Intercept X 技術規格

Intercept X 適用於執行 Windows 7 和更新版本、32 或 64 位元和 macOS 的裝置。Intercept X 是業界最全方位的端點保護,用於阻止最廣泛的威脅。Intercept X Advanced 會將 Intercept X 和 Central Endpoint 的功能結合在使用單一代理程式的一個解決方案中。Intercept X Advanced with EDR 也可以整合智慧型端點偵測與響應 (Endpoint Detection and Response, EDR)。它是透過我們統一的主控台 Sophos Central 所管理。不需要建立伺服器,只要登入後即可從同一個地方下載代理程式並設定所有政策。

如需其他資訊,請閱讀 Sophos Intercept X 資料表Sophos Intercept X Advanced with EDR 資料表

請造訪 Sophos Community 取得所有 Sophos 產品的完整系統需求。

以下所列功能全都包含在 Sophos Intercept X Advanced with EDR 中。

特點
EXPLOIT PREVENTION 漏洞利用防禦
Enforce Data Execution Prevention
Mandatory Address Space Layout Randomization 
Bottom-up ASLR 
Null Page (Null Deference Protection) 
Heap Spray Allocation 
Dynamic Heap Spray 
Stack Pivot 
Stack Exec (MemProt) 
Stack-based ROP Mitigations (Caller) 
Branch-based ROP Mitigations
Structured Exception Handler Overwrite (SEHOP)
Import Address Table Filtering (IAF) 
Load Library 
Reflective DLL Injection 
Shellcode 
VBScript God Mode 
WoW64 
Syscall 
Hollow Process 
DLL Hijacking 
Squiblydoo Applocker Bypass 
APC Protection (Double Pulsar / AtomBombing)
Process Privilege Escalation
ACTIVE ADVERSARY MITIGATIONS 主動攻擊減緩
Credential Theft Protection 
Code Cave Mitigation
Man-in-the-Browser Protection (Safe Browsing) 
Malicious Traffic Detection
Meterpreter Shell Detection
ANTIRANSOMWARE 防勒索軟體
Ransomware File Protection (CryptoGuard) 
Automatic file recovery (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
APPLICATION LOCKDOWN 應用程式鎖定
Web Browsers (including HTA) 
Web Browser Plugins
Java 
Media Applications 
Office Applications
DEEP LEARNING
Deep Learning Malware Detection
Deep Learning Potentially Unwanted
Applications (PUA) Blocking
False Positive Suppression
Live Protection
回應 調查 移除
Root Cause Analysis
Sophos Clean
Synchronized Security Heartbeat
ENDPOINT DETECTION AND RESPONSE (EDR) 端點偵測與響應
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation
DEPLOYMENT 部署
可以獨立代理程式運作
可與現有防毒一起運作
可當做現有 Sophos Endpoint
代理程式的元件運作
Windows 7
Windows 8
Windows 8.1
Windows 10
macOS*

* 支援 CryptoGuard、惡意流量偵測、同步 Security Heartbeat、根本原因分析的功能

CENTRAL ENDPOINT INTERCEPT X INTERCEPT X ADVANCED INTERCEPT X ADVANCED WITH EDR
ATTACK SURFACE REDUCTION 減少受攻擊面
Web Security
Download Reputation
Web Control / Category-based URL Blocking
Peripheral Control
(e.g. USB)
Application Control
BEFORE IT RUNS ON DEVICE 避免其在裝置上運作
Deep Learning Malware Detection
Anti-Malware File Scanning
Live Protection
Pre-execution Behavior Analysis (HIPS)
Potentially Unwanted Application (PUA) Blocking
Data Loss Prevention
Exploit Prevention
STOP RUNNING THREAT
Runtime Behavior Analysis (HIPS)
Malicious Traffic Detection (MTD)
Active Adversary Mitigations
Ransomware File Protection (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
Man-in-the-Browser Protection (Safe Browsing)
INVESTIGATE AND REMOVE 調查與移除
Automated Malware Removal
Synchronized Security Heartbeat
Root Cause Analysis
Sophos Clean
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation

*並非所有作業系統都支援所有功能