Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
williasthomas192004
New Contributor III

Created on ‎01-14-2026 08:04 PM

FortiNAC Posture Check Cannot Detect Sophos Endpoint Using Dissolvable Agent

Post Content:
Hello Fortinet Team,

I am using FortiNAC posture assessment to check for Sophos Endpoint on client devices.

Expected behavior:
If Sophos is installed → posture scan should pass and device should be allowed on the network.

Actual behavior:
Even though Sophos Endpoint is installed and running on the client, the posture scan fails when using the dissolvable agent. FortiNAC reports Sophos as not detected.

Environment details:

  • FortiNAC version: [your version]

  • Endpoint OS: Windows [10/11]

  • Sophos product: [Sophos Endpoint / Intercept X / Central]

  • Posture method: Dissolvable Agent

Troubleshooting done:

  • Verified Sophos service is running

  • Confirmed Sophos is visible in Programs & Features

  • Posture policy configured for Sophos AV

  • Issue persists on multiple devices

Questions:

  1. Is the dissolvable agent fully supported for detecting Sophos Endpoint?

  2. Are there known limitations with Sophos Tamper Protection?

  3. Is persistent agent required for reliable Sophos detection?

  4. Are custom registry checks recommended for newer Sophos versions?

Any guidance or best practice would be greatly appreciated.

Thank you.viber_image_2026-01-13_16-39-22-747.jpg

IT Support
IT Support
Labels:
74
0 Kudos
1 REPLY 1
ebilcari
Staff
Staff

Created on ‎01-15-2026 07:36 AM

There was a recent change made by Sophos in November of last year, and the changes are already included in the latest definitions. Make sure that FNAC can successfully run the 'Auto-Definition Synchronizer' from Scheduler.
Technically, the DA should perform the same checks as the PA, but it may be limited. To get more details, try enabling the DA logs as shown here: Troubleshooting Tip: Agent logs on end hosts

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
37
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.