Sophos Endpoint Security 8.0
Strengths: Very nice product for AV, firewall, NAC, HIPS and application control
Weaknesses: Has no device, port or encryption support
Verdict: A must buy for a solution to complement a port-and-device management product
Sophos Endpoint Security and Control 8.0 uses a single agent deployment to provide anti-virus, anti-spyware/adware, host intrusion prevention, application control, device control, endpoint assessment/NAC and firewall. Sophos Enterprise Console automates the deployment, management and updating of Sophos Endpoint Security and Control across Windows, Mac OS X and Linux.
The application load requires either an SQL or an MSDE database. Be careful and note that during the installation Sophos asks you to allow it to send your user information to it. We chose not to allow this feature. We ran the update wizard and performed the NAC Manager install to complete the server load.
We were pleased with the management dashboard. The dashboard was tunable and very intuitive. Active Directory integration (other discovery options are also available: IP discovery, file import, network scan) was used to build our client list. We could push clients to our endpoints and even had the option to remove other third-party packages installed. For large environments, you can use groups and assign policy to groups and automatically have the agents pushed when a new system appears in that group. You will have to allow file sharing on the endpoint to use this option. This solution also has support for MAC and Linux endpoints.
Reporting is granular and flexible. Numerous reports exist as standard reports, custom reports can be generated and options for exporting those reports are available. Reports can be displayed in chart. The dashboard look-and-feel really works for this product. Alerting is available through email messages.
The documentation was complete and we did reference it during our testing. Sophos provided 24/7 access to engineers with its standard support that is included with the licence; updated offerings are available.
This solution is one of the better network and host-based solutions we reviewed. There was no support for encryption of port management but the rest of the offering is complete and feature-rich in the network and host-based categories. Easy to use, very tunable, great alerting and reporting and priced in the middle of the pack.