Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 15 subscribers
  • Views 6598 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X with Security VM

Dave Chunilal

Hi,

 

I'm implementing Sophos SecurityVM into an ESXi environment on multiple hosts. The documentation of Sophos SecurityVM states that this is a full Anti-malware, Anti-virus and Anti-spyware product.

My question is, is Intercept X included as part of this protection?

If I install the full Sophos Endpoint solution on all VM's individually, then we would get the Intercept X protection, but it seems this protection is not there with Security VM. If this is the case, what is the advantage of SecurityVM over the full Sophos Endpoint product?

 

Kindest Regards

Dave S. Chunilal



This thread was automatically locked due to age.
Parents
  • 0

    Hello Dave S. Chunilal,

    [I'm neither Sophos nor a partner]
    what is the advantage of SecurityVM
    as the FAQs say, it reduces the performance overhead on Guest Virtual Machines. You might think that while overhead is reduced on the GVMs the total resource consumption could even increase as scanning has to be performed anyway and offloading induces additional overhead. Savings come from caching - the SVM can immediately return the results for a file it has already scanned - and advanced caching - GVMs can share information on scanned files so that a GVM doesn't have to send a file that has already be scanned on behalf of another GVM and found clean to its SVM.
    Of course the actual gain depends on the number of GVMs and the portion of identical files accessed by them.

    is Intercept X included
    as Stephen has said, no(t yet). While Intercept X can be installed alongside (any) "classic" AV (and thus also SVE) a consistent management is the challenge.
    Basically Intercept X monitors what's going on on a machine - this can't be offloaded or delegated to the SVMs. Of course it offers additional protection, whether it is "necessary" depends on the exposure of the VMs and potential impact of malware.

    Christian

  • 0 in reply to QC

    Hi Christian,

     

    Thanks for this.

    Based on what Stephen has said, I'm not sure that Intercept X can be installed independently on the VM's alongside GVM, or have I misunderstood this?

    I see the advantages of SVM and GVM, but since all VM's will have access to emails, we run the risk of being hit by ransomware across any of the VM's hence wanting to have Intercept X on all the VM's also.

     

    KR

    Dave S. Chunilal

Reply
  • 0 in reply to QC

    Hi Christian,

     

    Thanks for this.

    Based on what Stephen has said, I'm not sure that Intercept X can be installed independently on the VM's alongside GVM, or have I misunderstood this?

    I see the advantages of SVM and GVM, but since all VM's will have access to emails, we run the risk of being hit by ransomware across any of the VM's hence wanting to have Intercept X on all the VM's also.

     

    KR

    Dave S. Chunilal

Children
Unfiltered HTML