Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 6 subscribers
  • Views 1056 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New Feature Request

marct

I've been using Sophos AV for Mac for several months and have recommended it to many co-workers, friends and family for their Macs. Generally, I've been very happy with the product. I've had occasional kernel panics, but it's good to see that the Sophos team responds quickly when these errors occur.

One feature that I would like to see is a method for users to control the behavior of product updates. Today, users can turn the update mechanism on and off and they can configure the frequency of the checks. I would like to see the version updates separated out so that a user can specify whether or not Sophos AV automatically updates itself to a new major version (from 7.x to 8.x for example). Ideally, the user would be able to specify [Upgrade Automatically] or [Notify When Updates Are Available].

The reasoning behind my request is as follows. Companies and corporations that allow VPN access to home PCs need a way to assess the security standpoint of foreign PCs (-please note that I'm using the "PC" acronym in the general sense for all types of personal computers). This is typically done through a software agent that gets installed on the PC. These agents are only able to assess the security standpoint of AV products that have gone through a testing phase. Hence, there is some lag between the time a new AV product version is released and when it can be supported by a VPN vendor.

Here is the scenario: Let's say 1000 people across the globe are using their personal Macs to access employer VPNs. Those VPN's are powered by Cisco, Juniper and other VPN vendors and are configured to allow access if an supported AV product is running on the remote Macs. Now let's also assume that Sophos AV for Mac verions 7 and 8 are on the compatibility list of those VPNs. Everything works great until version 9 starts automatically rolling out. At that point, those users are out of compliance and can no longer connect to the VPN. They must then choose between waiting for their companies and or VPN vendors to update their systems or simply uninstalling Sophos and installing a different AV solution.

Sorry for the lengthy post. I hope this generates some good conversation. Thanks!

:1009330


This thread was automatically locked due to age.
  • 0
    Hmm.... aftet posting this I noticed that there is an option to disable Live Protection. Perhaps someone can explain the difference between Auto Update and Live Protection?
    :1009332
  • 0

    Live Protection is the feature that does a cloud lookup of a suspicious file to get up-to-the-minute information on whether Sophos thinks it is malware or not. 

    Auto Update is the mechanism that checks for detection data updates, detection engine updates and product version updates.  Detection data updates happen approximately every 4 hours (more often if there's something that is a rising global threat), engine updates happen monthly, and product version updates also currently happen monthly, (with different release dates) with some out-of-band updates also sometimes occurring.

    :1009340
  • 0
    marct wrote:

    I've been using Sophos AV for Mac for several months and have recommended it to many co-workers, friends and family for their Macs. Generally, I've been very happy with the product. I've had occasional kernel panics, but it's good to see that the Sophos team responds quickly when these errors occur.

    One feature that I would like to see is a method for users to control the behavior of product updates. Today, users can turn the update mechanism on and off and they can configure the frequency of the checks. I would like to see the version updates separated out so that a user can specify whether or not Sophos AV automatically updates itself to a new major version (from 7.x to 8.x for example). Ideally, the user would be able to specify [Upgrade Automatically] or [Notify When Updates Are Available].

    The reasoning behind my request is as follows. Companies and corporations that allow VPN access to home PCs need a way to assess the security standpoint of foreign PCs (-please note that I'm using the "PC" acronym in the general sense for all types of personal computers). This is typically done through a software agent that gets installed on the PC. These agents are only able to assess the security standpoint of AV products that have gone through a testing phase. Hence, there is some lag between the time a new AV product version is released and when it can be supported by a VPN vendor.

    Here is the scenario: Let's say 1000 people across the globe are using their personal Macs to access employer VPNs. Those VPN's are powered by Cisco, Juniper and other VPN vendors and are configured to allow access if an supported AV product is running on the remote Macs. Now let's also assume that Sophos AV for Mac verions 7 and 8 are on the compatibility list of those VPNs. Everything works great until version 9 starts automatically rolling out. At that point, those users are out of compliance and can no longer connect to the VPN. They must then choose between waiting for their companies and or VPN vendors to update their systems or simply uninstalling Sophos and installing a different AV solution.

    Sorry for the lengthy post. I hope this generates some good conversation. Thanks!

    Good points, and a good suggestion.

    A few things to note on the Sophos upgrade system are that:

    1) our enterprise product has this feature, and the enterprise system can remotely manage the rollout of new versions.  Any enterprise allowing you to do work from your home computer should be able to add your home computer to their site license and give you a copy of this software to use on your computer -- after all, you're using the computer for non-personal-use purposes.

    2) when Sophos went from version 7 to version 8, the two versions ran in parallel with no forced upgrade for months (and those vendors you mentioned had access to the new version).  New users downloaded version 8, but version 7 users kept getting point upgrades.  Version 7 users were not upgraded to version 8 until Sophos stopped supporting version 7.  The alternative would have been to not upgrade people to version 8, and have them using an unsupported piece of software with out of date detection definitions and detection engines -- which would have resulted in the shield with an X through it, and would have disabled the product from functioning at all (as there's nothing worse for security than thinking you're secure when any recent attacks aren't protected against).  In this case, the audit software would still fail.

    :1009342