Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 3352 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint 10

iStalk
Excuse me, can I chose the wrong section... (Moderators please move where you want to...) I am interested in the fate of Endpoint 10, would like to know what is new in this version (especially self-defense), when this version will be released? thanks ... p.s. very sorry that my first post did not get a clear answer ...
:15069


This thread was automatically locked due to age.
  • 0

    Hi,

    The beta page for SAV 10 went up recently with some information:

    http://www.sophos.com/en-us/products/beta.aspx

    "Give you the ability to filter inappropriate websites whether your users are on or off your network "

    So web control at the endpoint.

    "Boost performance, which results in faster boot-up scanning and improved malware detection accuracy "

    Not sure what this would include.

    "Enhance web-based malware protection with browser independent scanning "

    So I guess this would suggest that the current IE BHO will be replaced or supplimented with a new component so it can operate with multiple browsers.

    "Identify computers missing patches for vulnerabilities being exploited by the latest threats "

    Some sort of reporting on missing patches and which ones are being exploited by threats I would imagine.

    Regards,

    Jak 

    :15071
  • 0
    Yes I already read it, but would be desirable to feel ... The question, when you can already feel?
    :15075
  • 0

    Hello iStalk,

    if I understand you correctly you are interested in a feature similar to Kaspersky's Self-Defense. 

    I'm not affiliated with Sophos (other than being a customer) so this is my personal opinion only. My guess is that you won't see something like it in the near future (but Sophos might react to customer's demands). As self-defense has several aspects - which one is it you are most interested in (or in other words: what do you think is missing)?

    Christian

    :15079
  • 0
    Yes, you understood correctly, that self-defense as interested in Kaspersky or almost so, but I think you need to make sure that it was impossible to unload the process from Task Manager Sophos, as SBE is very often used PC as an administrator and with the processes of Sophos can be done anything, but it's bad ... And why in the near future nothing like nelbzya will see? Thank you.
    :15089
  • 0

    I don't see how someone with local admin rights can be locked out from anything and if you have physical access to the machine which is almost 100% of the time with a endpoint you don't even need admin rights most of the time.

    You can put up hurdles but ultimately admin rights on a machine means just that.

    Jak

    :15093
  • 0

    From reading the docs this self-defense should provide additional protection from

    1. malware which elevates its rights to disable AV
    2. manipulation of the settings using the UI through "unauthorized" remote access

    Now this might indeed provide (albeit only slightly) increased security against occasional threats - but the gain is not that much. If some malware is only discovered because it fails to stop the AV process it has probably otherwise successfully evaded the scanner. Even if the first thing some malicious code does is turning off the scanner in order to be able to download and run additional components the fact that the scanner is turned off should alert you. As even if it fails to run off the scanner it might already have successfully planted some components (remember, it hasn't been detected in the first place) you should no longer "trust" the affected computer.

    Theory tells us that absolute protection is impossible, even more so with a single "monolithic" and internal program. Thus it is essential to be prudent when using "important" machines. A (Windows) "server" is nowadays in general not more secure because of how it is "built" but how it's used. Use a server for gaming, chatting, downloading all kinds of stuff, allow (practically) anonymous access, enable guest accounts, take down the firewall, put it "on the internet" - it will be as vulnerable as your average "PC". Self-defense in such an environment is like parking your expensive car with all kinds of expensive stuff clearly visible inside in a shady neighbourhood in the beliefs that the burglar alarm's backup power supply might thwart any malicious acts (though it might help in a very few cases).

    I'm not saying that self-defense (and all vendors employ it to a certain extent) is completely unnecessary - it's just not the most important thing and absence of certain features is not blunder.

    Christian

    :15095
  • 0
    I say in relation to Russia, but here in small firms often do not do server - Control Center to set nowhere, as all the PC - it's laptops ... I agree that self-defense is not the most important thing, but in this context is necessary because users do not know what they are doing ... Alexey
    :15099
  • 0
    You have certainly a point here, Alexey. But don't forget that each feature has its price (in terms of resources needed) and if the hardware is already stressed and/or you can't spare one machine for strict "as a server use" you'll likely run into problems when running additional features (and they are additions even if enabled by default). At a certain point it's more efficient to invest in education and awareness than in "features" - and the scarcer resources are the sooner this point is reached. Similarly a vendor has to make decisions - we all know there is no absolute security, and there's the non- negligible risk of procuring a false sense of security. All these nifty features work best in a environment with knowledgeable users and administrators (others will simply turn them off when they prevent them from doing what they "need to do").

    As for a Russian version - can't say I've missed it :-). Actually I use the English UI (my native language is German) as I've grown up with all the "important IT stuff being in English). Do not forget that Sophos targets business use only. But I bet you'll get a Russian Ui as soon as Sophos acquires its first Russian company ...

    Thanks for your interesting contributions
    Christian
    :15103
  • 0
    In Russia, a lot of companies who use Sophos, but mostly they SBE. Sophos product introduction in Russia the company does "Dialog-Nauka" (http://www.dials.ru/). Recently, however, sales growth rates have declined, and because of the lack of Russian localization and self-protection product ... I agree that 100% security does not exist, but to bring it closer to 100 as one of the components can be self-defense. A privlikatelnost product for Russia - will be localized. Nezrya same company Symantec, Eset, etc. invistiruet in the development of Russian representation in the localization of their products. Russia - not the country bears, even Apple is localized for a long time my Mac OS X and iOS for Russia, the number is constantly growing Sold Mac. Sophos - it's time to come to Russia, this is a great tidbit. Third of the globe ... Alexey
    :15105
  • 0

    any release date to Sophos 10 ??

    :18627