Recently, a client of mine needed an Anti-Virus solution and asked me to recommend something for their organization. After dealing with Symantec Endpoint 11 (Read review here ) I decided to take a different approach. I had been reviewing Sophos’s Enterprise products for a completely different client and decided that this was a good fit.

After purchasing and downloading Sophos, I read the instructions for installation and first time configuration and began the installation. The first thing that I noticed is that this immediately integrates with Active Directory, asking you for User/Group credentials during the installation. Immediately, this is better than the process used by Symantec to get AD integration working. After the installation had completed, I opened the management page for the new software. By default, depending on how you install the application, there are no Catalog’s (update servers) defined. After browsing around the console (and before deploying to the clients), I decided to configure the update catalog’s. This is done in the Sophos EM Library Console. I am not going to go into too much detail here as it is out of the scope of this review but, I will say that the configuration was easy and to the point.

Sophos, like most other Enterprise solutions is Policy based. Once I had everything mentioned above configured, I decided to create some policies to apply to the computers. I started by creating various containers (Or Groups) and then creating policies that I planned to apply to these containers. I decided to take a very restrictive approach to the endpoints and a less restrictive approach to the managers. I also set all of the policies to detect only and not act upon items discovered to start with. This ensures I did not disable any functionality off the bat.

After configuring the policies, I deployed the Endpoint and the firewall (Leaving the firewall on Log but allow all traffic). The discovery of all computers was like night and day compared to Symantec’s discovery process as mentioned in my Symantec Review. The installation went very smoothly and removed any previously installed Symantec software. I then instructed each user to re-start their computers. As well as having the capability to deploy the client manually, there is also a feature that allows future computers to automatically have the installation start upon joining the domain, which is easily configured by Syncing the group is sophos with the OU that contains the computer accounts in Active Directory. I set my Sync interval to 60 Minutes.

In comparison to the Symantec installation, this installation went a lot easier and did not at all slow down the network or interrupt production (Aside from the required reboot). Within an hour of starting I was able to fully manage all clients anti-virus, firewall and application/device control centrally from the server. This product is great and I would definitely recommend it in the future. Installation was a breeze, Active Directory Integration is simple and straight forward and the client is lightweight and does not slow down the machines. Another great feature is the email alert for clients that are out of date or not conforming to the policies.

Jason (Digitalkid)
www.954network.com