DAMAGE.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This
product includes software written by Tim Hudson (tjh@cryptsoft.com).
Original SSLeay license
Copyright © 1995–1998 Eric Young (eay@cryptsoft.com) All rights reserved.
This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The
implementation was written so as to conform with Netscape’s SSL.
This library is free for commercial and non-commercial use as long as the following conditions
are adhered to. The following conditions apply to all code found in this distribution, be it the RC4,
RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this
distribution is covered by the same copyright terms except that the holder is Tim Hudson
(tjh@cryptsoft.com).
Copyright remains Eric Young’s, and as such any Copyright notices in the code are not to be
removed. If this package is used in a product, Eric Young should be given attribution as the author
of the parts of the library used. This can be in the form of a textual message at program startup
or in documentation (online or textual) provided with the package.
1. Redistributions of source code must retain the copyright notice, this list of conditions and the
following disclaimer.
distribution.
acknowledgement:
“This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)”
The word “cryptographic” can be left out if the routines from the library being used are not
cryptographic related :-).
4. If you include any Windows specific code (or a derivative thereof) from the apps directory
(application code) you must include an acknowledgement:
“This product includes software written by Tim Hudson (tjh@cryptsoft.com)”
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG “AS IS” AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
19
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE

USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The license and distribution terms for any publically available version or derivative of this code
cannot be changed. i.e. this code cannot simply be copied and put under another distribution
license [including the GNU Public License.]
Protocol Buffers (libprotobuf)

Copyright 2008, Google Inc.
■ Redistributions of source code must retain the above copyright notice, this list of conditions
■ Redistributions in binary form must reproduce the above copyright notice, this list of conditions
distribution.
■ Neither the name of Google Inc. nor the names of its contributors may be used to endorse or
promote products derived from this software without specific prior written permission.
Code generated by the Protocol Buffer compiler is owned by the owner of the input file used when
generating it. This code is not standalone and requires a support library to be linked with it. This
support library is itself covered by the above license.
pstdint
Copyright (c) 2005-2007 Paul Hsieh
and the following disclaimer in the DOCUMENTATION and/or other materials provided with
the distribution.
20
3. The name of the author may not be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
Simple ECMAScript Engine (SEE)

Copyright © 2003, 2004, 2005, 2006, 2007 David Leonard. All rights reserved.
distribution.
3. Neither the name of David Leonard nor the names of its contributors may be used to endorse
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS
IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
SQLCipher
Copyright © 2008-2012 Zetetic LLC
■ Redistributions of source code must retain the above copyright notice, this list of conditions
21
■ Redistributions in binary form must reproduce the above copyright notice, this list of conditions
distribution.
■ Neither the name of the ZETETIC LLC nor the names of its contributors may be used to endorse
THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY EXPRESS OR IMPLIED
NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
strcasestr.c
Copyright © 1990, 1993 The Regents of the University of California. All rights reserved.
This code is derived from software contributed to Berkeley by Chris Torek.
distribution.
3. Neither the name of the University nor the names of its contributors may be used to endorse
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS “AS IS” AND ANY
DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
DAMAGE.
Udis86
Copyright (c) 2002-2009 Vivek Thampi
22
distribution.
The views and conclusions contained in the software and documentation are those of the authors
and should not be interpreted as representing official policies, either expressed or implied, of the
FreeBSD Project.
Unicode
UNICODE, INC. LICENSE AGREEMENT – DATA FILES AND SOFTWARE
Unicode Data Files include all data files under the directories http://www.unicode.org/Public/,
http://www.unicode.org/reports/, and http://www.unicode.org/cldr/data/. Unicode Software includes
any source code published in the Unicode Standard or under the directories
http://www.unicode.org/Public/, http://www.unicode.org/reports/, and
http://www.unicode.org/cldr/data/.
NOTICE TO USER: Carefully read the following legal agreement. BY DOWNLOADING,
INSTALLING, COPYING OR OTHERWISE USING UNICODE INC.'S DATA FILES ("DATA
FILES"), AND/OR SOFTWARE ("SOFTWARE"), YOU UNEQUIVOCALLY ACCEPT, AND AGREE
TO BE BOUND BY, ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU
DO NOT AGREE, DO NOT DOWNLOAD, INSTALL, COPY, DISTRIBUTE OR USE THE DATA
FILES OR SOFTWARE.
COPYRIGHT AND PERMISSION NOTICE
Copyright © 1991–2007 Unicode, Inc. All rights reserved. Distributed under the Terms of Use in
http://www.unicode.org/copyright.html.
Permission is hereby granted, free of charge, to any person obtaining a copy of the Unicode data
files and any associated documentation (the "Data Files") or Unicode software and any associated
documentation (the "Software") to deal in the Data Files or Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of
the Data Files or Software, and to permit persons to whom the Data Files or Software are furnished
to do so, provided that (a) the above copyright notice(s) and this permission notice appear with
all copies of the Data Files or Software, (b) both the above copyright notice(s) and this permission
notice appear in associated documentation, and (c) there is clear notice in each modified Data
File or in the Software as well as in the documentation associated with the Data File(s) or Software
that the data or software has been modified.
23
THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS
INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR
CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THE DATA FILES OR SOFTWARE.
Except as contained in this notice, the name of a copyright holder shall not be used in advertising
or otherwise to promote the sale, use or other dealings in these Data Files or Software without
prior written authorization of the copyright holder.
UnRAR
The source code of UnRAR utility is freeware. This means:
1. All copyrights to RAR and the utility UnRAR are exclusively owned by the author - Alexander
Roshal.
2. The UnRAR sources may be used in any software to handle RAR archives without limitations
free of charge, but cannot be used to re-create the RAR compression algorithm, which is
proprietary. Distribution of modified UnRAR sources in separate form or as a part of other
software is permitted, provided that it is clearly stated in the documentation and source
comments that the code may not be used to develop a RAR (WinRAR) compatible archiver.
3. The UnRAR utility may be freely distributed. It is allowed to distribute UnRAR inside of other
software packages.
4. THE RAR ARCHIVER AND THE UnRAR UTILITY ARE DISTRIBUTED “AS IS”. NO
WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT YOUR OWN RISK.
THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS, DAMAGES, LOSS OF PROFITS
OR ANY OTHER KIND OF LOSS WHILE USING OR MISUSING THIS SOFTWARE.
5. Installing and using the UnRAR utility signifies acceptance of these terms and conditions of
the license.
6. If you don’t agree with terms of the license you must remove UnRAR files from your storage
devices and cease to use the utility.
Thank you for your interest in RAR and UnRAR.
Alexander L. Roshal
24

Sophos Endpoint Security and Control Standalone Startup Guide

Uploaded by

Copyright:

Available Formats

Sophos Endpoint Security and Control Standalone Startup Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sophos Endpoint Security and Control Standalone Startup Guide

Uploaded by

Copyright:

Available Formats

Sophos Endpoint Security

Product version: 10.3 and later

1 About this guide

2 Before you begin

2.1 System requirements

2.2 What you will need

3 Install Sophos Endpoint Security and

3.1 What do the notification area icons mean?

When on-access scanning is not running on your computer.

When Sophos Endpoint Security and Control fails to update itself.

4 Configure the firewall

4.1 Allow applications on Windows 7 or earlier

4.1.1 Deal with firewall messages

4.1.2 Enable applications to access the network or internet

4.2 Allow applications on Windows 8 or later

4.2.1 Allow applications one by one

4.2.2 Import firewall configuration from another computer

4.3 Block unknown applications

3. In the General tab, under Configuration, click Configure.

Boost C++ Libraries

Common Public License

July 22, 1999

IEEE Software Taggant Library

OF NON-INFRINGEMENT; AND (C) ANY WARRANTY WITH RESPECT TO THE QUALITY,

Mersenne Twister (mt19937ar.c)

OpenSSL Cryptography and SSL/TLS Toolkit

DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE

Protocol Buffers (libprotobuf)

Simple ECMAScript Engine (SEE)

You might also like