Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product.
This slide deck covers:
• Anti-virus policy live protection
• Anti-virus policy web protection
• Data control policy options to track files and removable storage
• Web control multi-browser inappropriate filtering and full web control
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
4 Steps to Optimal Endpoint Settings
1. SOPHOS
Sophos EP Policy Webinar
02/12/2013
Presenter:
Tom Farrell
Sophos Professional Services
Topics:
Policies and demonstrations of Anti-Virus Live Protection.
Policies and demonstrations of Anti-Virus Web Protection.
Policies and demonstrations of Data Control.
Policies and demonstrations of Web Control.
2. Live protection
Sophos has two primary types of file checking
technologies
OnAccess
LiveProtection
3. Live protection
OnAccess examines files as they are “accessed”
As they are Written
As they are Read
As they are Renamed
10. Web protection
Web Protection
There are two features to Web Protection.
Block access to malicious websites.
Download scanning
11. Web protection
Block access to malicious websites
Uses WinSock 2 API layered service provider (LSP)
LSP is a DLL that is inserted into the TCP/IP stack, once
registered it can examine network traffic. With Sophos this is
browser traffic for reputation and content.
12. Web protection
Download scanning
Performs scans of temporary internet files.
Can rely on On-Access configuration or can operate
independent of On-Access settings.
13. Web protection
Web Protection transport similar to Live protection.
Very fast checksum based queries.
Transport using DNS/SXL.
SXL response defines content type:
Malicious
Adult / Sexual
Crime / Violence, etc...
15. Data Leakage Prevention
Tracks moving data.
Data source can be local HD and network volumes.
Rules can be content expression based and or file matching.
Destinations include:
Removable storage
Browsers
Instant messenger
Email clients
16. Data Leakage Prevention
Managing DLP events
Actions that can be applied
Allow and log
Block and log
Allow on user acceptance and log
All events are centrally reported and reports can be
built using the Enterprise Console “EventViewer”
17. Data Leakage Prevention
DLP use cases
Good people doing dumb things.
Bad people doing bad things.
The enemy within.
20. Web control
Both use Winsock 2 LSP
Uses WinSock 2 API layered service provider (LSP)
LSP is a DLL that is inserted into the TCP/IP stack, once
registered it can examine browser based network traffic for
reputation and content.
21. Web control
Inappropriate filtering uses built in 14 categories of
controls.
Control can be of Allow, Block or Warn.
27. Web control
Key benefits of full web control
Greater control than just the built in 14 categories
Centrally store and report on users ENTIRE internet
history, not just the violations.
Web control policies extend out of the office without
any special network configurations using “live connect”
29. Getting started & getting help
Documentation and resources
http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx
http://www.sophos.com/en-us/support/professional-services.aspx
Contacting support
http://www.sophos.com/en-us/support/contact-support.aspx
support@sophos.com
1-888-767-4679
30. Sophos Professional Services
• Sophos PS is the global team that…
• Enables ‘best practice’ adoption of Sophos solutions
• Optimizes your security posture to your needs
• Our experience..
• Over 3500 engagements every year
• Hundreds of thousands of endpoints every year
• Engagements with a few endpoints to 50k+ endpoints
• Tom Farrell
• Most senior PS engineer in North America
Who are we, who am I
31. 31
US and Canada
1-866-866-2802
NASales@sophos.com
UK and Worldwide
+ 44 1235 55 9933
Sales@sophos.com
nakedsecurity.sophos.com
Staying ahead of the curve
Staying ahead of the curve
facebook.com/securitybysophos
twitter.com/Sophos_News
Sophos on Google+
linkedin.com/company/sophos
Editor's Notes
Notes Master heading here Enter Date here Enter Footer text here