It's good to see that Sophos Home Premium has at least some configuration options, and the ability to schedule scans and exclude particular objects is helpful. But as almost all of these settings are highly technical, and turned on by default, they're unlikely to help most users.įor example, even if you know that the 'APC violation' switch aims to 'prevent attacks from using Application Procedure Calls (APC) to run their code', would you be confident enough to know when it should be turned off, and what the consequences might be? (It's okay, we're not even slightly qualified to decide that, either.) These lists are interesting, and it's good to see Sophos covering so many common attack vectors. There's specific exploit protection for browsers, browser plugins, Java and more prevention of privilege escalation, code cave utilization and APC violations and further layers to fool sandbox-aware malware, prevent backdoor traffic, protect against DLL hijacking, and more. The Sophos Settings pages open at the Protection tab, where there are tools to schedule scans and exclude particular drives, files and folders from checks.Īdvanced options include the ability to enable or disable multiple techniques used by Sophos to block common exploits. If there's a problem, they can contact you, and you're able to log on and make whatever tweaks you need within a couple of minutes. If your family aren't technical types, for instance, you don't have to worry about them messing with low-level antivirus settings, because the client doesn't have any. This kind of central management is also good news if you're intending to use Sophos' remote device management features. But once you're logged in, it doesn't take any more time, and it does at least mean the support pages are only a click or two away, if you need them. If you're thinking this is a little inconvenient, we agree. Log in and you can then begin configuring the program. Tap the Settings button, for instance, and a browser tab opens at the Sophos website. Thoughts on using azure monitor / ASC for security, performance and stability monitoring.Įdit: forgot to mention will also plan on using the patch management features in azure.Sophos Home does have some security options and settings, but they're only available via a web interface.Defender ATP for Servers vs Sophos intercept X.So when we get a consultant we are focusing on the more obscure. Single sysadmin working toward ISO 27001 certification.īeing a single sysadmin I view something like ASC being great for keeping an eye on all the basics. 300 external users all rds and about 30 internal users desktop + rds. What are peoples thoughts on the two, are the comparable etc.įor context, we are a small shop. We currently run Sophos intercept X with no complaints, but dollar for dollar ASC seems to be better value. If all lines up, my thoughts is to use the platform for monitoring, alerting, security reporting, recommendations and AV. So I've been playing in azure security center and monitor.įrom what I can see it comes with a license for windows defender ATP for servers along with what seems to be a great monitoring solution for security baselines, intrusion detection etc.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |