IT Security & Network Security News & Reviews - eWeek



IT Security & Network Security Reviews

REVIEW: Sophos Endpoint Security and Data Protection 9 Suite Is Full-Featured, Well-Managed


By: Matthew Sarrel
2009-12-15
Article Rating:starstarstarstarstar / 8


There are  user comments on this IT Security & Network Security News & Reviews story.



  Table of Contents:
  1. REVIEW: Sophos Endpoint Security and Data Protection 9 Suite Is Full-Featured, Well-Managed
  2. Application, Data Control

Sophos Endpoint Security and Data Protection 9 is a solid contender in the enterprise endpoint security market. Deployment and management are strong points in this version of the suite, with a streamlined and straightforward management GUI.

REVIEW: Sophos Endpoint Security and Data Protection 9 Suite Is Full-Featured, Well-Managed - Application, Data Control
( Page 2 of 2 )

 

Application, Data Control

Application control is where it starts to get interesting. Applications and categories of applications can be blocked from installation and execution, or just logged. On the authorization tab of the Application Control Policy editor, I could select application groups that have no reason to be on a workstation, such as file sharing and games. The message a user sees when he or she tries to access one of these unauthorized applications can be customized, and events can be reported via SNMP and e-mail. I could also enforce software update policy by, for example, allowing Firefox 3, but not Firefox 1 or 2.  Updating policy to block an app not listed by Sophos is not done here, but rather under firewall settings.  

A new addition in this version of the suite is data control. Sophos adapted its malware scanning and recognition engines to search for specific words and/or patterns in documents or Web forms. Transfer can then be blocked or logged. Data Control rules search for patterns or content and then take appropriate action by either warning the user (in case of an authorized and intentional transfer), or warning and blocking the user. 

Reporting is quite flexible, and Sophos does a great job streamlining the process of generating reports. Nine common reports come with the product to serve as templates for customization.

The Alert and Event History report was helpful to me, as it highlighted the security events found on my test network. This made it very easy to see, for example, which computer was used to attempt a transfer of sensitive corporate data.

Reports open on top of the console. I found this frustrating because I would have liked to run the report, close it to check a setting, and run the report again.  Any report can be scheduled to run regularly and e-mailed to recipients. In addition, e-mail and SNMP alerts can be issued when error thresholds are surpassed for many different factors. 

After pushing out policy, I examined my tests workstations to verify that they had been secured.

In short, everything worked much as it should.

In AV and HIPS testing, nine of 15 malware items were blocked from download. One of the six that were not blocked from download were blocked from installation, while four were blocked from execution.

Application control blocked me from running peer-to-peer apps and games.  Device control worked as configured, and users are notified with a popup message that Sophos blocked the drive.

Data control also worked very well. I was able to block uploads of various file types containing different types of information. For example, I blocked the word "eweek" in a text file and 10 or more Social Security numbers in an Excel file.

Matthew D. Sarrel is executive director of Sarrel Group, an IT test lab, editorial services and consulting firm in New York.

 








 
 
>>> More IT Security & Network Security News & Reviews Articles          >>> More By Matthew Sarrel
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Microsoft Sponsored Resource Center

Increase Your Microsoft Office 365 Knowledge! Dig inside this suite of cloud-based collaboration tools.

Watch the video >>

Brought to you by

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
Contact Us | About | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 6
 
Close this advertisement