Sophos Endpoint Security and Data Protection is a multifaceted endpoint protection suite featuring malware protection, application control, device control, client firewall, data control, host intrusion prevention system (HIPS) and network access control (NAC), all within a centralized suite. The endpoint agents can be deployed to Windows, Linux, Unix, Mac and others for a total of up to 25 platforms. The backend management console is typically installed on a Windows server-class platform using Microsoft SQL Server.
The management console - Sophos Enterprise Console (SEC) - and database install quickly. The SEC is fairly easy to navigate, and administrators will find themselves up and running with little effort. The SEC is client/server-based with the only slight nuance here being the NAC administration component, which is a separate web interface. This was slightly confusing as it feels a bit disjointed from the rest of the administrator user interface.
Capitalizing on Sophos' anti-virus product line, this particular suite has many modular components that will be attractive for customers looking to converge or replace their anti-virus solution altogether, while adding more security features - without the need for several disparate deployments. Not only are the agents simple and easy to deploy across the environment using Active Directory or other methods, all of the protection mechanisms are policy driven, and the security features are numerous. The solution includes protection from malware, as well as capabilities to ensure processes and files cannot be changed or altered. Sophos also includes cloud-based technologies to add reputation scoring for URLs and recent threats that may affect customers. The solution also includes functionality to lock down devices, ports, applications, as well as protection from sensitive data leakage. The number of features is impressive for one single agent.