Sophos Endpoint and Email Security and Data Protection Solutions Shine in Network World Magazine Data Loss Prevention Test

April 29, 2010 Sophos Press Release

 

BOSTON - April 30, 2010 - IT security and data protection firm Sophos announced that its endpoint solution, Sophos Endpoint Security and Data Protection, and the company's email gateway solution, Sophos Email Security and Data Protection (ES1100), participated in Network World Magazine's latest test on data leakage prevention at the endpoint and perimeter. In the "Data loss prevention comes of age" review article published in April 2010, Sophos earned favorable marks for integrating data leakage prevention capabilities into existing anti-malware infrastructure.

Network World's test lab invited nearly a dozen security vendors to submit DLP solutions for this test. Only two vendors accepted the challenge - Sophos being one of them.

The review team - Benjamin Blakely, Mark Rabe, and Justin Duffy - highlighted key attributes for each Sophos solution. From installation, configuration and functionality to device control, remediation and monitoring, Sophos's DLP was well received.

Network World DLP Test Highlights:

Installation

  • "Existing Sophos customers will be pleased to know that the DLP software makes use of the existing Sophos client software, so adding DLP is only a matter of rolling out additional rules. Sophos uses the same engine for both antivirus and DLP."
  • The reviewers noted that "Sophos' s solution seems better suited for small to midsize businesses that are looking for DLP as an added bonus to an existing anti-malware infrastructure…"
  • "This wizard was one of the best we've seen. It was well designed, provided helpful information at each step, and did a number of checks to verify proper configuration …"
  • "Sophos also gives the administrator the option to relay status information about the ES1100's health back to Sophos. The administrator can elect to receive notifications if a critical or non-critical error (or both) is detected. This proactive support could stave off a major service interruption..."

Configuration and functionality

  • Sophos's solutions were found "to be very easy - a real pleasure after some of the more Spartan interfaces we've experienced in previous reviews." Sophos "proved to be feature-rich"
  • The team placed significant emphasis on having an "out-of-the-box" start to policies for compliance. The group was "happy to find templates for HIPAA and PCI, and also for identifying personally identifiable information (PII) that we were able to use for our rules."
  • Having the option to select "All added by Sophos in future" as an application under each category was a pleasant surprise for the team.

Device control

  • Another favorable attribute was Sophos's ability to control external devices on the endpoints. According to the review team, "this allowed us to disable optical drives or USB drives, only allow certain types, brands, or models of devices, only allow specific devices (for example by serial number), limit the amount of data copied to a drive, or apply encryption before allowing data to be moved to these devices."

Remediation capabilities

  • "To assist us with analyzing breaches, both vendors included methods of quarantining or redirecting violating items. This means quarantining data on the endpoint in the same manner that viruses are quarantined, or re-routing (to another server), redirecting (to another user), duplicating (to another server), or tagging the subject line of violating emails."

Monitoring, notification, and workflow

  • The Sophos dashboards allowed the team to get a "birds-eye view into the current status of the DLP solution. Both allow historical analysis and report generation to help drill-down and find more information."

The Network World team concluded that Sophos's DLP functionality may be relatively new, but it's very efficient and continuously improving.

More about the Sophos products tested

Sophos Endpoint Security and Data Protection protects computers and data - without stretching your anti-virus budget. Simplified cross-platform security, centralized management, integrated data loss prevention, full disk encryption and control of devices, applications and network access let you simply secure your business and comply with regulations.

ES1000 secures the mail gateway from spam, phishing, viruses, spyware and other malware, and use content filtering and encryption to prevent the loss of confidential or sensitive information via email. Built on an intelligent managed appliance platform, powered by SophosLabs proactive protection and backed by unrivaled 24x7 support, the email appliance delivers complete gateway security with less effort and greater peace of mind.