Intercept X 技術規格

Sophos Intercept X 適用於運作 Windows 7 和以上版本 (32 和 64 位元) 的裝置。Intercept X 專為增強現有的端點安全或防毒軟體所設計,可提供新一代防入侵攻擊、防勒索軟體、根本原因分析和進階系統清理技術。其也能和 Sophos Endpoint Protection 一起使用。

Intercept X 和 Endpoint 均可利用我們的統一式主控台 Sophos Central 來管理。不需要建立伺服器,只要登入後即可從同一個地方下載代理程式並設定所有政策。

如需其他資訊,請參見 Sophos Intercept X 資料表

請造訪 Sophos Community 取得所有 Sophos 產品的完整系統需求。

Features
EXPLOIT PREVENTION
Enforce Data Execution Prevention
Mandatory Address Space Layout Randomization 
Bottom-up ASLR 
Null Page (Null Deference Protection) 
Heap Spray Allocation 
Dynamic Heap Spray 
Stack Pivot 
Stack Exec (MemProt) 
Stack-based ROP Mitigations (Caller) 
Branch-based ROP Mitigations
Structured Exception Handler Overwrite (SEHOP)
Import Address Table Filtering (IAF) 
Load Library 
Reflective DLL Injection 
Shellcode 
VBScript God Mode 
Wow64 
Syscall 
Hollow Process 
DLL Hijacking 
Squiblydoo Applocker Bypass 
APC Protection (Double Pulsar / AtomBombing)
Process Privilege Escalation
ACTIVE ADVERSARY MITIGATIONS
Credential Theft Protection 
Code Cave Mitigation
Man-in-the-Browser Protection (Safe Browsing) 
Malicious Traffic Detection
Meterpreter Shell Detection
ANTIRANSOMWARE
Ransomware File Protection (CryptoGuard) 
Automatic file recovery (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
APPLICATION LOCKDOWN
Web Browsers (including HTA) 
Web Browser Plugins
Java 
Media Applications 
Office Applications
DEEP LEARNING
Deep Learning Malware Detection
Deep Learning Potentially Unwanted
Applications (PUA) Blocking
False Positive Suppression
Live Protection
RESPOND INVESTIGATE REMOVE
Root Cause Analysis
Sophos Clean
Synchronized Security Heartbeat
ENDPOINT DETECTION AND RESPONSE (EDR)
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation
DEPLOYMENT
Can run as standalone agent
Can run alongside existing antivirus
Can run as component of existing
Sophos Endpoint agent
Windows 7
Windows 8
Windows 8.1
Windows 10
macOS*

* Features supported CryptoGuard, Malicious Traffic Detection, Synchronized Security Heartbeat, Root Cause Analysis

CENTRAL ENDPOINT INTERCEPT X INTERCEPT X ADVANCED INTERCEPT X ADVANCED WITH EDR
ATTACK SURFACE REDUCTION
Web Security
Download Reputation
Web Control / Category-based URL Blocking
Peripheral Control
(e.g. USB)
Application Control
BEFORE IT RUNS ON DEVICE
Deep Learning Malware Detection
Anti-Malware File Scanning
Live Protection
Pre-execution Behavior Analysis (HIPS)
Potentially Unwanted Application (PUA) Blocking
Data Loss Prevention
Exploit Prevention
STOP RUNNING THREAT
Runtime Behavior Analysis (HIPS)
Malicious Traffic Detection (MTD)
Active Adversary Mitigations
Ransomware File Protection (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
Man-in-the-Browser Protection (Safe Browsing)
INVESTIGATE AND REMOVE
Automated Malware Removal
Synchronized Security Heartbeat
Root Cause Analysis
Sophos Clean
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation

*Not all features are supported on all operating systems