Sorry, this product is no longer available, replace by the Intercept X Advanced for Server
A policy is a set of options (for example, settings for malware protection) that Sophos Central applies to protected users, devices, servers, or networks. Intercept X with EDR Sophos Endpoint Detection and Response (EDR) lets you investigate detected threats (“threat cases”) and search for new threats. Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here.
Overview:
Defend your data from malware without sacrificing server performance. Sophos Server Protection protects your server environment from malicious attacks while keeping your servers running at optimum performance. Designed to secure business- critical servers, Sophos Server Protection includes server application whitelisting, advanced anti-malware, and behavior analysis. It’s server security made simple, providing protection for your Windows, Linux, and UNIX systems, whether you’re running physical or virtualized servers, on premise, or in the cloud, including Amazon Web Services (AWS) and Azure.
Highlights
- Protects Windows, Linux, and UNIX systems with minimal resource use
- Protects against ransomware running locally or remotely
- Synchronized Security with Destination Heartbeat
- Protects and manage server policies for auto- scaling groups in AWS
- Protects server images in Azure
- Server Lockdown with application whitelisting
- Advanced, policy-based rules
- Simplified management from the cloud or an on-premise console
Better protection
Sophos Server Protection offers innovative features like anti-ransomware and pre-execution emulation for identifying suspicious behavioral patterns, giving you the broadest protection for your servers and data, including from zero-day attacks. Our CryptoGuard anti-ransomware detects and intercepts unsolicited encryption of files, resulting from ransomware running on a remote endpoint that is connected to the server. Server Lockdown uses application whitelisting to secure servers with a default deny policy, preventing all unauthorized applications from executing. Once a server is locked down, anti-malware and a Host Intrusion Prevention System (HIPS) behavior analysis prevent content-based threats (such as an infected PDF or Word document) that could otherwise exploit vulnerabilities within whitelisted applications.
Sophos Server Protection also includes Malicious Traffic Detection, which monitors for traffic associated with malware. This feature enables early detection and removal of malware, along with Synchronized Security with Security Heartbeat to accelerate threat discovery, isolation, and remediation.
High-performance security built for servers
Servers are the repositories for the majority of most organizational data. With users needing continuous access, maximum uptime and optimal performance are of utmost importance. The server-specific policies provide out-of-the-box protection, giving you granular control of the lightweight agent. A variety of server-specific techniques enable small and fast updates, designed to require fewer server resources and mitigate any impact. Automatic application exclusions for key business applications, like Exchange or SQL, prevent false positives and needless rescanning of files.Simple to use, including one-click Server Lockdown
Sophos Server Protection Advanced is the only solution that locks down your server with a single click, securing servers in a safe state and preventing unauthorized applications from running. With that click, Sophos automatically scans the system, establishes an inventory of known- good applications, and whitelists just those applications. Other whitelisting applications require the manual creation of rules to secure scripts and other system files, but Sophos manages the connections between applications and the associated files, such as DLLs, data files, and scripts.
Sophos Central Server Location
Server Lockdown is only an example of how Sophos has made server security simple. With policy- based rules for server groups, as well as application, peripheral, and web control, Sophos makes it easy to control what happens on your servers, whether they be physical, virtual, or in the cloud
Cloud or on-premises management
When it comes to managing your servers, you have options. Our cloud-based Sophos Central, hosted by Sophos, provides instant access to new features with no console servers to set up and maintain. It also manages other Sophos products, including Endpoint, Mobile, Wireless, Email, and Web — all from a single pane of glass.
If you prefer to manage your servers with an on-premises console, Sophos Enterprise Console provides you with that option. Either way, you get sophisticated functionality coupled with a simple, intuitive interface for your servers and your users’ workstations, too.
Security for every platform
Sophos Central Server Protection
With support for a broad range of platforms, you can protect every server in your organization. In addition to Windows Server, Sophos Server Protection secures the most common variants of Linux and Unix-based operating systems.Technical Specifications:
Windows Server
| Supported platforms |
|---|
| Windows Server 2008 R2 and later |
| System requirements |
|---|
| Disk space: 1 GB minimum |
| RAM: 1 GB* minimum |
| Supported languages |
|---|
| English, French, German, Italian, Japanese, Spanish, and Simplified and Traditional Chinese |
*If using lockdown, the required memory is 2 GB.
Linux Server
| Supported platforms |
|---|
| CentOS |
| Debian |
| Novell Open Enterprise Server |
| Oracle Linux |
| Red Hat Enterprise Linux |
| SUSE Linux Enterprise Server |
| Ubuntu |
Sophos Central Server Core
| System requirements |
|---|
| Disk space: 1 GB minimum |
| RAM: 1 GB minimum |
| Supported languages |
|---|
| English, Japanese |
UNIX Server
| Supported platforms |
|---|
| AIX |
| HP-UX |
| Solaris (SPARC and Intel) |
| System requirements |
|---|
| Disk space: 1 GB minimum |
| RAM: 1 GB minimum |
| Supported languages |
|---|
| English, Japanese |
How to Buy:
Sophos Server Protection can be deployed on a physical server, or run on a VM (either in your datacenter or on AWS or Azure). It can be managed either through the Sophos-maintained Sophos Central website, or through an on-premises management console. Both deliver outstanding performance and protection. See the table to licensing options below for details of the features available across the two price tiers on both Sophos Central and on premises with the Sophos Enterprise Console (purchased separately).
| On-Premises Managed/Sophos Enterprise Console | Cloud Managed/Sophos Central | |||
|---|---|---|---|---|
| Server Protection for Virtualization, Windows, and Linux | Server Protection Enterprise | Central Server Protection Standard | Central Server Protection Advanced | |
| Pricing | Per Server | Per Server | Per Server | Per Server |
| Windows Server | ||||
| Linux | ||||
| UNIX (AIX and Solaris) | ||||
| Application Whitelisting and Server Lockdown1 | ||||
| Anti-malware/HIPS1/ Live Protection | ||||
| Web Security/Download Reputation | ||||
| Potentially Unwanted Application (PUA) | ||||
| Web Control (URL blocking), Application Control (Limit access per category), Peripheral Control (e.g., USB), Data Loss Prevention | ||||
| Automatic Scanning Exclusions1 | ||||
| Amazon Web Services Integration | ||||
| Azure Support | ||||
| CryptoGuard anti-ransomware | Add on2 | |||
| Malicious Traffic Detection | ||||
| Sophos Enterprise Console On-Premise Server | ||||
| Sophos Central Cloud-Based Management | ||||
| Manages Sophos Endpoint, Mobile, Email, Web Gateway, and Wi-Fi | ||||
1All features available on Windows. Not all features are currently available on Linux.
2CryptoGuard available via add-on Endpoint Exploit Prevention (EXP) license for Windows Servers.
Documentation:
Download the Sophos Server Protection Data Sheet (PDF).
Pricing Notes:
- Pricing and product availability subject to change without notice.
Sorry, this product is no longer available, replace by the Intercept X Advanced for Server
Known issues and limitations
| Issue ID | Component | Description |
|---|---|---|
| WINEP-1577 | Sophos Central agent installer | The logged on user who runs SophosInstall.exe must be a member of the SophosAdministrator group in order to migrate an on-premise–managed computer to Sophos Central. Otherwise, the installation will fail. If you have experienced this issue, add the user account to the SophosAdministrator group and re-run the installer. |
| WINEP-1423 | Sophos Central agent installer | When migrating an on-premise–managed computer to Sophos Central, a Sophos endpoint software update may cause the installation to fail. This happens when a computer is migrated without using the Sophos Central Migration Tool, by running the Sophos Central agent installer (SophosInstall.exe) on the computer either interactively or in a quiet mode. The update frequency is configured in Sophos Enterprise Console (Updating Policy > Schedule tab > Check for updates every n minutes) by the Sophos Enterprise Console administrator. To avoid or work around this issue, you can do either of the following:
|