What is Sophos Endpoint Protection? #
Sophos Endpoint Protection provides anti-malware, application control, data loss prevention (DLP), intrusion prevention (IPS), and mobile device management.
Why Should You Use the Sophos Endpoint Protection Connector? #
The Sophos Endpoint Protection connector provides visibility into the assets in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
derive relationships between assets, users, applications, and data
How Does This Connector Work? #
Lucidum executes read-only requests to the Sophos Endpoint Protection REST API and ingests only meta-data about Sophos Endpoint Protection devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
URL |
The URL for the Sophos Central API. |
https://api-lucidum.central.sophos.com |
|
API Version |
DEfault version is v1 |
v1 |
|
Authorization Text |
The Authorization text (starts with “Basic”) provided as part of the API Token Summary in the Sophos Central Admin when generating an API token. |
|
|
API Key |
The x-api-key provided as part of the API Token Summary in the Sophos Central Admin when generating an API token. |
************ |
Source Documentation #
Creating Authorization Text and API Key for Sophos Endpoint Protection #
-
Log in to the Sophos Central Admin
-
Select Global Settings.
-
Select API Token Management.
-
Click Add Token.
-
Enter a name for the token and click Save.
-
The API Token Summary page appears.
-
From the API Token Summary, copy the following:
-
Authorization. Copy the authorization text (starts with “Basic”) and save it on your local computer. You must enter this value when configuring the Lucidum connector.
-
x-api-key. Copy the x-api-key and save it on your local computer. You must enter this value when configuring the Lucidum connector.
