Sophos has announced the availability of a new advanced server protection product that combines whitelisting and anti-malware technologies in a single, simple to use product.
Sophos Cloud Server Protection Advanced integrates server application whitelisting with anti-malware to deliver single-click server lockdown, using the simple, intuitive Sophos Cloud management console that makes it easy to deploy, manage and maintain. By locking a known-good server configuration and building in automatic trust of known good updaters and linked DLLs, Sophos Cloud Server Protection Advanced reduces the administrative time needed to lock down multiple servers from weeks to just minutes, by simplifying configuration and only allowing approved or whitelisted applications to run.
The simple one-click lockdown puts the server in a default/deny mode so that only approved or whitelisted applications can run. With integrated anti-malware, HIPS and whitelisting, Sophos Cloud Server Protection improves overall security and can more effectively prevent zero-day attacks, especially content and memory-based attacks that typically target servers and can by-pass products that just use whitelisting.
“Servers are the work-horses of any organisation, central to storing sensitive data, facilitating communications and executing business processes,” says Brett Myroff, MD of Sophos distributor, NetXactics. “With this level of integration, IT administrators at small to mid-sized organisations can now easily upgrade protection of their critical Windows servers – whether on-premise or in the cloud – and prevent attacks without spending weeks or months to configure, test and deploy white-listing applications.”
Previously, “lockdown” server protection products have gone largely unused in the mid-market because of the complexity of setting them up, putting the technology beyond the reach of all but the well-resourced enterprise.
Sophos’s new approach not only makes lockdown of servers easy to configure for the mid-market, but also reduces concerns about impact on performance and availability. Server performance is optimised with the use of a “no-overhead” whitelisting approach that blocks every attack without resource intensive scanning. Server availability is maximised via the quick setup and configuration process that automates the time-consuming and manual-building of the whitelist.