An antivirus of the next generation
Not only relies on signatures.
Sophos Central Endpoint Protection can do much more than simply protect against signature-based malware. Innovative technologies such as malicious traffic detection, combined with existing real-time threat data from SophosLabs, make it faster to detect, block and eliminate threats. Keep your Windows or Mac computers protected. Sophos Central then lets you set up and manage it all.
Even if Sophos Endpoint Protection has more in it than a traditional antivirus, the compact agent protects you and your users without interfering with their work.
Sophos Central Endpoint Advanced gives you the ability to block interfaces on a computer with Device Control. Once you have installed the Sophos Central Endpoint Client on a device, you can create a policy in your Sophos Central account that blocks all USB ports, for example. Of course you have many other interfaces to choose from, such as Bluetooth or Wireless.
You can assign the policy for Device Control to either a specific user, group or device.
Application Control helps you to better control access to certain software. There are various application scenarios. For example, you can block the entire "Games" category for all employees to increase productivity in the company. Or there may be software that can only be run by certain users. Create rules that apply to either a single user, an entire group, or a specific workstation.
Application control is only included in the advanced version of Sophos Central Endpoint Protection.
The Web Control is a tool that gives you a better grip on Internet traffic. Increase security by not allowing you to download files with a certain extension, such as exe, flv, dll etc. You also determine which web pages can be accessed. Choose from a list of pre-defined categories to avoid locking each page individually. Don't you want to have Facebook on your desk anymore? With the Web Control you can define your own rules and even set the time for them.
Web control is only included in the advanced version of Sophos Central Endpoint Protection.
A secure network consists of a firewall at the gateway and good protection at the endpoint. The problem so far was that the firewall didn't know if an endpoint was being attacked and the endpoint had no idea if someone could overcome the firewall. With the Security Heartbeat, Sophos is the only vendor that has made it possible for your firewall to communicate with your endpoints. For example, if a client in your network is infected by a virus, the firewall will now be able to detect it and remove the computer from the network before the virus spreads.
To take advantage of the security heartbeat, you need to have the advanced version of Sophos Central Endpoint Protection and a Sophos XG firewall installed.
Malicious Traffic Detection
There is already a more complex type of malware, which only establishes a connection to a server after it reaches the computer, in order to reload other malicious software or upload files from the infected computer to a server.
Sophos Central Endpoint Advanced has the ability to monitor HTTP traffic and alert you to this malicious traffic. Special attention is paid to known URLs of command and control servers. If such traffic is detected, there is a good chance that a new malware has been found and uploaded to Sophos Labs for specific detection.
Malicious traffic detection is only included in the advanced version of Sophos Central Endpoint Protection.
Host Intrusion Prevention System
Today's development of malware shows that protection based solely on signatures is no longer sufficient. Today's malware is spreading too fast, has become too intelligent and can change its shape and signature in no time at all.
So if you can no longer rely on signatures, you have to analyze the behavior of a software more closely and block activities that seem to be suspicious. This is exactly what the Sophos Central Endpoints Advanced's Host Intrusion Prevention System (HIPS) does.
Suspicious behavior could be, for example, a change in the registry that would allow a virus to run itself automatically after starting the computer.
As malware evolves and grows rapidly, it is becoming increasingly difficult to keep the detection rate up to date with signatures. This has enabled Sophos to detect this and, with Live Protection, improve response time to detect new malware and update your endpoint protection in real time.
Enable Live Protection to allow your endpoint to look up files on Sophos Labs in real time to check if they are malicious. This way, new malware can be detected even though it does not yet appear in the virus definitions.
Data Loss Prevention
Data Loss Prevention is a feature in Sohpos Central Endpoint Advanced that allows you to monitor and restrict the transfer of sensitive data. For example, you can use a policy to prevent a user from sending a file from the corporate network via webmail.
Create your own rules and decide how to deal with certain information in the company. This way you can make sure that no important documents get into the wrong hands.
Sophos Endpoint Protection can be installed on devices running Windows (7 or higher) or macOS (10.9 or higher) as an operating system. However, not all functions are supported on both operating systems in the same way. The table below also shows the operating system on which a feature is supported.
|Central Endpoint Standard||Central Endpoint Advanced||Central|
|Web Control / URL Category Blocking||-||-|
|Peripheral Control (e.g. USB)||-||-|
|Browser Exploit Prevention||-||-|
|Anti-Malware File Scanning||-|
|Pre-execution Behavior Analysis / HIPS||-|
|Potentially Unwanted Application (PUA) Blocking||-|
|Data Loss Prevention||-||-|
|Runtime Behavior Analysis / HIPS||-|
|Malicious Traffic Detection (MTD)||-|
|CryptoGuard Ransomware Protection||-||-|
|Automated Malware Removal|
|Synchronized Security Heartbeat||-|
|Root Cause Analysis||-||-|
Want to learn more about Sophos Endpoint Protection? We do not wish to withhold any information from you. That's why you'll find everything we and Sophos have to offer with this product.
Here you can find datasheets from Sophos to the product with additional information.
The best articles from our knowledge base to familiarize you with the product.
Are you already protected against Ransomware?
Sophos Central Endpoint Protection does not protect you from encryption trojans (ransomware). Take a look at Sophos Intercept X.Learn More