For the last 9 months or so, we have had Sophos Intercept X Advanced for Servers running on our virtualised servers across two ESXi hosts. Recently, due to increased server demand, we decided that switching to Sophos for Virtualised Environments should allow us to increase server performance by offloading the scanning of files to a Sophos Security VM.
However, we cannot find any documentation that explicitly compares the two products, showing what the limitations of SVE (if any) are or any benchmark statistics that could be useful in assessing the situation.
Additionally, we cannot find any documentation on how to apply specific policies to specific VMs or VM groups covered by SVE. Some of our VMs are high I/O and so suffer when using Real-Time Scanning with Intercept X Advanced. Others which are not critical, we want to have RTS enabled for safety. There are a mix and match of other aspects of the policies (namely, scheduled scanning on different days to avoid resource contention) that have caused us to group our server VMs in to five well-defined groups and apply individual policies to each. We would need to retain the ability to apply these policies to each group of servers, if possible.
It's entirely possible I've misunderstood the whole concept of SVE - I've read a number of support posts on here that lead me to think this might be the case. If someone could provide a side-by-side comparison of exactly what can and cannot be done with SVE vs Intercept X, I can assess our environment from there and adjust our deployment accordingly.
Many thanks in advance!
This thread was automatically locked due to age.