Sophos Anti-Virus Enterprise 6 review
The previous release of Sophos’ anti-virus product was a solid performer, with support for a wide range of systems. However, it lacked support for the increasing numbers of 64-bit Windows systems coming on stream. This latest release remedies this omission and adds other new features, including adware detection and removal, complete Registry clean-ups after removing files and processes associated with worms and viruses, and support for Cisco Network Admission Control.
Installation is straightforward but lengthy. The default setup values are appropriate for most installations, and the entire process is well documented in the printed manuals. The system would normally be set up with the Enterprise Management Library and its Console software installed on a Windows server, with the Enterprise Console installed on a separate workstation. But both components can be installed on the server if required. The Enterprise Management Library is a central repository for the anti-virus software and signature files retrieved from Sophos’ servers at specified intervals. All the workstations retrieve their software and signature file updates from the library rather than from the internet, saving bandwidth. The Enterprise Console manages the workstations, allowing you to install the anti-virus software to them, to schedule software updates and virus scans, and to monitor system status across the network.
Systems can be organised into groups for easier administration. Each group can have up to three policies associated with it. Default policies are available, but new ones can be created as required. Update policies determine how often the system will check for a software or signature file update. Giving each group its own update policy instead, using the system default, allows the network administrator to spread the load on the network and library server. Anti-virus policies schedule system scans and scanning levels, determine exclusion lists and what to do when a virus is found, while firewall policies configure the Sophos client firewall software if it’s installed.
A new feature is the option to clean up an infected computer from the console. This option is only available for Windows 2000 and later systems, and earlier systems will still need to be treated locally. The automatic file clean-up feature is still available, and there are various options to handle the infected file if this fails.
The system maintains historical data for up to 12 months at a time. Although primarily a management tool to measure effectiveness, it could also be used in tracking down the cause of any re-infections that might occur. When viewed onscreen, the individual virus or malware names are hyperlinks to Sophos’ website, pulling down detailed descriptions of the offending items.
The local scanners don’t operate on email messages. Saved attachments will be scanned before execution in the normal way, but those opened directly from the message won’t. It’s assumed that your local mail server already has anti-virus capabilities. However, Sophos offers a separate module, Pure Message, to handle these duties at the mail server, but at an extra cost. With its wide platform support, Sophos’ latest release should appeal to installations running a mix of operating systems that need one solution to cover them all.