How to Install Sophos AntiVirus on Ubuntu 18.04


Hello there. Today, we are going to learn how to install Sophos antivirus on Ubuntu 18.04. Linux is considered to be more secure than other Operating Systems and hence can be used to host major business critical applications. As a result, it has become a major target for crackers. In that regard, Sophos Antivirus is a free Linux malware Scanner that detects, blocks and removes malware from Linux systems.

Sophos Antivirus operates in three modes;

  • On-demand scanner – can be launched anytime to scan the system or its parts.
  • As a daemon – Runs in the background to provide control, logging, and email alerting.
  • On-access scanner where it can scan files as they are accessed, and grants access to threat free files.

Install Sophos AntiVirus on Ubuntu 18.04

Download Sophos Tarball

In order to install Sophos Antivirus on Ubuntu 18.04, you need to register on the Sophos official website. accept the EULA and proceed to download the Sophos Antivirus tarball.

Once the download is done, extract the tarball.

tar xzf sav-linux-free-9.tgz

Navigate to the tarball directory and run the install script as shown below to install Sophos Antivirus on Ubuntu 18.04.

cd sophos-av
sudo ./

Accept Sophos EULA

Once the installer runs, you will be presented with End user license Agreement. Scroll through it and accept it to proceed with installation.

I accept the Sophos End User License Agreement and acknowledge the Sophos Privacy Policy. Yes(Y)/No(N) [N]
> Y

Select the install location. By default, the install location is set to /opt/sophos-av. Hence press enter to accept this location or choose your preferred.

Where do you want to install Sophos Anti-Virus? [/opt/sophos-av]

Next, you are prompted on whether to activate the on-access scan mode. Press enter to enable this mode;

Do you want to enable on-access scanning? Yes(Y)/No(N) [Y]

On the next prompt, configure Sophos Anti-Virus auto-updates. Press enter to accept auto updates from Sophos directly.

Sophos recommends that you configure Sophos Anti-Virus to auto-update.

It can update either from Sophos directly (requiring username/password details) or from your own server (directory or website (possibly requiring

Which type of auto-updating do you want? From Sophos(s)/From own server(o)/None(n) [s]

After that, select the free version of Sophos Antivirus installation.

Do you wish to install the Free (f) or Supported (s) version of SAV for Linux? [s]
> f

Next, configure proxy settings if at all Sophos updates can only be pulled with access via proxy. In this, i got no proxy and hence, press enter to accept No.

Forums are available for our free tools at
Do you need a proxy to access Sophos updates? Yes(Y)/No(N) [N]

After all that, installation will proceed and if everything is fine, you should see the output below;

Fetching free update credentials.
Installing Sophos Anti-Virus....
Selecting appropriate kernel support...

Installation completed.
Your computer is now protected by Sophos Anti-Virus.

Well, Sophos Antivirus has been installed on Ubuntu 18.04 and is now protecting your system against threats.

The configuration files are located under /opt/sophos-av/etc/. All the commands necessary for managing Sophos Antivirus are installed at /opt/sophos-av/bin/. The available commands include savconfig, savdctl, savdstatus, savlog, savscan, savsetup, savupdate. To learn about what each does, check their man pages.

As an overview before we can wrap up the tutorial, let us see a few example usage of these commands.

Check whether Sophos Antivirus is running;

Sophos Anti-Virus is active and on-access scanning is running

To enable or disable Sophos Antivirus service to run on boot.

/opt/sophos-av/bin/savdctl enableOnBoot savd
/opt/sophos-av/bin/savdctl disableOnBoot savd

To enable or disable Sophos Antivirus on-access mode;

/opt/sophos-av/bin/savdctl enable
/opt/sophos-av/bin/savdctl disable

To run on demand scan, use the savscan command. You can download anti-malware test files from EICAR downloads page.

savscan /home/amos
Quick Scanning

>>> Virus 'EICAR-AV-Test' found in file /home/amos/

17 files scanned in 7 seconds.
1 virus was discovered.
1 file out of 17 was infected.
If you need further advice regarding any detections please visit our
Threat Center at:
End of Scan.

That is all about how to install Sophos Antivirus on Ubuntu 18.04. Feel free to explore this awesome tool. Happy threat hunting.


We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
I am the Co-founder of, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

3 thoughts on “How to Install Sophos AntiVirus on Ubuntu 18.04”

Leave a Comment