Sophos Endpoint Security and Control is an integrated endpoint security system aimed at small and large enterprises needing to secure the desktops and laptops of employees, contractors, partners and guest visitors.
The package was updated in September to incorporate malicious script and rootkit detection, and consists of Enterprise Console, Anti-Virus, Client Firewall and Network Admission Control.
Sophos says that Enterprise Console can manage "tens of thousands" of desktop systems, all from a single console. The system can be used to manage Linux, Mac OS X, NetApp Storage Systems, Netware, Unix, Windows and Windows Mobile.
Users can be prevented from attaching removable storage devices or installing applications which IT managers do not want running on their networks, such as games, instant messaging and VoIP clients.
Email and Simple Network Management Protocol messages can be displayed on systems which have malware, or any administrator-defined unwanted applications installed or running on the network.
We looked at version 8.0 installed on a Windows Server 2003 R2 system running Dynamic Host Configuration Protocol, Domain Name Services and Active Directory.
Installation was quick and easy, and loading the Enterprise Console allows you to create what Sophos calls a 'library' which stores and deploys software and security updates from the Sophos web site.
If your network is a large one, so-called 'child' libraries can be set up to bridge subnets and take the strain off your main 'central installation directory'.
Storing all the data used for reporting from Sophos' scanning engines requires an SQL Server database. For small firms the standard Microsoft SQL Server Desktop Engine should suffice, but larger firms will probably want to hold data in an enterprise SQL Server database version 2000 or 2005.
We could create a group to contain the desktop systems which were members of our Active Directory domain, and then scan the network by specifying an IP address range for Endpoint Security and Control to use, or simply synchronising with Active Directory.
After the group was set up it was simple to scan for problems, such as the lack of security updates or the presence of any malware.
This quick look at the Sophos system showed it as easy to manage and likely to replace a lot of point products in enterprises. The full review later will have details on how the system can lock down devices and how the Sophos' Network Admission Control server performs.
See also:
Malware responsible for 60 per cent of all attacks during the month 01 Oct 2008
Security giant seeks to extend network security offerings 22 Sep 2008
All Antivirus & Firewalls Tags: Sophos, Nac, Active-directory, Anti-virus, Malware, Security, Software
del.icio.us
Digg this
reddit!
