I am in the middle of a migration from an old server running Sophos Enterprise Console to a new server, and in my research have only just discovered that Sophos for Virtual Environments is a thing!
We're a small-medium sized company with about 4 Hyper-V hosts, each with at least 10 Windows Guest VMs on them. Currently, I have logon scripts deployed via GPO to ensure our fleet is protected by installing Sophos Endpoint Protection - this has the added benefit of being able to pre-define groups based on whether it's a Hyper-V host or Virtual Machine (since we can use AD security groups or WMI filtering to determine this when applying the GPO).
This is a fairly successful "hands-off" approach to getting our endpoints protected.
After reading extensively about Sophos for Virtual Environments, I am very excited to try it out however am noting that it's going to require a fair bit more 'manual work' for my colleagues when spinning up new VMs and such. Now instead of simply joining a new VM to our AD domain and adding it to the VM security group, my colleagues will need to take extra steps to ensure the Guest Agent is installed with the correct configuration (which will be different based on which Hyper-V host the VM is being added to), in addition to adding the Endpoint to the correct Policy Group in Sophos Enterprise Console (since the Guest Agent doesn't have the same command parameters as AutoUpdate's Setup.exe to predefine the Sophos Group to be added to.
I'm not against changing our procedures to allow for this, and I fully understand the performance gains that will naturally be provided when offloading the on-access scanning from the Guests to a single Sophos Security VM on the Host, but I'm struggling to find actual examples and hard data that prove this claim. As it stands, it's going to be difficult for me to convince my colleagues and superiors that Sophos for Virtual Environments is the right call, given the amount of extra admin work that deployment entails.
So I was wondering if anybody here had any success stories on the performances gains made by Sophos for Virtual Environments, and also if anybody has any neat deployment tricks/procedures they'd like to share.
This thread was automatically locked due to age.