Sophos Endpoint Protection
Sophos has ranked as a Leader in the Gartner EPP Magic Quadrant for eleven consecutive reports. Sophos Intercept X employs a comprehensive defense-in-depth approach to endpoint protection. ATP offers real-time visibility into malware threats with continuous monitoring to ensure threats do not remain undetected until it is too late. To put it simply, the job of ATP is to prevent, detect, and respond to new and advanced attacks that can evade even the best laid cybersecurity defenses. The ATP feature in Sophos XG Firewall analyses all network traffic (DNS requests, HTTP requests, or data packets in general), coming and going, for possible threats. The database used to identify threats is updated constantly by a CnC/Botnet data feed from Sophos Labs through signature updates.
Snapshot
Protection for all endpoint devices, on premise or in the cloud, through one management console.
For
Companies looking for strong threat protection with a granular management controls.
What is Sophos Endpoint Protection?
Sophos Interpt X is platform for detecting and stopping threats Endpoint Threats. It has a focus on delivering a simple and secure platform. It offers one accessible management console for IT departments to manage all IT devices, and the client can either run in the cloud or as an on-premise solution. It promises to automate the process of identifying threats, isolating them to stop them spreading and removing them from devices. It uses deep learning systems to look for the common signs of attack rather than relying on signatures, which they argue makes it more proficient at spotting zero-day attacks. The Sophos EPP Platform anti-virus is based on the Intercept X platform Sophos acquired in 2017. This specializes in deep machine learning algorithms to hanti-malware, HIPS and malicious traffic detection and help protect endpoints against threats.
Profile: Sophos Endpoint Protection
Atp Phospho
| Category | Endpoint Protection |
| Website | sophos.com |
| Founded | 1985 |
| Headquartered | USA, UK |
| Deployment | Cloud, On-Premise |
| Suitable For | SMBs and Enterprise |
Sophos Endpoint Protection Features
- Strong threat protection against ransomware and credential theft with machine learning algorithms powering automated defence
- Cloud based administration console manages all endpoints, but also with other Sophos platforms including secure web and email gateways
- Protection against malware, and malicious web traffic
- A range of policies are available within the admin console, including web filtering, application controls and device controls including peripheral control
- Performance is strong, with update downloads typically under 30KB to minimize disruption and keep storage costs low
- Flexible product purchasing so that customers can choose cloud based management with reporting, and upgrade to the Intercept Endpoint Protection if they want
Expert Insight
Atp Phosphorus
Sophos has a strong focus on given admins granular controls and policies to stop threats from reaching devises. The management component is a key feature of their EPP platform, with management able to filter web content, set device controls, decide what apps can be downloaded and even decide what peripherals devices can use. This can all greatly increase the overall security of an organisation, especially if a large number of employees work remotely. Alongside these threat protection controls, the detection and response is powerful. Based on Intercept X, a machine learning powered threat detection system acquired by Sophos in 2017, this platform is adept at isolating and removing advanced Endpoint threats.
The management console is clean and accessible with customers suggesting that it’s easy to configure and manage and works well. It’s cloud based and so can be accessed from anywhere, with a full range of reports and controls. It also works as one management console with all of the other Sophos security products including Secure Email Gateways and Web Filtering. This makes it an easy option to recommend for existing Sophos customers. For other customers looking for Endpoint Protection with a range of strong management controls and threat protection, this is a good option for you to consider.
See Full ReportAtp Sophos Xg
Advanced threat protection analyzes incoming and outgoing network traffic for threats. Using ATP, you can quickly detect compromised clients in your network and log or drop the traffic from those devices.
Atp Sophos Software
- To turn on ATP.
- You can configure the following settings:
Logging
By default, logging for ATP events is turned on. To change this, select Change log settings which takes you to the Log settings page where you can turn the logging off.
Policy
Use the drop-down menu to select the security policy that the ATP system should use if a threat has been detected.
- Log only: Logs traffic and allows packets passing through the XG Firewall.
- Log and drop: Logs traffic and drops packets preventing them from passing through XG Firewall.
Host exceptions
Add or select the internal source networks or hosts whose outbound connections should be exempt from being scanned for threats by the ATP system.
To add an exclusion click Add new item and then select hosts or networks that should be excluded. Then click Apply selected items at the bottom of the menu.
Threat exceptions
Add the IP addresses or domain names of the external hosts or networks and click the plus button . For example, web servers that you want to skip from being blocked by the ATP system.
By excluding sources or destinations, you may expose your network to severe risks.