Sophos Endpoint Security & Control
Strengths: Very nice product for AV, firewall, NAC, HIPS and application control.
Weaknesses: No device, port or encryption support.
Verdict: A must buy for a solution to complement a port and device management solution.
SummarySophos Endpoint Security and Control v8.0 uses a single agent deployment to provide anti-virus, anti-spyware/adware, host intrusion prevention, application control, device control, endpoint assessment/NAC and firewall. Sophos Enterprise Console automates the deployment, management and updating of Sophos Endpoint Security and Control across Windows, Linux and Mac OS X computers.
The application load requires either an SQL or a MSDE database. Be careful and note that during the installation, Sophos asks you to allow them to send your user information to Sophos for customer service purposes. We chose not to allow this feature. We ran the update wizard and performed the NAC Manager install to complete the server load.
We were pleased with the management dashboard. It was tunable and very intuitive. AD integration was used to build our client list. We could push clients to our endpoints and even had the option to remove other third-party packages installed. For large environments, you can use groups and assign policy to groups and automatically have the agents pushed when new systems appear in that group. You will have to allow file sharing on the endpoint to use this option. This tool also has support for Mac and Linux endpoints.
Reporting is granular and flexible. Numerous reports exist as standard reports, custom reports can be generated, and options for exporting those reports are available. Also, reports can be displayed in chart form. The dashboard look and feel works for this product. Alerting is available per category through email messages.
The documentation was complete and we did reference it during our testing. Sophos provided 24/7 access to engineers with standard support that is included with the license, and updated offerings are available.
This solution is one of the better network and host-based solutions we reviewed. There was no support for encryption of port management, but the offering is complete and feature-rich in the network and host-based categories. Sophos Endpoint Security and Control v8.0 is easy to use, very tunable, has great alerting and reporting, and is priced in the middle of the pack.