Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 8 subscribers
  • Views 9944 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can I Run Sophos in a Win10 Hyper V VM

jordan Lee

Network Map I would like to achieve

 

Modem"issues wan ip from dhcp"-->WAN vSwitch-->Sophos-->LAN vSwitch-->16 port switch-->Clients



This thread was automatically locked due to age.
Parents
  • 0

    Jordan,

    Yes you can.

    Now, this does not protect the host server, the server OS, nor the hypervisor.  This means that there is always a way that malware can still get in even if you have Sophos Home installed in the VM.

    To protect the server, its OS and the virtualization environment as well as all the data traveling in and out of it, you can purchase Sophos Server Protection.  If you are using VMWare, you can also use VMWare NSX.   Other options also exist from a variety of vendors.

Reply
  • 0

    Jordan,

    Yes you can.

    Now, this does not protect the host server, the server OS, nor the hypervisor.  This means that there is always a way that malware can still get in even if you have Sophos Home installed in the VM.

    To protect the server, its OS and the virtualization environment as well as all the data traveling in and out of it, you can purchase Sophos Server Protection.  If you are using VMWare, you can also use VMWare NSX.   Other options also exist from a variety of vendors.

Children
  • 0 in reply to David Birdsall

    Hi 
    In fact you can protect the Hyperviseur (the Host OS) 

    you just need to create 2 vswitch : 

    An external for the Firewall 

    and an internal one for the lan network with an adapter for the sophos firewall and an other for the host 

    So in this setup you can protect the server with the sophos Firewall

  • 0 in reply to OLIVIERMIOSSEC

    And for host setup you can also test Virtualization Security with Hyper-V or WMWare  www.sophos.com/.../virtualization-security.aspx

  • 0 in reply to OLIVIERMIOSSEC

    OLIVIERMIOSSEC said:

    Hi 
    In fact you can protect the Hyperviseur (the Host OS) 

    you just need to create 2 vswitch : 

    An external for the Firewall 

    and an internal one for the lan network with an adapter for the sophos firewall and an other for the host 

    So in this setup you can protect the server with the sophos Firewall 

    Oliver,

    All you are doing with this setup is scanning the communication flowing through the virtual switch ports.  The ports you identified are is not the only ports on the server. This Does Not protect the host, the hypervisor, or any of the VMs inside from USB, Optical, Printer, Wi-Fi, or KVM connections to the host itself.    I can walk right up to the physical host, plug an infected CD/DVD, Keyboard, Mouse, Printer, USB, computer, or other peripheral into the host and infect it directly.

    OLIVIERMIOSSEC said:

    And for host setup you can also test Virtualization Security with Hyper-V or WMWare  www.sophos.com/.../virtualization-security.aspx

    I read the features of Sophos Virtualization Security. The features clearly state that "Sophos for Virtual Environments comprises of two components, the Security Virtual Machine and a thin agent on the Guest Virtual Machine".  In other words, this is a virtual machine protecting other virtual machines.  It can also protect external physical machines.

    This DOES NOT protect the physical hosts or hypervisors.  To protect the Host, the Host OS, and the Hypervisor, you would have to use Sophos Server Protection.

Unfiltered HTML