Brooklands College Beats Conficker With Sophos

Sophos Press Release

With value added reseller Trustmarque, Sophos helps further education establishment to defend entire two-site network against viruses and other malware threats

IT security and data protection firm Sophos today announced that it is providing endpoint protection to Brooklands College, a further education institution based across two sites in Surrey and Kent in the South East. Having struggled with the notorious ‘Conficker’ worm – an issue that the previous security solution could not resolve – Brooklands consulted Trustmarque Solutions before deciding to move to Sophos Endpoint Security and Control. Sophos successfully cleaned up the initial, long-standing outbreak, significantly reducing IT support overheads, while also helping to improve overall network performance.

The Conficker worm, also known as Downadup, first surfaced in November 2008 and has infected thousands of business networks. The infection attacks unpatched computers by exploiting weak passwords and USB storage devices. The widespread use of USB drives by students has meant that schools and colleges have been particularly badly affected by Conficker – the infection also spreads beyond the education environment, as students use USB devices on both college networks and at home. At one point, Conficker had infected every single machine on Brookland’s College network – equating to 2556 infections. This caused a problem for the college with its internet service provider, as the worm recruits infected computers into a botnet – a network of machines that cybercriminals use to send spam and launch denial of service attacks. This in turn generates a lot of internet traffic, which can lead to networks being over-loaded.

Although the previous solution at Brooklands College was able to detect Conficker, it was unable to permanently remove the infections – the only solution at the time was to remove every single machine from the network and individually clean them, which would have resulted in an estimated four months of work.

“Conficker is really nasty. It spreads very quickly and easily and really puts a lot of strain on the network – the previous solution just couldn’t handle it,” said Peter Dietsch, senior support engineer, Brooklands College. “Although we desperately required a fix – at one point we had 600 support calls logged in a queue – in the education environment, cost is a very sensitive issue and we were concerned as we had not long renewed our contract with the existing vendor. However, not only could the Sophos solution handle the outbreak, and keep Conficker off the machines, but Sophos was also extremely flexible with regards to our various existing support agreements.”

Trustmarque Solutions, the Sophos partner involved in the deployment, provided detailed consultation and onsite support during the initial implementation.

“The amount of work that these kinds of outbreaks generate cannot be underestimated,” said Rob Newburn, Head of Information Security & Managed Services at Trustmarque Solutions. “Disinfecting an entire network is a big enough challenge, but when resources are so limited, you really need the right tools. Following onsite consultation, we were able to recommend Sophos as the best security solution for Brooklands College.”

Brooklands College has rolled out the Sophos endpoint solution across the entire network in a simple migration process, with the first 1000 machines being switched to Sophos in less than four days.

“Aside from being easy to deploy, the central console is good for getting an overview of where infections are coming from, which helps us shift towards prevention rather than cure,” adds Dietsch. “I suppose the best side-effect was that network performance improved dramatically, not just as a result of reduced load from the removal of Conficker, but also because older machines weren’t slowed down by Sophos’s memory requirements.”

In addition to providing Brooklands College with anti-virus protection, Sophos Endpoint Security and Control is an all-inclusive package including application control, device control, data leakage prevention and Network Access Control (NAC), helping to keep managed and guest computers in line with network security policies and patches.

“Worms like Conficker have been an absolute nightmare for IT departments in the education sector,” said Ollie Hart, head of public sector at Sophos. “Colleges often have very large networks with many clusters of endpoints, but IT support resources can be limited to one or two members of staff. It’s important for security solutions to directly address these restrictions – making security simpler and easier to manage.”

About Trustmarque

Trustmarque has been providing value added services to customers since it was founded in 1987 and is now one of the UK’s largest Value Added Resellers. Trustmarque brings together years of knowledge plus a strong track record of delivering successful IT enabled projects for customers that realize positive business outcomes. Trustmarque delivers solutions across six key areas: Business Performance Management, Information Security, Core Infrastructure Services, Microsoft Integrated Solutions, Managed Licence Services and Software Procurement Consultancy.

For more information about Trustmarque visit, call 0845 2101 500 or email

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at