Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 6503 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos addition for Ransomware prevention ?

System Engineer

Hi All,

After reading this new promotional website: https://www.sophos.com/en-us/lp/ransomware.aspx it seems that Sophos AV itself is not strong enough to mitigate or prevent the Malware in spreading out, hence additional software is required for purchase.

So when is this new product integrated with the single Endpoint Protection just like Symantec Endpoint Protection v14 which does not require any other additional licensing or application to be installed & deployed companywide?



This thread was automatically locked due to age.
  • 0

    Hello S.E.,

    [just my two cents - I'm not Sophos]
    not strong enough
    yes and no - traditional AV is naturally not 100% effective (and there will never be absolute protection anyway). And Encryptors leverage OS and hardware capabilities to perform their deed effectively and efficiently without resorting to lots of telltale "proprietary" code. There was always destructive malware (many early viruses destroyed all your data more or less just for the fun of it), the new twist is that holding your data ransom has become a business model and thus it's more likely to happen.
    HIPS and behaviour monitoring were already here for some time, and it's not that they fail completely. Whether additional software is required [emphasis mine] is debatable - admittedly it adds to protection. The different new technologies from different vendors aren't that new - the challenge is simple, unobtrusive implementation at an affordable acceptable price. 

    Regardless of the vendor these are additional components that have to be deployed one way or the other. As for the additional licensing - in Sophos' case it's an acquisition of a component that can run alongside other vendor's products. It has to make some ROI - in the end accounting and marketing decide (and sure they don't disregard other vendors' moves) how the products are packaged and priced. Please note that the current "low-end" bundle contains components that previously required some kind of advanced license.

    Intercept X is not a replacement for "traditional AV", OTOH it's not that AV without Intercept X is unfit and useless or has - in the light of ransomware - suddenly a significantly diminished value.
    [/just my two cents]

    Christian

  • 0 in reply to QC

    Thanks for the update Christian,

    So in conclusion, just like McAfee release this Anti-Ransomware https://www.mcafee.com/hk/downloads/free-tools/interceptor.aspx, Sophos has to rely on another additional paid software component to protect the client from the Ransomware.

Unfiltered HTML