Sophos Introduces Endpoint Security Package

Adding a firewall and adware-fighting tools to its suite of security applications is aimed at positioning the firm as a more complete provider of so-called endpoint defenses.

Sophos announced the availability of a new package of integrated computer defense tools on June 7 touted by the company as its most comprehensive array of so-called endpoint security applications released to date.

Aimed at providing the full gamut of security applications needed to protect endpoints, or corporate desktops, laptops and servers, the suite includes Sophos first commercially available firewall and spyware removal tools, along with a new set of adware fighting programs, and updated versions of the companys existing anti-virus and threat management products.

Dubbed Sophos Endpoint Security, the package promises the ability for IT administrators to manage defenses for tens of thousands of devices from a single console. Company officials said that enterprise customers are asking vendors to offer broader, more fully integrated security applications in order to help close network vulnerabilities and allow for easier management of endpoint protection technologies.

While many of its rivals, including market leaders Symantec and McAfee, are adding to their endpoint security capabilities via the acquisition of smaller companies, Sophos executives said that building a firewall in-house and revamping its products from within helped it create a set of applications that work together more efficiently than others.

"Everyone is looking to expand their footprint, with smaller companies promising capabilities they cant deliver and larger providers struggling to integrate their acquisitions," said Ron OBrien, senior security analyst at Sophos.

/zimages/5/28571.gifRead more here about a vulnerability in Sophos flagship product line.

"Were taking the experience and technology weve built up to fight viruses and pushing that into the client firewall; thats the sort of approach customers are looking for, one that takes advantage of real synergies across the various endpoint technologies."

The new firewall promises the ability to help protect laptops and remote workers from worms, hackers and intrusion-oriented threats, in addition to monitoring application communications for potential hijackings.

Along with offering device location awareness capabilities that allow for the application of specific security rules defined by a computers network location, the firewall can be managed using the same administrative console used for its anti-virus programs.

The company will continue to offer a version of the Endpoint Security package without the firewall, but has no plans to market the software as a stand-alone product.

Also new are the automated spyware removal tools, which claim to help detect and eradicate most common forms of malware, including adware, and offer integration with security policy settings in Cisco Systems NAC (Network Admission Control) feature. The technology promises the ability to root out unwanted applications such as peer-to-peer file sharing systems in addition to malware.

Both the firewall and the spyware tools have been augmented with Sophos Genotype threat detection technology, which claims the ability to offer protection for certain types of viruses, typically variants of existing threats, before computers are faced with the actual attacks.

At the heart of the new product is Sophos revamped management console which offers improvements in the areas of identifying attacks and managing software patches across large numbers of systems, according to OBrien.

"Customers are telling us that one of the best ways to help them better manage endpoint security is to simplify administration and make their IT workers operate more efficiently," he said.

"I think you hear a lot of companies talking about the ability to do this, but adding something like a client firewall, and malware removal, to our traditional detection and update capabilities is what we know companies are looking for."

The Sophos official said that future iterations of the endpoint suite will likely include tools for using the firewall to protect against potential vulnerabilities introduced via devices USB ports.

At least one analyst appeared to approve of Sophos move to expand its endpoint security capabilities.

"With the rise of blended threats, there is an increasing need for integration between individual endpoint security components in order to reduce the cost and time associated with managing point products," said Brian Burke, analyst with Framingham, Mass.-based IDC.

"Sophos endpoint security solution simplifies the complexity associated with managing multiple security solutions, while at the same time increasing the effectiveness of protection."

/zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.