Sophos Endpoint Security and Data Protection 9.7 review

Sophos' latest Endpoint Security and Data Protection suite provides a wealth of features for protecting workstation and mobile data. It looks very good value, but managing it all may not be so simple. Dave Mitchell finds out if Sophos has gone a step too far.


Best known for its anti-virus software, Sophos also wants to provide full protection for your workstations and its latest Endpoint Security and Data Protection (ESDP) 9.7 software has a veritable feast of security measures. Naturally, its anti-virus software is at the top of the list, but ESDP partners this with firewall, intrusion prevention plus controls for removable devices, data and applications and tops them off with NAC (network access control) and disk encryption.

Sophos provides an import wizard that works directly with Active Directory

We found installation initially straightforward as you load the Enterprise Console on a designated management system and then introduce your client systems to it. Sophos provides an import wizard that works directly with Active Directory and we had no problems selecting the AD Computers container and adding all our Windows XP, 7, Server 2003 and Server 2008 R2 systems to the console.

A wizard helps to add computers to the console and we had no problems importing our Active Directory Computers container.

To deploy the agent you select all required systems from the lower pane in the console and choose the Protect Computer menu option. Before doing this some work was needed on our Windows 7 systems as we had to enable the remote registry service, turn off UAC completely and modify the advanced share settings as instructed in the manual.

Advertisement - Article continues below

You can choose which components to install on clients and we opted to leave Sophos' firewall out of the equation as the lab's gateway security appliance does a good enough job for our LAN-based systems. Once the agent had been installed, each system was added into a new group in the console ready to receive its instructions.

Policies are used to control endpoints and ESDP comes with a complete set of predefined ones. These should cover most eventualities, but you can create custom policies and assign them to selected groups.

An update policy is enabled by default and defines how often group members receive software updates. Other active policies cover anti-virus, intrusion prevention and the firewall. Policies for application, device and data control and tamper protection are disabled by default.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019

Five signs that it’s time to retire IT kit

29 Nov 2019