Sophos Endpoint Security & Data Protection ESDJ1DBDP User Manual
Product codes
ESDJ1DBDP
Technology bytes
ActivePolicies™
Lets you create a new security policy
once and then deploy it across multiple
groups simultaneously
Lets you create a new security policy
once and then deploy it across multiple
groups simultaneously
Application Control
Allows you to selectively authorize or
block legitimate applications that impact
network bandwidth, system availability,
and user productivity
Allows you to selectively authorize or
block legitimate applications that impact
network bandwidth, system availability,
and user productivity
Behavioral Genotype® Protection
Delivers the benefits of a Host Intrusion
Prevention System (HIPS), guarding
against unknown threats by analyzing
behavior before code executes
Delivers the benefits of a Host Intrusion
Prevention System (HIPS), guarding
against unknown threats by analyzing
behavior before code executes
Centralized cleanup
Lets you deal with malware and PUAs
remotely from a central location, saving
time and money
Lets you deal with malware and PUAs
remotely from a central location, saving
time and money
Data Loss Prevention
Allows you to monitor the transfer of
sensitive data such as PII to storage
devices and applications using an
extensive library of global sensitive data
definitions supplied and updated by
SophosLabs
Allows you to monitor the transfer of
sensitive data such as PII to storage
devices and applications using an
extensive library of global sensitive data
definitions supplied and updated by
SophosLabs
Decision Caching™
Provides performance-enhanced on-
access scans by ensuring that only those
files that have changed are scanned
Provides performance-enhanced on-
access scans by ensuring that only those
files that have changed are scanned
Device Control
Helps you control the use of removable
storage, optical media drives and wireless
networking protocols
Helps you control the use of removable
storage, optical media drives and wireless
networking protocols
Genotype
®
technology
Provides proactive protection from new
variants of virus and spam families,
even before specific, signature-based
protection becomes available
variants of virus and spam families,
even before specific, signature-based
protection becomes available
Smart Views
Lets you instantly focus on vulnerable
computers — including remote
computers — to check compliance,
update policies and clean up threats
Lets you instantly focus on vulnerable
computers — including remote
computers — to check compliance,
update policies and clean up threats
Sophos AutoUpdate™
Offers failsafe updating and can throttle
bandwidth when updating over low-speed
network connections
Offers failsafe updating and can throttle
bandwidth when updating over low-speed
network connections
Rootkit detection and cleanup
Integrated rootkit detection that finds and
removes any rootkit hidden on desktop
computers
Integrated rootkit detection that finds and
removes any rootkit hidden on desktop
computers
Stealth mode
Lets Sophos Client Firewall prevent
computers fom responding and falling
victim to hacker attacks
Lets Sophos Client Firewall prevent
computers fom responding and falling
victim to hacker attacks
Preventive protection reduces risk of infection
By identifying managed and unmanaged computers with potential security flaws, such as
out-of-date anti-virus protection or a disabled firewall, you can reduce the risk of infection. You
can choose to either block non-compliant computers or ensure that security is improved to
meet a required standard before allowing access.
out-of-date anti-virus protection or a disabled firewall, you can reduce the risk of infection. You
can choose to either block non-compliant computers or ensure that security is improved to
meet a required standard before allowing access.
• Default policies check if anti-virus and client firewall protection is active and up to
date on managed and unmanaged computers.
• Sophos NAC agent checks if Microsoft operating system service packs are installed,
and that Microsoft/Windows Update is enabled.
• Enforcement options ensure that unauthorized computers are not granted access to
your network.
Simplifying deployment and administration
Sophos Enterprise Console™ simplifies management of Windows, Mac, Linux and UNIX
protection, by centralizing deployment, updating, reporting and security policy enforcement. It
manages endpoint and client firewall protection as well as endpoint assessment and control,
providing unrivalled visibility of the security status of your entire network.
protection, by centralizing deployment, updating, reporting and security policy enforcement. It
manages endpoint and client firewall protection as well as endpoint assessment and control,
providing unrivalled visibility of the security status of your entire network.
• The console synchronizes with Active Directory to ensure your chosen security policy
is automatically enforced as new computers join your network.
• Outbreak and data risk levels across the entire network are displayed on the security
dashboard and automatic email alerts are sent when your chosen security thresholds
are threatened.
are threatened.
• Protection is automatically updated as frequently as every five minutes — and
because you control the download rate, you can preserve bandwidth.
• Endpoint computers can be completely disinfected in a single, simple operation from
the console.
• ActivePolicies in the console allows you to create a policy once and then apply it
across multiple groups, on Windows, Mac, Linux and UNIX computers. Policies
cover updating schedules, anti-virus and HIPS, client firewall, data control, device
control, application control and NAC.
cover updating schedules, anti-virus and HIPS, client firewall, data control, device
control, application control and NAC.
• Specific roles can be configured to enable responsibility for specific actions like
cleanup or management areas of the network, such as remote offices, to be
delegated through role-based administration.
delegated through role-based administration.
• Out-of-the-box compliance reports are provided and a reporting wizard enables
administrators to create and customize reports that can be scheduled and emailed to
selected recipients with threat alerts and infections.
selected recipients with threat alerts and infections.