Sophos products

Sophos products:

Complementary endpoint, encryption, email, web and NAC solutions.

Endpoint

Protect your computers and data

Get the level of protection you need with a choice of endpoint security solutions that keep you protected against the latest threats, reduce the impact on your users and are easy to manage.

Why Sophos?Single agent provides both anti-malware and data loss prevention in oneProtection for Windows, Mac, Linux, UNIX and more all included in the licenseCombines anti-virus technologies to protect against the very latest threatsReal-time threat and compliance intelligence reduces cost and administration timeCentralized management delivers unrivalled visibility and control of your networkExpert technical support delivered round the clock at no extra cost

Endpoint Security and Data Protection
Cross-platform anti-virus protection
Simplified, centralized management
Control of applications, devices and network access
Integrated DLP and encryption
Centrally managed client firewall
 
Sophos Endpoint Security and Data Protection protects all your computers and data – without stretching your anti-virus budget.


Key features

 

Anti-virus

 

Stop malware with fast scanning, built-in intrusion prevention and live in-the-cloud protection technologies.

Platforms protected:

Live protection

 

Protect users against the new threats with in-the-cloud checks against the latest threat data and malicious URLs.
Learn more

 

Management

 

Gain instant visibility of security issues for all computers with one console for Windows, Macs, Linux and UNIX.
Learn more

 

Application Control

 

Reduce infection, data loss and productivity risks by blocking the use of unauthorized applications.

Learn more

 

Device Control

 

Reduce the risk of data loss and malware infection with granular policies to control removable storage devices.

Learn more

 

Data Loss Prevention

 

Simplify DLP deployment with scanning uniquely built into the endpoint agent to monitor the transfer of sensitive data.

Learn more

 

Encryption

 

Meet compliance needs by securing data on computers and removable media with proven SafeGuard encryption.

Learn more

 

Network Access Control

 

Ensure compliance with your security policy and patch status by assessing managed and guest computers.

Learn more

 

Support

 

24x7 expert technical support and constant, automatic updates and upgrades for new releases - all included.
Learn more

Encryption

Encrypt and secure your company's data

Protect your confidential information and ensure regulatory compliance with a range of encryption products that deliver policy-based security across mixed environments and operate transparently to your users.

 

Why SophosIndustry certified, award-winning technology already protecting millions of usersSuperior key management for secure and easy data sharing and recoveryRecognized as a market leader by Gartner for Mobile Data ProtectionReduces cost by integrating easily into your existing infrastructureCentralized, integrated policies for full disk encryption, removable media encryption and port controlModular architecture enables you to tailor the solution to your needs

SafeGuard Enterprise
Advanced full disk encryption
State-of-the-art key management
Single, centralized console
Manages external encryption products
Granular policy control

Key features

 

Protect your confidential information from data breaches and comply with regulatory mandates—safely and securely—with SafeGuard Enterprise. A modular information protection control solution, SafeGuard Enterprise enforces policy-based encryption for PCs and mobile devices across mixed environments. It is fully transparent to end users and is easy to administer from a single central console. SafeGuard Enterprise provides multi-layered endpoint data security by combining encryption and data leakage prevention (DLP). Its modular architecture provides comprehensive data security tailored to your organization's needs and growth requirements.

 

State-of-the-art policy enforcement and key management

 

• Delivers centralized data security control across mixed IT environments
• Provides consistent implementation and enforcement of company-wide security policies
• Centralized key management makes secure storage, exchange and recovery of data simple and easy
• Provides comprehensive data protection on all kinds of devices: full disk encryption for laptops and desktops, and flexible encryption for removable media, CD/DVDs, email, et cetera
• Offers full disk encryption and port control-based data leakage prevention (DLP) under a single management console
• Manages BitLocker Drive Encryption in Windows Vista and Windows 7
• Integrates quickly and effectively with existing security infrastructures and automates administrative tasks
• Detailed compliance audit logs and reports on device encryption status and user activities

 Comprehensive security with a modular architecture

  

With modular, scalable and open architecture, SafeGuard Enterprise provides seamless integration of current and future SafeGuard modules, new security components and third-party products—guaranteeing continuous investment protection. You can pick the modules that suit your requirements. SafeGuard Enterprise modules include:

• Management Center, which provides a single, centralized console to manage all the other modules
• Device Encryption for advanced full disk encryption for laptops and desktop PCs
• Data Exchange for strong encryption and secure sharing of removable media
• Partner Connect for managing external encryption products
• Configuration Protection for granular port control of PCs

 

Benefits

 

Comprehensive data security with strong encryption for PCs and removable media as well as port control-based DLP
Regulatory compliance with consistent policy enforcement and reporting via a central management console
Secure end user productivity with advanced, transparent key management
Investment protection with a modular architecture that integrates easily with existing architecture

Trusted support from one source
Regular updates and upgrades for new releases, as well as 24x7 in-house technical support are available with a maintenance contract.
Depend upon a recognized market leader in endpoint protection

Antivirus protection tips for today's enterprise

General server-based protection

Your first line of defense should be at the perimeter of your network. Deploying firewalls to block port- and service-based attacks is essential. However, perimeter protection can go much further than simply blocking all but a handful of required ports. You should also consider deploying perimeter scanners to scan for and block viruses before they ever get inside your network.

Many worms exploit vulnerabilities in the operating system, so patching against those vulnerabilities is critical. Applying service packs and updates can go a long way toward closing holes that expose the server to attack. Windows Server 2003 can typically apply patches without rebooting (and triggering the disruption that rebooting can cause). For earlier Windows operating systems, consider using Qchain.exe to apply multiple patches with a single reboot. Although most worms and viruses target Windows platforms, Linux platforms are equally at risk if not patched and updated.

Disable unneeded services

Carefully review each server and ensure that it is running only those services required for it to carry out its function. Disable services that are not needed to reduce the server's attack surface, and explore ways to harden required services. Separate critical services from noncritical services by moving them to other servers, and consider deploying load balancing and clustering where appropriate to help ensure high availability.

File system protection

Consider how your network resources should be protected. All file servers should have an antivirus solution that actively scans the file system in real time so that, as files are modified or added, the antivirus application can quarantine or repair the affected files before they spread to client systems or other servers. The server should also be protected at the file system level in other ways. For example, all Windows servers should use NTFS, since FAT offers essentially no security. You should also eliminate unnecessary shares, require share permissions for all shares, and use hidden shares where possible to further protect the server from worms that propagate through unprotected shares.

Protection for e-mail services

Mail servers are obviously a vulnerable point in any network. A file system scanner can catch message files as they are written to the system, but a better approach is to use an antivirus solution that scans the messages as they arrive in the mail system. There are several antivirus solutions that interface directly with Exchange Server to proactively scan incoming and outgoing messages. An SMTP gateway scanner is another alternative in networks where other mail servers are used, or where you want to scan the messages before they reach your mail servers.

It's also important to not place all of your faith in one solution. Using multiple scanning engines from different vendors can add an extra layer of protection. A message might get past a single engine, but it's less likely to sneak past two or three. Using multiple scanning engines also guards against a coordinated denial-of-service attack on a particular antivirus vendor. GFI's MailSecurity is an example of an antivirus solution that employs multiple scanning engines. As an alternative to a single-vendor solution, you could deploy an SMTP-gateway scanner from one vendor and a solution from a different vendor on your e-mail servers.

The antivirus solutions you choose for your e-mail servers should scan for more than just virus-infected files. It's critical that they also perform exploit detection and scan for scripts, malformed MIME headers, or other mechanisms that exploit vulnerabilities in e-mail clients or server operating systems

Can Your PC Protector Defend Your Computer?

Can Your PC Protector Defend Your Computer?

All of us must be extremely cautious when browsing the web, if not be prepared to become yet another victim of hacker attacks. Our personal information and money is increasingly becoming the target of cyber criminals. This time get ready to fight Your PC Protector - a program with rather simple name. However, don't be tricked by this title; Your PC Protector is just a new rogue anti-spyware application increasingly infecting unaware computer users.

Wondering how Your PC Protector (also known as YourPC Protector, Your PCProtector and YourPCProtector) would end up on your PC? Well, the first thing to ne noted about this malicious application is the fact that it is spread by the group of cyber criminals who are also responsible for the development of Windows Police PRO and Windows Antivirus PRO.

Your PC Protector and other malicious applications in its family, all perform similar methods to trick unsuspecting computer users into purchasing a full version of the program. It can be dropped onto your system by Trojans or other malicious parasites. The program can also be dropped onto victimized system after visiting some malicious website. Therefore, if you don't want to get infected, it's very important to browse with caution and not to click on unknown links.

Once on the system, Your PC Protector will perform a scan of your computer system and immediately start displaying fake warning messages that your system is infected. Below you can see a screenshot of this fake computer scan:

Image 1. Your PC Protector fake system scan

After the scan, all you have to do is buy the full version of Your PC Protector in order to remove the huge number of purportedly found malware. Don't do that! Don't waste your money on absolutely useless security programs! And keep an eye out for my next article with more detailed information on Your PC Protector.