Sophos Endpoint Security and Data Protection 9.7 review

Sophos' latest Endpoint Security and Data Protection suite provides a wealth of features for protecting workstation and mobile data. It looks very good value, but managing it all may not be so simple. Dave Mitchell finds out if Sophos has gone a step too far.


Best known for its anti-virus software, Sophos also wants to provide full protection for your workstations and its latest Endpoint Security and Data Protection (ESDP) 9.7 software has a veritable feast of security measures. Naturally, its anti-virus software is at the top of the list, but ESDP partners this with firewall, intrusion prevention plus controls for removable devices, data and applications and tops them off with NAC (network access control) and disk encryption.

Advertisement - Article continues below

Sophos provides an import wizard that works directly with Active Directory

We found installation initially straightforward as you load the Enterprise Console on a designated management system and then introduce your client systems to it. Sophos provides an import wizard that works directly with Active Directory and we had no problems selecting the AD Computers container and adding all our Windows XP, 7, Server 2003 and Server 2008 R2 systems to the console.

A wizard helps to add computers to the console and we had no problems importing our Active Directory Computers container.

A wizard helps to add computers to the console and we had no problems importing our Active Directory Computers container.

To deploy the agent you select all required systems from the lower pane in the console and choose the Protect Computer menu option. Before doing this some work was needed on our Windows 7 systems as we had to enable the remote registry service, turn off UAC completely and modify the advanced share settings as instructed in the manual.

Advertisement - Article continues below
Advertisement - Article continues below

You can choose which components to install on clients and we opted to leave Sophos' firewall out of the equation as the lab's gateway security appliance does a good enough job for our LAN-based systems. Once the agent had been installed, each system was added into a new group in the console ready to receive its instructions.

Policies are used to control endpoints and ESDP comes with a complete set of predefined ones. These should cover most eventualities, but you can create custom policies and assign them to selected groups.

An update policy is enabled by default and defines how often group members receive software updates. Other active policies cover anti-virus, intrusion prevention and the firewall. Policies for application, device and data control and tamper protection are disabled by default.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now

Most Popular

application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Mobile Phones

Microsoft’s patent design reveals a mobile device with a third screen

6 Apr 2020
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020