Sophos Endpoint Security and Data Protection 9.7 review
Sophos Endpoint Security and Data Protection (ESDP) 9.7 takes the company’s well-respected antivirus software and combines it with a remarkable range of security measures. A licence gets you a desktop firewall, intrusion prevention, controls for removable devices, data and applications, plus Network Access Control (NAC), and even centrally managed disk encryption.
Installation of all of this is straightforward. You load the Enterprise Console onto a designated management system, then introduce your client systems to it. Sophos provides an import wizard that works directly with Active Directory, and we had no problems selecting our AD Computers container and adding all our Windows XP, 7, Server 2003 and Server 2008 R2 systems to the console.
To deploy the agent, you select all of the required systems from the lower pane and choose the Protect Computer menu option. Before doing this, work was needed on our Windows 7 systems, as we had to enable the remote registry service, turn off UAC and modify the advanced share settings.
Once the agent had been loaded, each system was added into a new group in the console, ready to receive its instructions. Policies are used to control endpoints, and ESDP comes with a set of predefined ones, although you can create custom policies.
An update policy is enabled by default, and defines how often group members receive software updates. Other active policies are antivirus, intrusion prevention and the firewall. Policies for application, device and data control, and tamper protection are disabled by default.
For antivirus prevention policies, you can decide how infected files are handled, create schedules for full system scans and set up email alerts. Live protection can be enabled, so that if ESDP can’t identify a suspicious file from the local signature files it will pop online and check it against Sophos’ hosted database service.
ESDP had no problems when we introduced some genuine viruses to our endpoints; these were blocked and placed in a local quarantine area. The agent notified the console each time, flagging up a virus alert within seconds.
For application control policies, Sophos includes a heap of predefined applications, which is just as well, as you can’t add your own. We were able to block access to utilities such as FTP clients, email apps and various browsers, although for Microsoft Office you can only block the entire suite.
|Software subcategory||Internet security|