Sophos product have an option to use Win10 antimalware feature - AMSI. Which apparently preventing Dagent service to establish a connection. There was a similar issue with McAfee as well. See 175885 "GSS 3.x - Dagent is not connected to engine on latest Windows 10 with McAfee Antivirus"
GSS 3.3 x
Sophos has a recent release that is conflicting with DAgent in GSS. They have a KB on it https://community.sophos.com/kb/en-us/134719#How%20do%20I%20disable%20Sophos%20AMSI%20Protection
"Are there any known issues that I should be aware of The Altiris Deployment Agent service hangs when the Sophos AMSI Provider dll is registered. This is currently under investigation by Sophos Development. To mitigate the problem the Sophos AMSI Provider dll can be unregistered."