Let Oomnitza be your single source of truth!
You'll get visibility of your devices as data from Sophos Endpoint Security is automatically transformed into consumable information and actionable insights.
Manage endpoints in Sophos
Oomnitza supports bi-directional APIs to manage configuration and other changes to devices in Sophos.
Connect Oomnitza and Sophos in minutes
Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:
- Configurable dashboards and list views of key asset and user information
- Configurable reports to share information about your assets and software with your colleagues and management
-
Configurable workflows that you can create such as:
- Workflows for isolating endpoints and removing endpoints from isolation
- Workflows for enabling tamper protection and removing tamper protection for an endpoint
- Workflows for deleting endpoints
- Workflows for deactivating and deleting users
Tip
You can also configure a link in Oomnitza to view an asset in Sophos Central. See Open an asset in Sophos Central.
Learn more about Sophos
Before you start
Check out the following links before you get started with your integration.
Useful links
Setting up Oomnitza extended connectors
Getting started as a Sophos tenant
To integrate Sophos Endpoint Manager with Oomnitza, you need to know;
- Your tenant ID. For further information, refer to the Sophos API Documentation: Find your Tenant ID.
- Your data region For example, if the URL for your data region is https://api- us03 .central.sophos.com you enter us03 as the data region.
Procedure
- Log into Oomnitza.
- Click Configuration > General > Global Settings.
- Click Add new variable (+).
- Add the following two variables and their values:
- Sophos.DataRegion
- Sophos.TenantId
- Save your changes.
Add credentials to the vault in Oomnitza
To stream Sophos Endpoint Security data into Oomnitza, you must create and then add 0Auth 2.0 credentials to the Oomnitza vault.
Learn how to create OAuth 2.0 credentials for Sophos. You must have Super Admin privileges in Sophos to create the credentials.
Procedure
- In Oomnitza, click Configuration > Security > Credentials.
- Click Add new credential (+).
- Click the integration, and then click the forward button >.
- Enter the name of the credentials.
- Enter your client credentials and any other additional information.
- Click Authenticate. You are prompted to log in to authorize your request.
- Click CREATE.
Information
If the integration is not listed, click Advanced Mode, and add your credentials.
- In the INFORMATION tab, add a name for the connection and choose an owner. The owner must have been added to the People page in Oomnitza.
- In the AUTHORIZATION tab, complete these actions:
- Select OAuth 2.0 as the authorization protocol.
- Select Sophos as the SaaS.
- Enter your client ID and secret.
- Authenticate and click Save.
See Oomnitza vault
Next step
You use the credentials that you added to create and customize your Sophos Endpoint Security integration with Oomnitza.
Integrate Sophos Endpoint Security with Oomnitza
- In Oomnitza, click Configuration> Integrations> Overview.
- Click Integrations List View.
- Scroll down to the Extended section for asset integrations.
- Click NEW INTEGRATION.
- Select the integration in the sidebar.
- Click ADD.
Integration Overview
About this task
More information is provided about the following fields to help you complete the integration:
- Integration preferences: By default, Create and Update is selected. To ensure that only live user records are synced with Oomnitza, select Update Only. When you run the integration, you can check the error logs to see the records records that weren't uploaded and why they weren't uploaded. Then, you can decide whether to upload the user records that were skipped by changing your integration preference back to Create and Update.
Integration details
Procedure
To review or update the integrations details, click the pencil:
- Enter the name of the integration.
- For installation type, ensure that Cloud is selected.
- For integration preferences, select Update Only or go with the default.
- Enter the name of the integration user.
Credential details
Choose one of the following options:
- Select the credentials that were created for the integration.
- Edit the credentials that were created for the integration.
- Create new credentials
Schedule
For information on scheduling, see Running an extended integration.
Mappings
To map the fields to Oomnitza, click the pencil.
Creating custom mappings
Map the Sophos Endpoint Security fields to the Oomnitza fields and create custom mappings to get the information that you need to manage your assets.
See Mapping
Sophos Endpoint Security fields that are mapped to Oomnitza
Asset ID
Asset Type
Build Number
Connector Sync Time
Health Overall
Hostname
Is Server
Is Tamper Protection Enabled
Last Seen At
OS Major Version
OS Minor Version
OS Name
Platform
Services Status
Tenant ID
Threats Status
User's ID
User's Name
Custom mappings
Need to map more fields to Oomnitza? Contact Oomnitza Support.
Use presets to create workflows
Reduce costs and save time by creating workflows with the following Oomnitza presets to automate administration and management tasks:
- Sophos Delete Endpoint
- Sophos Delete User
- Sophos Isolate Endpoint
- Sophos Remove Endpoint from Isolation
- Sophos Enable Tamper Protection for Endpoint
- Sophos Remove Tamper Protection from Endpoint
- Sophos User Role
Sophos Delete Endpoint
You can create a workflow that uses Sophos Delete Endpoint to delete an endpoint in Sophos. For example, you can use this preset to create workflows when an asset is flagged as lost, stolen, or destroyed. For this preset, the data region and tenant ID as defined in Global Settings is referenced as is the, sophos_asset_id field which is mapped to the Asset ID field in Oomnitza.
See Sophos Endpoint API - Delete Endpoints
See Add workflows using the API block
Sophos Delete User
You can create a workflow that uses Sophos Delete User to delete a user in Sophos.
See Add workflows using the API block
Sophos Isolate Endpoint
You can create a workflow that uses Sophos Isolate Endpoint to trigger the isolation of an endpoint in Sophos. For this preset, the data region and tenant ID as defined in Global Settings is referenced as is the, sophos_asset_id field which is mapped to the Asset ID field in Oomnitza.
See Add workflows using the API block
Sophos Remove Endpoint from Isolation
You can create a workflow that uses Sophos Remove Endpoint from Isolation to trigger the removal of an endpoint from isolation. In effect, this preset reverses the isolation of an endpoint and uses the same settings as Sophos Isolate Endpoint.
See Add workflows using the API block
Sophos Enable Tamper Protection for Endpoint
You can create a workflow that uses Sophos Enable Tamper Protection for Endpoint to enable tamper protection on a specified endpoint and require a new password to be generated. In effect, this preset reverses the isolation of an endpoint and uses the same settings as Sophos Remove Tamper Protection from Endpoint.
See Add workflows using the API block
Sophos Remove Tamper Protection from Endpoint
You can create a workflow that uses Sophos Remove Tamper Protection from Endpoint to trigger the removal of tamper protection from an endpoint so that a local admin user can uninstall the Sophos software. For this preset, the data region and tenant ID as defined in Global Settings is referenced as is the, sophos_asset_id field which is mapped to the Asset ID field in Oomnitza.
See Add workflows using the API block
Sophos User Role
You can create a workflow that uses the Sophos User Role to deactivate Sophos users.
See Add workflows using the SaaS User Role retrieval block
Other useful links
Add workflows using the API block
Complete these actions:
Add a workflow
- Click Configuration > Workflows > Assets > .
- Click Add (+).
- Enter the name and description of the workflow, and click Add new. A Begin and an End block are added to the sandbox.
Edit the Begin block
- On the Begin block, click Edit.
- Click ADD RULE to define the rules that will trigger the workflow.
- Click SAVE.
Choose a workflow action
- Drag and drop the API block onto the sandbox.
- On the API block, click Edit.
- To choose a workflow action, enter Sophos in the search field.
- Chose one of the following workflow actions:
- Sophos Delete Endpoint
- Sophos Delete User
- Sophos Enable Tamper Protection for Endpoint
- Sophos Isolate Endpoint
- Sophos Remove Endpoint from Isolation
- Sophos Remove Tamper Protection from Endpoint
- Click the right arrow (>), select the credentials that you added to Oomnitza.
- Click SAVE.
Before you validate and save your workflow, you must connect the Begin, API, and End blocks.
Add workflows using the SaaS User Role retrieval block
Complete these actions:
Add a workflow
- Click Configuration > Workflows > SaaS Users.
- Click Add (+).
- Enter the name and description of the workflow, and click Add new. A Begin and an End block are added to the sandbox.
Edit the Begin block
- On the Begin block, click Edit.
- Click ADD RULE to define the rules that will trigger the workflow.
- Click SAVE.
Choose a workflow action
- Drag and drop the SaaS User Role retrieval block onto the sandbox.
- On the SaaS User Role retrieval block, click Edit.
- To choose a workflow action, enter Sophos in the search field.
- Choose Sophos User Role.
- Click the right arrow (>), select the credentials that you added to Oomnitza.
- Click SAVE.
Before you validate and save your workflow, you must connect the Begin, SaaS User Role retrieval, and End blocks.
Open asset in Sophos Central
To open a view of the asset in Sophos Central, complete these steps in Oomnitza:
- Click Assets and select an asset.
- Click Configure the view.
- Click Add Link.
- Enter the name of the label such as Sophos Central.
-
Enter this URL:
https://central.sophos.com/manage/devices/computers/ {{sophos_asset_id}} /summary
A link to open summary information about the asset in Sophos Central is automatically created. - Click SAVE.
See Adding links to field groups in Customizing Screens in Oomnitza
Unleash the power of Oomnitza
To get valuable actionable insights that help you manage your assets, learn how to:
- Configure dashboards for your assets and software
- Configure custom reports about your assets and software
See Getting started.
Comments
0 comments
Please sign in to leave a comment.