This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Real Time Scanning Internet

We are using a scientific system (Agilent) that uses HTTP to transfer files and data across our network. Does real time scanning internet on the endpoints only affect incoming and outgoing traffic from the gateway or does it scan the http traffic across our network as well?



This thread was automatically locked due to age.
Parents
  • Bill - great question.

    In the Threat Protection Policy, I assume you are referring to this option:

    For more in depth information this article can help you review what this option actually does:
    Sophos Endpoint: Download Reputation

    Here is also a FAQ:
    Sophos Endpoint: Download reputation frequently asked questions

    In a nutshell, this protection works via your browser(except firefox) and looks at files being downloaded (http/https) and the sites being visited on the internet in order to protect the user/endpoint.

    In your scenario the "Real Time Scanning", "Live Protections", "Deep Learning" and the "Runtime Protections" will also be in play on your local network to ensure that the files being transferred are clean before landing on an endpoint.  Even if something were to be copied over and that file is opened, one of the runtime protections in play will stop anything from executing before they happen and an alert/threat case generated.  This is part of the layered protection you get with Intercept X.

    You can refer to this online document for reference and overview of all the protections that are in play: Threat Protection Policy (sophos.com)

    If you have any doubts about being protected, just make sure to use our "Recommended Settings" in the Threat Protection Policy to be fully secure.

    Brian Ritchie
    Senior Solutions Engineer
    Sophos Support Videos Product Documentation  |  Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • Bill - great question.

    In the Threat Protection Policy, I assume you are referring to this option:

    For more in depth information this article can help you review what this option actually does:
    Sophos Endpoint: Download Reputation

    Here is also a FAQ:
    Sophos Endpoint: Download reputation frequently asked questions

    In a nutshell, this protection works via your browser(except firefox) and looks at files being downloaded (http/https) and the sites being visited on the internet in order to protect the user/endpoint.

    In your scenario the "Real Time Scanning", "Live Protections", "Deep Learning" and the "Runtime Protections" will also be in play on your local network to ensure that the files being transferred are clean before landing on an endpoint.  Even if something were to be copied over and that file is opened, one of the runtime protections in play will stop anything from executing before they happen and an alert/threat case generated.  This is part of the layered protection you get with Intercept X.

    You can refer to this online document for reference and overview of all the protections that are in play: Threat Protection Policy (sophos.com)

    If you have any doubts about being protected, just make sure to use our "Recommended Settings" in the Threat Protection Policy to be fully secure.

    Brian Ritchie
    Senior Solutions Engineer
    Sophos Support Videos Product Documentation  |  Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children
No Data