Sophos Endpoint Protection software bundle fully integrates the following components:
• Anti-virus. Sophos Antivirus detects, blocks and cleans up known or unknown threats, including virus, spyware, adware, and potentially unwanted applications. It also monitors applications launched on the endpoints, removable devices and data that are forwarded or transmitted.
• Host Intrusion Prevention System (HIPS). HIPS dynamically analyze the behavior of programs running on the system in order to detect and block activities which appears to be malicious.
• Client Firewall. Monitors application behavior, hardens computers and protects networks against Internet worms, hackers and infections transmitted through compromised computers.
• Application Control. Monitor and prevent users from running applications that may affect productivity or network performance in an enterprise environment. Application Control can also enforce company policies as well as reduce security risks.
• Device control. Managed access to removable media and mobile devices. It enables to define which computers have access to specific removable devices. Device Control can stop data loss by not allowing using specific devices and also spreading of malware which uses removable media to infect computers. Devices that can be managed are:
• Secure removable storage.
• CD and DVD devices.
• Infrared devices.
• Wi-Fi devices.
• Bluetooth interfaces.
• Web Protection. Controls internet use for users by blocking access to unauthorized and infected web sites. Also provides category-based web filtering that is enforced on endpoints when they are both on and off the corporate network.
• Data Loss Prevention (DLP). Prevents data leakage of sensitive information. SophosLabs have developed many pre-configured CCLs (Content Control List), such as credit card numbers, bank account numbers, social security numbers, addresses, phone numbers, postal codes defined by countries such as France, England, Germany, USA, etc...If a desired format is not predefined, custom content rules can be defined using wizard provided for this purpose.
• Patch Assessment. Checks for security patches from Microsoft and other vendors and keeps informed about the risks level, allowing to focus remediation efforts on the most exposed environments.
• Tamper protection. Prevents unauthorized users and known malware from uninstalling Sophos security software or disabling it through the Sophos Endpoint Security and Control interface.
Key components of Sophos Endpoint Protection suite are:
• Management console – Sophos Enterprise Console.
• Endpoint software – Endpoint Security and Control (Sophos Anti-Virus, Client Firewall, software to handle updates and messaging, etc.).
• Management database – Store information about the configuration of endpoint computers.
• Management server and management service – Handle communications between the console, the database, and the endpoint computers