Sophos Endpoint Protection v10
August 01, 2012
Endpoint Protection - Advanced: $35.75 per user/per year; Endpoint Protection - Business (replaces Basic): $22.50 per user/per year
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Layers of protection; strong data leakage-like features.
- Weaknesses: Not many, reporting may have been a bit light.
- Verdict: Full-service offering priced very well for all the features it provides.
Sophos Endpoint Protection v10 provides a single, automated console for Windows, Mac, Unix, Linux and virtual platforms to centrally manage anti-virus, firewall, intrusion prevention, web protection, patch management, encryption, device management and application management.
Sophos Central Management Console requires Windows Server 2003/2008/2008 R2, plus SQL Server/Express. The install is automated, but does take some time. We were up and running in about 45 minutes. Once installed, we accessed the console and were provided a wizard to do our setup and configuration. Sophos Enterprise Console (SEC) automates the deployment, management and updating of protection across Windows, Mac, Linux and UNIX machines all from a central point. SEC manages policies for anti-virus; host-based intrusion prevention systems (HIPS); application, device and data control; and firewall and tamper protection.
Endpoint discovery was easy with support for Active Directory integration, IP discovery and even network sniffing capabilities to find endpoints. We found a number of built-in wizards for configuring the various protection areas.
The firewall module was done particularly well. Firewall configuration can be done through templates, wizards and simple mouse-click programming. There were a lot of protections available to deploy. Version 10 of Sophos Endpoint Protection has added patch assessment, web filtering and full-disk encryption. Alongside the existing support mentioned above, this solution offered a substantial amount of protection services on the endpoint. All of the protection offerings were well done and simple to configure and deploy. The device control was pretty granular.
We really liked the Data Control. It provided a data leakage-like service in that users can configure numerous prebuilt templates to look for things like bank routing numbers, credit card numbers and other personal information. Admins can even create their own rules or search strings for items to be monitored or block based on key words or content. The encryption capability provided a pleasing feature to force encryption before sending certain information - again, a lot of base rules were provided with the ability to add or customize as required. HIPS ensured that malicious system processes cannot be launched in the background, and memory for existing running processes cannot be changed to inject malicious code. The application control, patch management and web control were all easily configured with plenty of default or templated content to use.
Alerting is configurable and available via email. The user-interface dashboards provide summary visualization into top alerts, thresholds and measures. We didn't find a lot of ability to customize the dashboards. Standard reports are available. Reporting templates were light - a handful available out of the box. Users can customize their own reports.
Basic support comes with the product and provides 24/7 phone assistance, an online knowledge base and access to Sophos Community. Platinum and premium support offerings are available, although fees were not provided. Documentation was a bit light on the administration side, but we had everything we needed to get installed and running.
This is a feature-rich offering and all the components perform well; combined, this provides several layers of endpoint protection at an attractive price point.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context