Server Protection

Technische Spezifikationen

Workload Protection
Tech Specs

Schützen Sie Ihre Windows- und Linux-Server in der Cloud, vor Ort und in virtuellen oder gemischten Umgebungen.

Weitere Informationen finden Sie im Datenblatt zu Intercept X for Server, im EDR-/XDR-Datenblatt und im Linux-Datenblatt.

Erfahren Sie mehr über die Systemvoraussetzungen und unterstützten Betriebssysteme für Windows und Linux.

Lösungsvergleich

 

Features

Intercept X Advanced for Server

Intercept X Advanced for Server with XDR

Intercept X Advanced for Server with MTR Standard

Intercept X Advanced for Server with MTR Advanced

REDUKTION DER ANGRIFFSFLÄCHE
Web Security

 

 

 

 

Download Reputation

 

 

 

 

Web Control/Kategoriebasierte URL-Filterung

 

 

 

 

Peripheriekontrolle

 

 

 

 

Application Control

 

 

 

 

Application Whitelisting (Server Lockdown)

 

 

 

 

VOR AUSFÜHRUNG AUF DEM GERÄT
Deep-Learning-Malware-Erkennung

 

 

 

 

Anti-Malware-Dateiscans

 

 

 

 

Live Protection

 

 

 

 

Verhaltensanalysen vor Ausführung (HIPS)

 

 

 

 

Blockierung potenziell unerwünschter Anwendungen (PUAs)

 

 

 

 

Intrusion Prevention System

 

 

 

 

STOPPEN VON BEDROHUNGEN BEI AUSFÜHRUNG
Data Loss Prevention

 

 

 

 

Laufzeit-Verhaltensanalyse (HIPS)

 

 

 

 

Antimalware Scan Interface (AMSI)

 

 

 

 

Malicious Traffic Detection (MTD)

 

 

 

 

Exploit Prevention

 

 

 

 

Active Adversary Mitigations

 

 

 

 

Ransomware File Protection (CryptoGuard)

 

 

 

 

Disk and Boot Record Protection (WipeGuard)

 

 

 

 

Man-in-the-Browser Protection (Safe Browsing)

 

 

 

 

Enhanced Application Lockdown

 

 

 

 

ERKENNUNG
Live Discover (umgebungsübergreifende SQL-Abfragen zum Threat Hunting und zur Einhaltung von Sicherheitsvorgaben)  

 

 

 

SQL-Abfragen-Library (vorformulierte, individuell anpassbare Abfragen)  

 

 

 

Erkennung verdächtiger Ereignisse und Priorisierung  

 

 

 

Datenspeicherung auf Festplatte (bis zu 90 Tage) mit schnellem Datenzugriff  

 

 

 

Produktübergreifende Datenquellen (z. B. Firewall, E-Mail)  

 

 

 

Produktübergreifende Abfragen  

 

 

 

Sophos Data Lake (Cloud-Datenspeicher)  

30 Tage

30 Tage

30 Tage

Geplante Abfragen  

 

 

 

ANALYSE
Bedrohungsfälle (Ursachenanalyse)

 

 

 

 

Deep Learning-Malware-Analyse  

 

 

 

Erweiterte Bedrohungsdaten aus den SophosLabs auf Abruf  

 

 

 

Export forensischer Daten  

 

 

 

BEREINIGUNG
Automatisierte Malware-Entfernung

 

 

 

 

Synchronized Security Heartbeat

 

 

 

 

Sophos Clean

 

 

 

 

Live Response (Remote-Analyse und -Reaktion)  

 

 

 

On-Demand-Endpoint-Isolation  

 

 

 

Mit einem Klick „Entfernen und blockieren“  

 

 

 

VISIBILITY
Cloud Workload Protection (Amazon Web Services, Microsoft Azure, Google Cloud Platform)

 

 

 

 

AWS Map, regionenübergreifende Visualisierung

 

 

 

 

Synchronized Application Control (Transparenz über Anwendungen)

 

 

 

 

Verwaltung Ihres Sicherheitsstatus in der Cloud (Cloud Hosts überwachen und schützen, serverlose Funktionen, S3-Buckets etc.)

 

 

 

 

KONTROLLE
Serverspezifische Richtlinienverwaltung

 

 

 

 

Update-Cache und Message-Relay

 

 

 

 

Automatische Scan-Ausnahmen

 

 

 

 

File Integrity Monitoring

 

 

 

 

MANAGED SERVICE
24/7 indizienbasiertes Threat Hunting    

 

 

Security Health Checks    

 

 

Datenspeicherung    

 

 

Aktivitätsreports    

 

 

Angriffserkennung    

 

 

Beseitigung von Bedrohungen und ihren Folgen    

 

 

24/7 indizienloses Threat Hunting      

 

Threat Response Team Lead      

 

Direkter Telefon-Support      

 

Proaktives Security Posture Management      

 

 

Informationen zu unterstützten Linux-Funktionen finden Sie im Lizenz-Guide.

Solution Comparison

 

Features

Intercept X Advanced for Server

Intercept X Advanced for Server with XDR

Intercept X Advanced for Server with MTR Standard

Intercept X Advanced for Server with MTR Advanced

ATTACK SURFACE REDUCTION
Web Security

 

 

 

 

Download Reputation

 

 

 

 

Web Control / Category-based URL Blocking

 

 

 

 

Peripheral Control

 

 

 

 

Application Control

 

 

 

 

Application Whitelisting (Server Lockdown)

 

 

 

 

BEFORE IT RUNS ON DEVICE
Deep Learning Malware Detection

 

 

 

 

Anti-Malware File Scanning

 

 

 

 

Live Protection

 

 

 

 

Pre-execution Behavior Analysis (HIPS)

 

 

 

 

Potentially Unwanted Application (PUA) Blocking

 

 

 

 

Intrusion Prevention System

 

 

 

 

STOP RUNNING THREAT
Data Loss Prevention

 

 

 

 

Runtime Behavior Analysis (HIPS)

 

 

 

 

Antimalware Scan Interface (AMSI)

 

 

 

 

Malicious Traffic Detection (MTD)

 

 

 

 

Exploit Prevention

 

 

 

 

Active Adversary Mitigations

 

 

 

 

Ransomware File Protection (CryptoGuard)

 

 

 

 

Disk and Boot Record Protection (WipeGuard)

 

 

 

 

Man-in-the-Browser Protection (Safe Browsing)

 

 

 

 

Enhanced Application Lockdown

 

 

 

 

DETECT
Linux Host and Container Behavioral and Exploit Runtime Decisions  

 

 

 

Live Discover (Cross Estate SQL Querying for Threat Hunting and IT Security Operations Hygiene)  

 

 

 

SQL Query Library (pre-written, fully customizable queries)  

 

 

 

Suspicious Events Detection and Prioritization  

 

 

 

Fast Access, On-disk Data Storage (up to 90 days)  

 

 

 

Cross-product Data Sources e.g. Firewall, Email  

 

 

 

Cross-product Querying  

 

 

 

Sophos Data Lake (Cloud Data Storage)  

30 days

30 days

30 days

Scheduled Queries  

 

 

 

INVESTIGATE
Threat Cases (Root Cause Analysis)

 

 

 

 

Deep Learning Malware Analysis  

 

 

 

Advanced On-demand SophosLabs Threat Intelligence  

 

 

 

Forensic Data Export  

 

 

 

REMEDIATE
Automated Malware Removal

 

 

 

 

Synchronized Security Heartbeat

 

 

 

 

Sophos Clean

 

 

 

 

Live Response (remotely investigate and take action)  

 

 

 

On-demand Endpoint Isolation  

 

 

 

Single-click “Clean and Block”  

 

 

 

VISIBILITY
Cloud Workload Protection (Amazon Web Services, Microsoft Azure, Google Cloud Platform)

 

 

 

 

Synchronized Application Control (visibility of applications)

 

 

 

 

Cloud Security Posture Management (monitor AWS, Azure, GCP environments)

 

 

 

 

CONTROL
Server-specific Policy Management

 

 

 

 

Update Cache and Message Relay

 

 

 

 

Automatic Scanning Exclusions

 

 

 

 

File Integrity Monitoring

 

 

 

 

MANAGED SERVICE
24/7 Lead-driven Threat Hunting    

 

 

Security Health Checks    

 

 

Data Retention    

 

 

Activity Reporting    

 

 

Adversarial Detections    

 

 

Threat Neutralization and Remediation    

 

 

24/7 Lead-less Threat Hunting      

 

Threat Response Team Lead      

 

Direct Call-in Support      

 

Proactive Security Posture Management      

 

 

For supported Linux features see the license guide.