Hola comunidad quisiera que me absuelvan estas consulta
de que manera nos ayuda estas aplicaciones que tiene el Sophos Central Incercept X
1.- Endpoint Agent: (Windows/macOS)
3.- Live Protection
4.- Web Security
5.- Web Control
6.- Malware Removal
7.- Peripheral Control
8.- Application Control
9.- Synchronized Security Heartbeat (Windows only)
10.- Behaviour Analysis/HIPS
11- Data Loss Prevention
12.- Download Reputation
13.- Malicious Traffic Detection
14.- Exploit Prevention
15.- Cryptoguard Anti-Ransomware
16.- Sophos Clean
17.- Root Cause Analysis
18.- Sophos for Virtual Environments
19.- Light Agent off-board scanning: (Windows Desktop VMs) Anti-malware
20.- Live Protection
21.- Malware Removal
esperando nos apoye
Hi FABIAN SALCEDO MAYO
Please find the answers for your queries below:
1.- Endpoint Agent: (Windows/macOS) - It works for the communication channel between Sophos central and endpoint. It does the job of reporting the alerts to the Sophos Central.
2.-- Anti-malware - It is an Anti-Virus engine which scans the machine/files/folders as per the scanning configured.
3.- Live Protection -
Live Protection checks suspicious files against the latest malware in the SophosLabs database.
You can select these options:
4.- Web Security - It should be Web control only.
5.- Web Control - Web control also has web intelligence(Web protection) feature which also blocks the access to a malicious website and web control provides administration to put the restriction on the accessible website on the endpoints. Please refer to this document for more information.
6.- Malware Removal - It is not a feature in Intercept X, it is a normal procedure of malware removal after detection.
7.- Peripheral Control - It can block/allow the peripheral devices like USB, PTP, MTP, removal hard drives, Bluetooth, etc on the endpoints.
8.- Application Control - It can block/allow the specific websites mentioned under the application control policy.
9.- Synchronized Security Heartbeat (Windows only) - It is a feature which is useful when you have Sophos XG firewall. Please refer to this document for more information.
10.- Behaviour Analysis/HIPS - It is a behavioural-based detection mechanism which is different than traditional signature-based detection system and HIPS is host-based Intrusion prevention system.
11- Data Loss Prevention - DLP is to block the exfiltration of the confidential data through email, web, etc platforms.
12.- Download Reputation - It for the file which you are downloading on your machine. Please refer to this document.
13.- Malicious Traffic Detection - The Sophos Malicious Traffic Detection is a component that will monitor HTTP traffic for signs of connectivity to known bad URLs such as Command and Control servers. For more information, please refer to this document.
14.- Exploit Prevention - This feature is for our on-premise product Sophos Enterprise console. Please refer to this document for more information.
15.- Cryptoguard Anti-Ransomware - As the name suggests, it is a feature which provides protection against a ransomware attack.
16.- Sophos Clean - Sophos clean does the cleanup job once the malware has been detection through AV.
17.- Root Cause Analysis - Please refer to this document, it will help you to understand the term.
18.- Sophos for Virtual Environments - This is a different product which is only for VM machines which are hosted on ESXi, hyper-v.
19.- Light Agent off-board scanning: (Windows Desktop VMs) Anti-malware - this is an anti-malware agent for the Sophos for Virtual environments.
Jasmin Community Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link