Sophos Live Protection

Agenda

1. Before and After Scenarios

2. Minimum Required Capabilities

3. How we do it

4. How we do it better

Prevent malware infectionBefore:Still getting infected

After/Positive Outcome:Productivity/efficiency gains

• Current AV solution either doesn’t provide effective proactive protection of new and unknown malware threats or is slow to update protection

• Not cleaning up malware incidents so IT delivers strategic projects on time and on budge and maximize return on existing and future IT investments

• Infection occurs when mobile or remote users visit websites that have been compromised (not protected by gateway protection)

• End-users have the tools they need to be productive without compromising security

• Improved IT productivity – focus on value-added business initiatives

• Multiple vendors/components required to provide a comprehensive solution

• Greater system performance and uptime and better employee productivity

• Security vendor acts as a partner – solving issues and applying best practices

Minimum Required Capabilities

4

Metrics• % of new threats stopped without requiring update• # of URLs scanned by vendor• Time taken to install/manage• Cost of licensing/deploying protection

AV Scanning

Intrusion Prevention

Real-time Protection

Sophos Threat Protection Intelligent protection that detects and stops zero-day threats

Anti-Virus Scanning

Anti-Virus Identities (IDE)

Behavioral Genotype Protection

Web Browser Protection

Intrusion Prevention

Runtime Behavior Detection

Sophos Client Firewall

Buffer Overflow Protection

Live Protection

Live Anti-Virus

Live URL Filtering

Live Anti-Spam

Prevent malware infection: How we do it

In-the-cloud protection against the latest threats

Sophos Live Anti-Virus

Web protection for fixed and mobile endpoints

Sophos Live URL Filtering

Single vendor, console and integrated agent

SophosESDP

Before:Still getting infected

• Current AV solution either doesn’t provide effective proactive protection of new and unknown malware threats or is slow to update protection

• Infection occurs when mobile or remote users visit websites that have been compromised (not protected by gateway protection)

• Multiple vendors/components required to provide a comprehensive solution

Sophos Live Anti-virusNew – In-the-cloud protection against the latest threats

Checks suspicious files with SophosLabs

Reputation database of good and bad data

Reduces reliance on updating

Live in-the-cloud

lookups

?

10

Sophos Live URL FilteringNew – Web protection for fixed and mobile endpoints

Live in-the-cloud

lookups

Built into the endpoint agent

Preventing access to malicious URLs

Protects users in the office, at home or on public WiFi

http://www.risky-site.com

How we do it better – competitive comparison

Sophos Symantec McAfee Trend KasperskyLive Anti-Virus half Live URL Filtering HIPS half half half

Clear advantages:

SophosLabs expertise does the heavy lifting and delivers pre-packaged intelligence (Eliminates complex configuration)

Comprehensive combination of threat protection technologies

Threat protection agent also delivers prevention technologies and DLP

Single vendor, console and integrated agent

Summary

Sophos Live Protection’s in-the-cloud technologydelivers fast, effective detection of zero-day and web based

threats without the need for an update

Live Anti-Virus Live URL Filtering

Stops previously unseen threats faster

Protection for mobile/remote endpoints

Appendix

In-the-cloud...What is this cloud?

Put simply, the cloud is the internet

Vendors provide software and services via the internet

What is Sophos doing?

Providing direct connections to the constantly updated reputation databases in SophosLabs

How do customers benefit?

Protected against the very latest threats

Make the most of the expertise in SophosLabs

Sophos Live Protection

in-the-cloud technologydelivering fast, effective

detection of zero-day and web based threats without

the need for an update