Sophos Central Update - More Protection for Linux and Windows Servers
What was launched around two years ago as Sophos Cloud is now being further developed by Sophos under its new name, “Sophos Central”. At the time, we understood the vision but were uncertain whether our existing - or new - customers would actually adopt such a “cloud solution”. It has since become clear that these concerns were entirely unfounded, and interest in Sophos Central has been steadily increasing among our customers as well.
Sophos is working extremely hard on the continual development of this outstanding product, releasing frequent updates that add new functionality. In our last blog post we reported on the recent integration of “Sophos Wireless” into Sophos Central.
In this post, we briefly introduce the latest enhancements that focus exclusively on protecting servers.
Sophos Central Server Protection enhancements
The following features are now available in Sophos Central and make server security even more effective and easier to manage:
1. Malicious Traffic Detection for Linux and Windows servers
Malicious Traffic Detection (MTD) can block connections that may be attempting to gain control of your server (for example, command-and-control servers). This capability significantly enhances your server’s security, as there are now several sophisticated types of malware that communicate with remote servers to obtain further instructions, updates, or to upload data. When malicious traffic is detected, it provides an early indication of malware activity. To use this feature, you need the Sophos Central Server Protection licence.
2. Peripheral control
There is little benefit in having your server perfectly secured against attacks from the internet if malware can still be introduced via, for example, a USB stick. You should therefore define policies for peripherals such as removable media, wireless adapters, modems, and devices like phones, tablets, and cameras. With the new peripheral control in Sophos Central Server Protection, this is now possible. You can easily control and block the use of peripherals on your Windows servers, while also exempting specific peripheral devices from control where necessary.
3. Application Control
Because servers store critical data, it is essential to prevent inappropriate applications from running on them. With Application Control, you can flexibly define policies that allow or block specific categories of known applications on Windows servers. Application Control complements the Server Lockdown feature, which goes one step further and permits the execution only of explicitly approved applications. To use this feature, you need the Server Protection Advanced licence.
4. Download Reputation
For secure server operation, only trustworthy files should be downloaded. The Download Reputation feature helps to ensure that no untrusted files reach your servers by assigning a trust rating to each file based on analysis by SophosLabs. This feature is now available on Windows servers with either a Standard or Advanced licence.
5. Server groups
Finally, we come to a completely new feature planned for the end of August 2016. This new capability enables you to assign policies to entire server groups. You no longer need to assign policies to each server individually; instead, you can assign policies to whole server groups within the Sophos Central user interface. Configuration is handled easily via the Sophos Central user interface.
Name changes
Please note that, as a result of the name change from “Sophos Cloud” to “Sophos Central”, several other naming changes will soon take effect in our online shop. We will replace all product names containing “Cloud” with “Central”.
Update: The name changes in our shop from “Cloud” to “Central” were implemented on 20 September 2016. All Sophos Central products can now be accessed via our overview page.
