Skip to content
Avanet
Server Protection from Sophos – multiple options, logical decision

Server Protection from Sophos – Multiple options, logical decision

That every computer in a company - whether it runs Windows, Linux or macOS - should have antivirus software installed is now obvious to almost everyone. Since ransomware began hitting the front pages, hardly anyone still seriously objects to this.

In a company, however, there are not only client systems. It is often overlooked that there are also servers holding sensitive data, which need to be protected against attacks just as much.

In this article I would like to introduce three variants of Sophos that you can use to protect your servers.

Strictly speaking, Sophos offers four solutions for protecting your servers. But Endpoint Protection with management on the UTM has not received any new features since the end of 2014. Given that, in my view, IT years count double, that would be a good four years! 🙂 So let’s move on to the options that really matter:

1. Sophos Central Server Protection

The flagship of Sophos in endpoint protection is clearly “Sophos Central”. The platform allows you to protect and manage client operating systems (Windows and Mac), server operating systems (Windows and Linux), and mobile operating systems for smartphones and tablets (Android, iOS and, from the end of 2016, Windows Mobile). The server product is available in two variants, Sophos Central Server Protection and Sophos Central Intercept X Advanced for Server.

Sophos Central Server Policies

Sophos Central is now available as a free, no‑obligation 30‑day trial so you can form your own opinion.

Advantages

  • Security Heartbeat (Synchronized Security) *
  • Very rapid delivery of new security features
  • A single console for client OS, server OS and MDM (Mobile Device Management)
  • Server Lockdown *
  • Distribution of policies and virus signatures ➜ with Message Relay this also works without Internet access
  • Ready for use within minutes

* This feature is only available in this solution.

Disadvantages

  • Installing the antivirus software on clients requires around 200 MB RAM per server
  • Some companies are not comfortable with a managed solution, although Sophos’s data protection is very transparent
  • No client firewall (planned for end of 2016)

PDFs

2. Sophos Server Protection

This product is particularly common in larger enterprises. This is likely because the platform itself can be hosted in your own infrastructure. Of course, this does require a dedicated Windows Server on which the Enterprise Console is installed. You can then use this console to manage clients and servers. Unfortunately, in this on‑premises solution you will look in vain for features such as “Server Lockdown” or the new “Synchronized Security”.

Enterprise Console Dashboard

Anyone who prefers to run the management platform in their own infrastructure and install the console on their own server will generally opt for “Sophos Server Protection”.

The third noteworthy option is “Sophos VMware vShield”. We would be less inclined to recommend this solution. While it is very resource-efficient, it is inferior to the other two variants from a purely security perspective. VMware vShield only provides file scanning, which means scripts or Word macros cannot be detected.

Based on information from the most recent Sophos Roadshow in Zurich, it is clear that the future at Sophos belongs to Sophos Central. In particular, the “Synchronized Security” approach - endpoints being able to communicate with the firewall - is perfected by the new “Sophos Firewall OS” and “Sophos Central”!

More information

Patrizio

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.