Sophos Adds Application Control to Endpoint Security

The vendor contends that by blending anti-virus tools with the ability for administrators to block access to Web sites and a number of consumer-oriented applications, enterprises can rapidly streamline endpoint protection.

Security software maker Sophos announced Sept. 27 that it is adding a number of so-called application-control features to its flagship anti-virus package in an effort to give IT administrators greater ability to limit access to potentially troublesome programs.

The features being injected into Sophos Anti-Virus Version 6, which was first released in June, include tools that are meant to allow administrators to block unauthorized usage of a number of legitimate programs, including consumer VOIP (voice over IP) systems, P2P (peer-to-peer) file-sharing networks and instant messaging applications.

The additional capabilities are being offered to existing users of Sophos Anti-Virus 6 free of charge.

While many companies allow their workers to use such tools on their business desktops, Sophos said that an increasing number of companies believe that such tools pose significant security risks to corporate data and infrastructure.

In a customer survey conducted by Sophos, which is based in Abingdon, U.K., IT administrators indicated that they are increasingly troubled by the push by end users to bring technologies they use at home onto corporate networks.

/zimages/1/28571.gifSophos positions itself as a more complete provider of endpoint defenses. Click here to read more.

For example, 86.1 percent of the 460 respondents to the survey said they would like to block VOIP applications, with 62.8 percent stating that they feel it is essential to do so to preserve network security.

With so many unauthorized applications running on the network these days, administrators are looking for a way to begin taking back bandwidth and endpoint control, said Ron OBrien, senior security researcher at Sophos.

"What really happened is that the rate at which these applications proliferated and were downloaded exceeded everyones wildest expectations," OBrien said. "As people brought more applications from home onto their work PCs, the applications have begun to seriously affect the performance of networks and have negatively influenced IT security in general."

As a result of the blending of traditional security applications such as anti-virus with features typically given over to desktop management tools, the researcher said he expects Sophos to continue to move into the endpoint management space. Issues such as application patching and blocking have become such an integral piece of desktop security that the shift is becoming inevitable, OBrien said.

At least one analyst agreed that it makes sense to meld together anti-virus security software with application-control tools.

"While much of the attention is about the external threat, individuals inside the enterprise have the potential to cause the largest security problems," said Brian Burke, analyst with Framingham, Mass.-based IDC. "System administrators need a simple, flexible solution that not only ensures peace of mind, but guarantees the ability to develop and enforce policies that work for all parts of the enterprise."

/zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.