Overview:
Defend your data from malware without sacrificing server performance.
Sophos Server Protection protects your server environment from malicious attacks while
keeping your servers running at optimum performance. Designed to secure business-
critical servers, Sophos Server Protection includes server application whitelisting, advanced
anti-malware, and behavior analysis. It’s server security made simple, providing protection
for your Windows, Linux, and UNIX systems, whether you’re running physical or virtualized
servers, on premise, or in the cloud, including Amazon Web Services (AWS) and Azure.
Highlights
- Protects Windows, Linux,
and UNIX systems with
minimal resource use
- Protects against
ransomware running
locally or remotely
- Synchronized Security
with Destination
Heartbeat
- Protects and manage
server policies for auto-
scaling groups in AWS
- Protects server images
in Azure
- Server Lockdown with
application whitelisting
- Advanced, policy-based
rules
- Simplified management
from the cloud or an
on-premise console
Better protection
Sophos Server Protection offers innovative features like anti-ransomware and pre-execution
emulation for identifying suspicious behavioral patterns, giving you the broadest protection
for your servers and data, including from zero-day attacks. Our CryptoGuard anti-ransomware
detects and intercepts unsolicited encryption of files, resulting from ransomware running on a
remote endpoint that is connected to the server. Server Lockdown uses application whitelisting
to secure servers with a default deny policy, preventing all unauthorized applications from
executing. Once a server is locked down, anti-malware and a Host Intrusion Prevention System
(HIPS) behavior analysis prevent content-based threats (such as an infected PDF or Word
document) that could otherwise exploit vulnerabilities within whitelisted applications.
Sophos Server Protection also includes Malicious Traffic Detection, which monitors for traffic
associated with malware. This feature enables early detection and removal of malware, along
with Synchronized Security with Security Heartbeat to accelerate threat discovery, isolation, and
remediation.
High-performance security built for servers
Servers are the repositories for the majority of most organizational data. With users needing
continuous access, maximum uptime and optimal performance are of utmost importance.
The server-specific policies provide out-of-the-box protection, giving you granular control of the
lightweight agent. A variety of server-specific techniques enable small and fast updates, designed
to require fewer server resources and mitigate any impact. Automatic application exclusions for
key business applications, like Exchange or SQL, prevent false positives and needless rescanning
of files.
Simple to use, including one-click Server Lockdown
Sophos Server Protection Advanced is the only solution that locks down your server with a single
click, securing servers in a safe state and preventing unauthorized applications from running.
With that click, Sophos automatically scans the system, establishes an inventory of known-
good applications, and whitelists just those applications. Other whitelisting applications require
the manual creation of rules to secure scripts and other system files, but Sophos manages the
connections between applications and the associated files, such as DLLs, data files, and scripts.
Server Lockdown is only an example of how Sophos has made server security simple. With policy-
based rules for server groups, as well as application, peripheral, and web control, Sophos makes it
easy to control what happens on your servers, whether they be physical, virtual, or in the cloud
Cloud or on-premises management
When it comes to managing your servers, you have options.
Our cloud-based Sophos Central, hosted by Sophos, provides
instant access to new features with no console servers to
set up and maintain. It also manages other Sophos products,
including Endpoint, Mobile, Wireless, Email, and Web — all from
a single pane of glass.
If you prefer to manage your servers with an on-premises
console, Sophos Enterprise Console provides you with that option. Either way, you get sophisticated functionality coupled
with a simple, intuitive interface for your servers and your
users’ workstations, too.
Security for every platform
With support for a broad range of platforms, you can protect
every server in your organization. In addition to Windows Server,
Sophos Server Protection secures the most common variants of
Linux and Unix-based operating systems.
What's New:
Sophos Central Server Protection gets a host of new features to further enhance your protection. We’re also updating the license names to better reflect these new capabilities.
Intercept X Advanced for Server
Formerly Central Server Protection Advanced
New features include:
- Deep Learning
The artificial intelligence built into Intercept X Advanced for Server is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures.
- Exploit Protection
Denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. This allows Sophos to ward off evasive hackers and zero-day attacks in your network.
- Active Adversary Protection
Protects against advanced hacking techniques performed by attackers to establish their presence on a device, steal credentials, escalate privileges, or gain more enduring access, including Code Cave mitigation and credential theft protection.
- WipeGuard
Advanced anti-ransomware protection, preventing adversaries from encrypting the master boot record (MBR).
- Root Cause Analysis
Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers guidance to help remediate infections today and bolster your security posture.
Central Server Protection
Formerly Central Server Protection Standard
New features include:
- Malicious Traffic Detection (MTD)
Monitors HTTP traffic for signs of connectivity to known bad locations such as command and control servers, an early indicator that a new piece of malware may be present.
- Synchronized Security Heartbeat™
Synchronized Security simplifies and unifies defenses with real-time intelligence sharing between your servers and firewall. Get better protection against advanced threats and spend less time responding to incidents.
- Web Control
Provides control of potentially inappropriate websites for acceptable use by site category.
- Application Control
Point-and-click blocking of applications by category or by name. Enables administrators to block certain legitimate applications from running on servers.
- Peripheral Control
Enables you to monitor and manage access to removable media and peripheral devices connected to your physical servers.
- Data Loss Prevention (DLP)
Designed to reduce the risk of accidental data transfer to removable storage devices, corporate web browsers, email clients and IM clients.
- Windows Firewall Control
Provides the ability to monitor and control the native firewall on Windows servers.
- Cloud Workload Discovery (AWS Map View)
Attackers take advantage of unused cloud regions to avoid detection. Sophos now discovers workloads in every public AWS region, even the ones you are not actively using.
| |
Central Server Protection |
Intercept X Advanced for Server |
| AV Signatures / HIPS / Live Protection |
|
|
| Automatic Scan Exclusions (AWS and Azure) |
|
|
| Cloud Workload Discovery |
|
|
| Peripheral Control |
|
|
| Web Control |
|
|
| Application Control |
|
|
| Data Loss Protection (DLP) |
|
|
| Malicious Traffic Detection (MTD) |
|
|
| Synchronized Security Heartbeat |
|
|
| Server Lockdown (Whitelisting) |
|
|
| CryptoGuard |
|
|
| WipeGuard |
|
|
| Active Adversary Mitigation |
|
|
| Exploit Protection |
|
|
| Root Cause Analysis |
|
|
| Deep Learning |
|
|
Technical Specifications:
Windows Server
| Supported platforms |
| Windows Server 2008 R2 and later |
| System requirements |
| Disk space: 1 GB minimum |
| RAM: 1 GB* minimum |
| Supported languages |
| English, French, German, Italian, Japanese, Spanish, and Simplified and Traditional Chinese |
*If using lockdown, the required memory is 2 GB.
Linux Server
| Supported platforms |
| CentOS |
| Debian |
| Novell Open Enterprise Server |
Oracle Linux
|
| Red Hat Enterprise Linux |
| SUSE Linux Enterprise Server |
| Ubuntu |
| System requirements |
| Disk space: 1 GB minimum |
| RAM: 1 GB minimum |
| Supported languages |
| English, Japanese |
UNIX Server
| Supported platforms |
| AIX |
| HP-UX |
| Solaris (SPARC and Intel) |
| System requirements |
| Disk space: 1 GB minimum |
| RAM: 1 GB minimum |
| Supported languages |
| English, Japanese |
How to Buy:
Sophos Server Protection can be deployed on a physical server, or run on a VM (either in your datacenter or on AWS or Azure). It can be managed either through the Sophos-maintained Sophos Central website, or through an on-premises management console. Both deliver outstanding performance and protection. See the table to licensing options below for details of the features available across the two price tiers on both Sophos Central and on premises with the Sophos Enterprise Console (purchased separately).
| |
Sophos Central |
Sophos Enterprise Console |
| |
Central Intercept X Advanced for Server |
Central Server Protection |
Server Protection for Virtualization, Windows, and Linux |
| Windows Server |
|
|
|
| Linux1 |
|
|
|
| Public Cloud (Microsoft Azure and Amazon AWS) |
|
|
|
| Application Whitelisting [Server Lockdown] |
|
|
|
| Web Security |
|
|
|
| Windows Firewall Control |
|
|
|
| Download Reputation |
|
|
|
| Web Control (URL Blocking) |
|
|
|
| Peripheral Control (e.g., USB) |
|
|
|
| Application Control |
|
|
|
| Deep Learning malware detection |
|
|
|
| Exploit Prevention |
|
|
|
| Anti-malware File Scanning |
|
|
|
| Live Protection |
|
|
|
| Pre-execution Behavior Analysis [HIPS] |
|
|
|
| Off-board scanning for VMs (ESXi and Hyper-V)2 |
|
|
|
| Detect Potentially Unwanted Applications (PUA) |
|
|
|
| Data Loss Prevention |
|
|
|
| Anti-Hacker/Active Adversary Mitigations |
|
|
|
| Ransomware File Protection [CryptoGuard] includes detection of attacks on the server from remote connected endpoints |
|
|
Add-on3 |
| Disk and Boot Record Protection [WipeGuard] |
|
|
|
| Malicious Traffic Detection |
|
|
|
| Sophos Clean Automated Malware Removal |
|
|
|
| Malware Removal |
|
|
|
| Root Cause Analysis |
|
|
|
| Server-specific policy management |
|
|
|
| Update Cache and Message Relay |
|
|
|
| Automatic Scanning Exclusions |
|
|
|
| Synchronized Application Control4 |
|
|
|
| Azure Workload Discovery and Protection |
|
|
|
| AWS Workload Discovery and Protection |
|
|
|
| AWS Map, multi-region visualization |
|
|
|
| Synchronized Security with Security Heartbeat (Enhanced threat protection, positive source identification, and automated isolation)4 |
|
|
|
| Windows Remote Desktop Services (user visibility) |
|
|
|
| Cloud-based management, eliminating the need the install and maintain a separate server on premises, and managing security of servers in a single console with endpoints, mobile, email, wireless |
|
|
|
| Multi-factor authentication |
|
|
|
| Role-based administration |
|
|
|
11 All features available on Windows; selected features available on Linux
2 See features of Sophos for Virtual Environments with its ultra-thin agent deployment
3 For Windows Servers managed by Sophos Enterprise Console, CryptoGuard is available with the Endpoint Exploit Prevention (EXP) Add-on license
4 When used in conjunction with the Sophos XG Firewall
Alternative deployment option – Sophos for Virtual Environments
Sophos for Virtual Environments enables malware detection to be offloaded to a centralized Security VM to reduce the potential performance impact on Windows virtual servers. Licensed per virtual server, with entitlement to the Sophos for Virtual Environments alternative deployment option included with all Sophos Server Protection licenses.
Support for Windows servers on VMware ESXi and Microsoft Hyper-V
Features include:
- Off-board malware protection to a centralized Sophos Security VM
- Lightweight guest Virtual Machine Agent, infrequent updates
- Memory-resident malware detection
- Automated Threat Cleanup
- Prevent update storms and scan storms
- Windows Security Center integration
- Visibility of connected guest VMs (Sophos Central only)
