Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 11926 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Lost Features with Sophos for Virtual Environment on ESXi

KyleGilpin

I am in the process of setting up a new ESXi 6.5 host with vSphere and moving to Windows Server 2016.  We also have Server Advanced Licensing.  We deployed the Sophos Security for Virtual Environment VM on the ESXi host and setup a Windows Server 2016 guest VM.  It is working correctly and reporting accurately in the Sophos Central console.  What I have noticed though is that, it appears we have lost some features including some of the Advanced license features such as Anti-Ransomware protection, Server lockdown, Malicious Traffic Detection, etc. It would appears first of all that we have wasted money on the Advanced license over the Standard, and second, that we are losing protection by using the Sophos for Virtual Environment.  I am just curious what everyone else's opinion is on this and if there are updates planned to add these features back?



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    Sophos for Virtual Environments offloads malware detection to a security VM, it doesn't have the full range of features that you would find in the full Sophos Server Protection agent. 

    Check the features listed at the bottom of this datasheet: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-virtualization-security-dsna.pdf?la=en 

    Here is the equivalent datasheet for the Server Protection agent: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-server-protection-dsna.pdf?la=en 

    Stephen

  • 0 in reply to StephenMcKay

    Stephen,

    I understand that it doesn't have all the features (application whitelist, data protection, etc.), but I am more concerned about the security aspect.  By using Sophos Security for Virtual Environments, aren't we losing security since we don't get access to Anti-Ransomware protection or Malicious traffic detection?  I am just wondering if I am missing something on this?  If not, why should I use Virtual Environment protection over the full client?

     

    -Kyle

  • 0 in reply to KyleGilpin

    Hi Kyle,

    I would have hoped this was explained to you during the purchase process. As per the datasheet, Sophos for Virtual Environments (SVE) is an ultra thin agent on each GVM that offers fast, effective protection with lower resource use. 

    If you require low resource usage, and offer the other layers of protection elsewhere on your network; SVE is a great choice. If you need the layers of protection on the local client, and you can spare the additional resource they require, the full agent would be preferable. 

    Stephen

  • 0 in reply to StephenMcKay

    Hi Stephen,

    I was unaware of the feature loss.  From a security feature parity standpoint (I don't care about data loss protection, peripheral control, etc.), what would I lose by switching to Sophos Security for Virtual Environments? I know that I am losing malicious behavior and network traffic along with CryptoGuard.  Is there anything else that I would be losing?  Are there any plans to add these features back in?

     

    Thanks,

    -Kyle

  • +1 in reply to KyleGilpin

    Hello  

     

    Sophos for Virtual Environments is a different proposition for your server deployment from the full Windows server agent. 

    As  has stated, Sophos for Virtual Environments is built for virtual servers that require low resource usage by off boarding file scanning to a centralised scanner. This product was released in March as a replacement for the retiring SAV for vShield which has the same security features. Neither of our virtual offerings have had advanced functionality - however with Sophos for Virtual Environments, as it is our own bespoke architecture, we can add to the product advanced features coupled with the benefits of the off board scanning. 

    Sophos Server licenses are very flexible, allowing you to mix and match our products dependent on your environment and the tasks your servers are built to do. So some of your hosts with no restrictions on processing power may have the full agent with the advanced license installed on those Guest VMs, but another host may have Sophos for Virtual Environments installed as it has less resources available to each of the Guest VMs. Also some of your file servers will be more critical, therefore you might want to installed the full agent with advanced license so it will be protected by Cryptoguard. 

    Thanks 

     

    Mark 

Reply
  • +1 in reply to KyleGilpin

    Hello  

     

    Sophos for Virtual Environments is a different proposition for your server deployment from the full Windows server agent. 

    As  has stated, Sophos for Virtual Environments is built for virtual servers that require low resource usage by off boarding file scanning to a centralised scanner. This product was released in March as a replacement for the retiring SAV for vShield which has the same security features. Neither of our virtual offerings have had advanced functionality - however with Sophos for Virtual Environments, as it is our own bespoke architecture, we can add to the product advanced features coupled with the benefits of the off board scanning. 

    Sophos Server licenses are very flexible, allowing you to mix and match our products dependent on your environment and the tasks your servers are built to do. So some of your hosts with no restrictions on processing power may have the full agent with the advanced license installed on those Guest VMs, but another host may have Sophos for Virtual Environments installed as it has less resources available to each of the Guest VMs. Also some of your file servers will be more critical, therefore you might want to installed the full agent with advanced license so it will be protected by Cryptoguard. 

    Thanks 

     

    Mark 

Children
No Data
Unfiltered HTML