Press Releases

Browse our press release archive

20 Oct 2006

Sophos: 20 years of security innovation

Sophos has a 20 year history of innovative security solutions

Sophos's unique culture of research and technology evolution has ensured that we stay at the leading edge of protection as the industry adjusts to constantly changing threat and IT environments. Our integrated solutions protect every layer of business from laptops and mobile devices, to desktops, servers and gateways.

Where others have sought shortcuts to true innovation by buying in new technologies and bundling them together to form "suites", Sophos has built its product range out from proven core technologies. Sophos constantly enhances and revises these technologies, resulting in iterative improvements as threats and user requirements evolve. Customers do not need to buy additional modules and products to benefit from these enhancements, they are delivered as part of Sophos's ongoing service and update program.

This approach has resulted in a number of unique aspects to Sophos's product range:

Integrated protection against multiple threats

Over the last three years, spyware has become a major problem across the internet. From both technical and user positions the categorization of a specific threat as a virus, worm, spam, phish, spyware or adware is meaningless. The threat simply needs to be stopped, and needs to be stopped at all points of the enterprise: laptop, desktop, server, and gateway.

Similarly, there is no benefit to the user in having different solutions for known and unknown threats. Sophos's single integrated file analysis engine applies the same set of technologies and capabilities to all threats. Requiring a single agent on the desktop, and a single scan of any suspect file, this approach eliminates the inevitable overlaps and gaps in protection caused by treating viruses and spyware as separate problems, while simultaneously simplifying administration and minimising desktop load.

This integration of threat protection extends far beyond Sophos's software and hardware products and is reflected in SophosLabs™, Sophos's global network of integrated threat analysis labs, producing a single coherent threat data set. SophosLabs integrated capabilities further extend beyond malware to include email and spam analysis within those same facilities, providing a unique strength for gateway protection.

Delivering protection in a constantly accelerating world

As the number and range of types of threats has increased, so has the level of connectivity available to all IT users. This has lead to a rapid increase in the speed at which threats move. Today, an unprotected PC connected to the internet can be infected within 10 minutes.

In addition to innovating in the area of threat detection, Sophos has also focused on accelerating the delivery of that protection. Where once, monthly updates were sufficient, Sophos can now automatically and seamlessly update its product set against spam and virus threats every five minutes. Analysis and testing is increasingly automated. Investment has been made so that the update test cycle, which used to take up to 24 hours, can now be completed in 15 minutes, without compromising quality.

It is not enough simply to produce updates; they provide no protection until deployed to user machines. Sophos's integrated administration system delivers updates across even the largest corporate networks in minutes.

Advancing protection beyond the known - Zero Day and HIPS

This constant acceleration and diversification of the threat has lead to a growing need to detect and stop unknown threats. Terms like Zero Day and HIPS suggest that these new threats require standalone protection systems. Typical HIPS systems modify the OS kernel at multiple points in an attempt to track behavior in real-time and stop it before too much damage occurs. This approach risks compromising the stability and security of the very OS it is trying to secure, and can only detect malicious behavior after the event.

Sophos has avoided these dangers by addressing the unknown threat risk through extensions to our core expertise. Genotype and Behavioral Genotype Protection are unique pre-emptive technologies, identifying malicious behavior before any execution can occur, without the need for kernel modification.

Behavioral Genotype Protection is now an integral part of all versions of Sophos Anti-VirusPureMessage on all platforms and the Sophos Email Security Appliance, ensuring all layers of the corporate network are protected. Malicious code is prevented from executing at all, whereas runtime HIPS can only interrupt code that has already partly executed.

Simplicity of management and deployment

With the ever increasing complexity of IT environments and threats, it has never been more important to ensure that protection is simple to configure and deploy, and that alerts are instantly visible. Sophos's 20 year focus on network protection has lead to a single, simple management system. PCs can be grouped according to any requirement and managed by exception. Policies can be created independently and then simply 'drag and dropped' onto those groups. These ActivePolicies allow instant reconfiguration of large numbers of PCs, with simple policies that define all aspects of protection across a wide range of threat types. Sophos Client Firewall is managed with similar policies within the same console.

Sophos products are updated automatically across the network, whether updates are a single virus signature, or an engine enhancement to deal with an anticipated new class of threat, ensuring that protection is always up-to-date.

Protection across heterogeneous networks

While there is no doubt that the main threat is to Windows platforms, few networks are homogeneous. There may be legacy Windows 9x desktops, Linux servers, Mac clients and many others. Sophos provides protection across dozens of different platforms, and uniquely provides integrated management across Windows, Linux and Mac systems, providing the ability to write common policies across these platforms.

The risk to these other platforms may be lower, but it does exist. Additionally, malware may be stored on these systems, which will re-attack Windows systems if not removed. Sophos's unique approach to integrated protection means that the full range of known and unknown threat protection applies across all these platforms.

Mobile workers are not treated any differently. Failsafe updating and bandwidth throttling ensures remote laptop users stay protected, and the forthcoming Sophos Mobile Security updates itself automatically directly from Sophos via HTTP and GPRS, while allowing administrators to simply configure and lock down protection settings.

Extending control to unwanted software

Sophos is now taking those techniques developed for virus and malware protection, and extending them further to provide network administrators with more control of their environments. In addition to stopping malicious code, Sophos Anti-Virus can now block legitimate consumer applications (such as VOIP, instant messaging and peer-to-peer file-sharing) that can undermine productivity and network performance in a business environment.

This key development makes us the first vendor to integrate anti-virus protection and application control. Control for other categories of applications, including computer games, will be added in future releases.

Software and service you can trust

Sophos has been pushing the envelope with product innovation for 20 years. At the same time we understand the absolute need for quality and reliability. This balance is a particular challenge in the uniquely fast moving world of security, where minutes matter. Sophos continues to invest in improving already rigorous testing, production and release processes to reinforce user confidence in these rapidly innovating solutions.

All Sophos products are backed up by global 24/7 technical support.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at