Security news
Security news20 October 2006
Sophos: 20 years of security innovation
Sophos has a 20 year history of innovative security solutions
Sophos's unique culture of research and technology evolution has ensured that we stay at the leading edge of protection as the industry adjusts to constantly changing threat and IT environments. Our integrated solutions protect every layer of business from laptops and mobile devices, to desktops, servers and gateways.
Where others have sought shortcuts to true innovation by buying in new technologies and bundling them together to form "suites", Sophos has built its product range out from proven core technologies. Sophos constantly enhances and revises these technologies, resulting in iterative improvements as threats and user requirements evolve. Customers do not need to buy additional modules and products to benefit from these enhancements, they are delivered as part of Sophos's ongoing service and update program.
This approach has resulted in a number of unique aspects to Sophos’s product range:
Integrated protection against multiple threats
Over the last three years, spyware has become a major problem across the internet. From both technical and user positions the categorization of a specific threat as a virus, worm, spam, phish, spyware or adware is meaningless. The threat simply needs to be stopped, and needs to be stopped at all points of the enterprise: laptop, desktop, server, and gateway.
Similarly, there is no benefit to the user in having different solutions for known and unknown threats. Sophos's single integrated file analysis engine applies the same set of technologies and capabilities to all threats. Requiring a single agent on the desktop, and a single scan of any suspect file, this approach eliminates the inevitable overlaps and gaps in protection caused by treating viruses and spyware as separate problems, while simultaneously simplifying administration and minimising desktop load.
This integration of threat protection extends far beyond Sophos's software and hardware products and is reflected in SophosLabs™, Sophos's global network of integrated threat analysis labs, producing a single coherent threat data set. SophosLabs integrated capabilities further extend beyond malware to include email and spam analysis within those same facilities, providing a unique strength for gateway protection.
Delivering protection in a constantly accelerating world
As the number and range of types of threats has increased, so has the level of connectivity available to all IT users. This has lead to a rapid increase in the speed at which threats move. Today, an unprotected PC connected to the internet can be infected within 10 minutes.
In addition to innovating in the area of threat detection, Sophos has also focused on accelerating the delivery of that protection. Where once, monthly updates were sufficient, Sophos can now automatically and seamlessly update its product set against spam and virus threats every five minutes. Analysis and testing is increasingly automated. Investment has been made so that the update test cycle, which used to take up to 24 hours, can now be completed in 15 minutes, without compromising quality.
It is not enough simply to produce updates; they provide no protection until deployed to user machines. Sophos's integrated administration system delivers updates across even the largest corporate networks in minutes.
Advancing protection beyond the known – Zero Day and HIPS
This constant acceleration and diversification of the threat has lead to a growing need to detect and stop unknown threats. Terms like Zero Day and HIPS suggest that these new threats require standalone protection systems. Typical HIPS systems modify the OS kernel at multiple points in an attempt to track behavior in real-time and stop it before too much damage occurs. This approach risks compromising the stability and security of the very OS it is trying to secure, and can only detect malicious behavior after the event.
Sophos has avoided these dangers by addressing the unknown threat risk through extensions to our core expertise. Genotype and Behavioral Genotype Protection are unique pre-emptive technologies, identifying malicious behavior before any execution can occur, without the need for kernel modification.
Behavioral Genotype Protection is now an integral part of all versions of Sophos Anti-Virus, PureMessage on all platforms and the Sophos Email Security Appliance, ensuring all layers of the corporate network are protected. Malicious code is prevented from executing at all, whereas runtime HIPS can only interrupt code that has already partly executed.
Simplicity of management and deployment
With the ever increasing complexity of IT environments and threats, it has never been more important to ensure that protection is simple to configure and deploy, and that alerts are instantly visible. Sophos's 20 year focus on network protection has lead to a single, simple management system. PCs can be grouped according to any requirement and managed by exception. Policies can be created independently and then simply 'drag and dropped' onto those groups. These ActivePolicies allow instant reconfiguration of large numbers of PCs, with simple policies that define all aspects of protection across a wide range of threat types. Sophos Client Firewall is managed with similar policies within the same console.
Sophos products are updated automatically across the network, whether updates are a single virus signature, or an engine enhancement to deal with an anticipated new class of threat, ensuring that protection is always up-to-date.
Protection across heterogeneous networks
While there is no doubt that the main threat is to Windows platforms, few networks are homogeneous. There may be legacy Windows 9x desktops, Linux servers, Mac clients and many others. Sophos provides protection across dozens of different platforms, and uniquely provides integrated management across Windows, Linux and Mac systems, providing the ability to write common policies across these platforms.
The risk to these other platforms may be lower, but it does exist. Additionally, malware may be stored on these systems, which will re-attack Windows systems if not removed. Sophos's unique approach to integrated protection means that the full range of known and unknown threat protection applies across all these platforms.
Mobile workers are not treated any differently. Failsafe updating and bandwidth throttling ensures remote laptop users stay protected, and the forthcoming Sophos Mobile Security updates itself automatically directly from Sophos via HTTP and GPRS, while allowing administrators to simply configure and lock down protection settings.
Extending control to unwanted software
Sophos is now taking those techniques developed for virus and malware protection, and extending them further to provide network administrators with more control of their environments. In addition to stopping malicious code, Sophos Anti-Virus can now block legitimate consumer applications (such as VOIP, instant messaging and peer-to-peer file-sharing) that can undermine productivity and network performance in a business environment.
This key development makes us the first vendor to integrate anti-virus protection and application control. Control for other categories of applications, including computer games, will be added in future releases.
Software and service you can trust
Sophos has been pushing the envelope with product innovation for 20 years. At the same time we understand the absolute need for quality and reliability. This balance is a particular challenge in the uniquely fast moving world of security, where minutes matter. Sophos continues to invest in improving already rigorous testing, production and release processes to reinforce user confidence in these rapidly innovating solutions.
All Sophos products are backed up by global 24/7 technical support.
Readers Choice Awards 2009Information Security Magazine
- Please vote for Sophos and Utimaco!
- Subscribe to the Information Security
newsletter to vote.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
