This article provides a high level overview of what Sophos Live Protection is. More details on how it works can be found here.
Applies to the following Sophos product(s) and version(s) Sophos Anti-Virus for Windows 2000+Sophos Anti-Virus for Mac OS XSophos Anti-Virus for Linux
As malware continues to rapidly evolve and grow, Sophos has realized that it needs a way to enhance existing data updates with a system to keep endpoint protection up to date in real-time. This was done to both improve the response time to new malware and reduce the amount of data delivered to the endpoints.
LiveProtection was added to give the endpoint the ability to 'lookup' files in real-time to verify if they are malicious. Over the past few years it has proven very effective at stopping new malware outbreaks and protecting our customers.
Sophos Live Protection can perform the following tasks:
LiveProtection will perform a lookup for any file it suspects of being malware; the following events will trigger a lookup
LiveProtection performs a lookup to ensure the most up to date protection as new information could have been discovered about the file since the last time it was scanned.
Lookups contain a limited amount of information and are designed to help SophosLabs analysts to package up specific malware related information (such as function bytes or other properties required) to increase accuracy of detections.
Lookups are performed over DNS and the average endpoint perform a large number lookups per day depending on the level of activity. During scheduled and on-demand scans the number will increase as all files on the system will be accessed which triggers an increased number of lookups compared to normal operations.
Jeder hier hinterlassene Kommentar wird von einem Mitarbeiter gelesen, wir antworten jedoch nicht auf spezifische technische Fragen. Wenn Sie technischen Support benötigen, posten Sie bitte eine Frage in unserer Community. Alternativ können Sie für lizenzierte Produkte auch ein Support-Ticket öffnen.