Sophos – End Point Protection

Sophos is leader in providing Information & Infrastructure Security Solution. Sophos has been securing organizations for over 25+ years. Today Sophos protects over 100,000 businesses and 100 million users, in more than 150 countries.

Sophos is also the power behind many branded security solutions, working with a range of technology partners who integrate with our powerful anti-malware and anti-spam engines into their products and services like Cisco, IBM, Juniper, Citrix, Lenovo, WebSense, FireEye etc.

We engineer our products to eliminate complexity. The result is you’ll get advanced protection you can actually use. Security shouldn’t get in the way, so we keep resource impact low. Plus, we work to make deployment, policy setting and cleanup easy. We give you protection wherever you need it: computers, laptops, virtual desktops and servers, mobile devices, and your network, web and email gateway.

Sophos has best in class renewal rate [90+%] which shows faith & trust of our Enterprise Customers on our Technology & Brand.

Technical Details on Sophos Endpoint Protection :


Sophos Unique Value Proposition

Differentiator How Sophos does it better
1 Upgrade & Update Lowest Update & Upgrade – Approximate 60-70 KB in a day Vs 5-10 MB of Existing Lagacy Anti Virus Solution
2 Web Protection Sophos integrates web protection at the endpoint. Web malware scanning with script mulation and behavioral analysis blocks malware even on reputable sites.Live URL Filtering blocks known malicious sites. Cross-browser support and no plug-ins required.
3 Web Productivity Filtering Flexibility. ‘Inappropriate Site Filtering’ blocks potentially unwanted sites categories such as adult, gambling, hate, crime directly at the endpoint inside or outside the network. Makes essential web protection easy and affordable. ‘Full Web Control’ enables web policies created on Sophos Web Appliances to be enforced on roaming laptops. Policy updates and user-activity data sync’d securely through the cloud in real-time but without any data retained in the cloud. Provides complete web protection everywhere you go.
4 DLP and Device Control Reduce the risk of infection and data loss through device control and host data loss prevention. Device Control : We enable you to define which storage devices or network interfaces to block, set to read only or allow full access to. Exceptions for specific devices can be easily retrieved from the event log.  DLP : Predefined DLP rules and sensitive data definitions from SophosLabs make it simple to detect sensitive data. It helps prevent data loss via email, webmail, IM or removable storage.
5 Application control Administrators can control installation, track usage or block execution of more than 1000 applications within a few clicks using SophosLabs-maintained applications list.Sophos application control effectively reduces the risk of data loss and controls employee productivity while administrative effort is kept to a minimum.
6 Malware control Administrators can perform targeted remote malware cleanup and PUA authorization for the entire network within a few clicks using Enterprise Console.
7 Patch Assessment Sophos assess patches for key exploited venders like Adobe, Mozilla, Oracle, Apple etc [11 Plus Vender] – Not Just Microsoft. Beauty is, Sophos leverages the existing Endpoint Agent to report compliance. Sophos users live threat intelligence from Sophos Labs to prioritize patches for you, This allows you to prioritize patches for vulnerabilities that are actively being exploited or are easy to exploit
8 Broad Multi-Platform Management The Sophos Enterprise Console can manage all endpoints, using the same easy-to-use controls, regardless of whether they run Windows, MAC, Linux or Unix
9 Support for Virtualized Environment Best Performance: The Tolly group testing shows that we have the least impact on on-access performance – the scan that affects end users 90% Plus on the time. Our Virtualization scan controller is simple to configure and avoids AV Storm. Lower Memory Footprint: VMware memory sharing – Sophos can reduce memory footprint by up to 50% using VM memory sharing with the guest virtual machine running Windows XP or earlier.
10 Visibility and Action Sophos Security Dashboard, SmartViews, and automatic email alerts give administrators instant access to current security status. Administrators can take immediate action on errors and detected suspicious files, processes shown in the dashboard
11 Protection Deployment Networks are kept protected with minimal effort through the support of Active Directory synchronization and automated deployment, while AD, IP Range and NetBIOS Based on-demand deployment is also supported.


Sophos End User [Desktop – Laptop - Mobile] Protection Licensing Option


Sophos Endpoint Protection Suite
Technical Feature End Point Protection – Standard End Point Protection – Advance End User Protection End User Protection and Encryption End User Protection and Encryption Enterprise
Endpoint Protection – AV, AS, HIPS, Device Control Yes Yes Yes Yes Yes
Web Protection & Application Control on Endpoint Yes Yes Yes Yes Yes
Endpoint DLP Yes Yes Yes Yes
Patch Assessment Yes Yes Yes Yes
SafeGuard Disk Encryption     Yes Yes
SafeGuard Removable Media, File Shares & Cloud Storage Encryption       Yes
Sophos Mobile Management, Application Management   Yes Yes  
Sophos Mobile Security & Web Filtering for Android, Encryption for iOS       Yes
Home User Licenses along with Enterprise Aggrement Yes Yes Yes Yes Yes


Gartner’s View on Sophos Endpoint Solution

Download Gartner 2014 Magic Quadrant Report:

  • Sophos is one of a few companies in Endpoint Solution Magic Quadrant that sells exclusively to enterprise markets.
  • Sophos is in the leader quadrant of the Gartner Magic Quadrant (MQ) for Endpoint Protection for the sixth consecutive year
  • Sophos is branching out into the network security market, with a longer-term goal to provide a consolidated network and endpoint security solution that is differentiated by ease of use and out-of-the-box integration
  • The vendor primarily appeals to buyers who want simplified administration and management with solid support.
  • Sophos’ management interface is, by design, very easy to use and highly capable out of the box, without excessive fine-tuning.
  • Sophos also provides a vulnerability monitoring solution to reduce the attack surface of PCs.
  • Data protection is enhanced with an increasing range of DLP features and context-driven encryption policies, which can be applied to data written to removable media.
  • Sophos has added Sophos Antivirus for vShield to provide agentless antivirus for VMware environments. This is included as standard in Sophos Server Protection, as well as in select endpoint protection suite licenses.
  • Client-based URL filtering blocks known malicious sites, and Sophos is integrating its EPP with its Web and firewall gateway products to provide a more holistic security solution.

End User Protection Suite Buyers Guide

Updating And Infrastructure Case Study