Lost Features with Sophos for Virtual Environment on ESXi

Hello,

Sophos for Virtual Environments offloads malware detection to a security VM, it doesn't have the full range of features that you would find in the full Sophos Server Protection agent. 

Check the features listed at the bottom of this datasheet: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-virtualization-security-dsna.pdf?la=en 

Here is the equivalent datasheet for the Server Protection agent: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-server-protection-dsna.pdf?la=en 

Stephen

Stephen,

I understand that it doesn't have all the features (application whitelist, data protection, etc.), but I am more concerned about the security aspect.  By using Sophos Security for Virtual Environments, aren't we losing security since we don't get access to Anti-Ransomware protection or Malicious traffic detection?  I am just wondering if I am missing something on this?  If not, why should I use Virtual Environment protection over the full client?

-Kyle

Stephen,

I understand that it doesn't have all the features (application whitelist, data protection, etc.), but I am more concerned about the security aspect.  By using Sophos Security for Virtual Environments, aren't we losing security since we don't get access to Anti-Ransomware protection or Malicious traffic detection?  I am just wondering if I am missing something on this?  If not, why should I use Virtual Environment protection over the full client?

-Kyle

Hi Kyle,

I would have hoped this was explained to you during the purchase process. As per the datasheet, Sophos for Virtual Environments (SVE) is an ultra thin agent on each GVM that offers fast, effective protection with lower resource use. 

If you require low resource usage, and offer the other layers of protection elsewhere on your network; SVE is a great choice. If you need the layers of protection on the local client, and you can spare the additional resource they require, the full agent would be preferable. 

Stephen

Hi Stephen,

I was unaware of the feature loss.  From a security feature parity standpoint (I don't care about data loss protection, peripheral control, etc.), what would I lose by switching to Sophos Security for Virtual Environments? I know that I am losing malicious behavior and network traffic along with CryptoGuard.  Is there anything else that I would be losing?  Are there any plans to add these features back in?

Thanks,

-Kyle

Hello KyleGilpin 

Sophos for Virtual Environments is a different proposition for your server deployment from the full Windows server agent. 

As StephenMcKay has stated, Sophos for Virtual Environments is built for virtual servers that require low resource usage by off boarding file scanning to a centralised scanner. This product was released in March as a replacement for the retiring SAV for vShield which has the same security features. Neither of our virtual offerings have had advanced functionality - however with Sophos for Virtual Environments, as it is our own bespoke architecture, we can add to the product advanced features coupled with the benefits of the off board scanning. 

Sophos Server licenses are very flexible, allowing you to mix and match our products dependent on your environment and the tasks your servers are built to do. So some of your hosts with no restrictions on processing power may have the full agent with the advanced license installed on those Guest VMs, but another host may have Sophos for Virtual Environments installed as it has less resources available to each of the Guest VMs. Also some of your file servers will be more critical, therefore you might want to installed the full agent with advanced license so it will be protected by Cryptoguard. 

Thanks 

Mark