Sophos Endpoint Security and Data Protection 9.7 review

Sophos' latest Endpoint Security and Data Protection suite provides a wealth of features for protecting workstation and mobile data. It looks very good value, but managing it all may not be so simple. Dave Mitchell finds out if Sophos has gone a step too far.

Although an entry in the ESDP console is provided for NAC, all you can do is list its policies as all configuration is done from a completely separate console. Another NAC agent is required on endpoints but this can be deployed from the ESDP console.

NAC policies combine profiles that look for specific software on endpoints before it'll allow them network access. Profiles include checks for operating systems, patches and service packs along with the ESDP anti-virus and firewall components. The policies also provide remediation services in other words users can be sent to a location where the necessary software can be found.

The NAC and SafeGuard components steepen the learning curve as they each have their own policy management consoles.

The NAC and SafeGuard components steepen the learning curve as they each have their own policy management consoles.

Last up is the SafeGuard encryption utility which is completely separate to ESDP. It provides tools to automate full disk encryption on endpoints with sensitive data, but uses a separate server component to handle key management and encryption policies and needs yet more agents installed on endpoints which must be run manually.

Leaving NAC and SafeGuard to one side, we found ESDP easy to deploy and use and capable of providing an extensive set of security measures for workstations and laptops. The ESDP console simplifies management and is suitable for large user bases, but adding in the NAC and SafeGuard components will complicate things immensely.

So what's our verdict?

Verdict

The main ESDP software provides an impressive range of data security measures for the price and includes some useful controls for screening applications, data and devices which worked well during testing. If you stick with these alone then management will be fairly easy, even for larger businesses, but adding in the poorly-integrated NAC and SafeGuard components will almost certainly require dedicated support staff to handle them.

SYSTEM REQUIREMENTS FOR THE ENTERPRISE CONSOLE Memory: 1GB Hard disk: 500MB OS: Windows 7, Server 2003, Server 2008, Server 2008 R2 (32- and 64-bit for all operating systems)

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Wired2Fire Apollo WS Video Editing Workstation review: Intel processors come back with a bang
Hardware

Wired2Fire Apollo WS Video Editing Workstation review: Intel processors come back with a bang

12 Jan 2022
Proofpoint impersonator steal Microsoft, Google logins in phishing campaign
cyber security

Proofpoint impersonator steal Microsoft, Google logins in phishing campaign

8 Nov 2021
Cloudflare enters the email security business
phishing

Cloudflare enters the email security business

28 Sep 2021
The most secure email services of 2021
email providers

The most secure email services of 2021

12 Sep 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022