Educause Security Discussion mailing list archives

Re: Sophos Anti-Virus

From: Mark Borrie <mark.borrie () OTAGO AC NZ>
Date: Mon, 14 May 2007 10:01:57 +1200

We also have used Sophos AV for quite a number of years. It is true that
there have been a number of product issues over the years - but then
that is true of every other AV product that I'm aware of.

Things I like
- Multi platform support (We have a significant Mac user base, as well
as linux and others)
- Supports distributed/diverse Windows environments (We do not have a
single Windows structure on campus and still have many stand alone
Windows systems)
- Supports a distributed updating mechanism (Due to our structure,
individual depts can update client systems through their own consoles
which are linked to the Central system)
- Great technical support (You get to talk to technicians on the phone)
- Responsiveness to new malware (We have submitted "new" pieces of
malware and received excellent analysis of the files)
- Detects more than viruses (keyloggers, trojans, downloaders etc )

If you have a distributed environment such as ours then initial
installation can be a problem. We ended up developing a preconfigured
installer (generated daily) that users download and run. This caters to
on site and remote users.

Setting up policies can take time. Some attributes can be maintained by
users while others are controlled by the central policy. This causes
confusion to users who configure the client only to find that their
settings have disappeared the next time an update occurs (Now these seem
to occur about 6 times a day on average but can be as little as half an
hour apart).

We are not yet using the PUA (potentially unwanted application) features
yet, nor widespread use of the firewall. This is mainly due to lack of
time to research the right way to deploy.

Mark


Walker, Sam wrote:

Hello.  I was inquired about anyone currently using Sophos as an anti-virus product.  I have viewed the product through 
an on-line web cast via a sales rep but wished to obtain actual end-user opinions before proceeding with installing a 
demo locally.

Thanks in advance,

Sam Walker
WVSOM


--
Mark Borrie
Information Security Manager,
Information Technology Services, University of Otago,
Dunedin, N.Z.
Ph +64 3 479-8395, Fax +64 3 479-5080, Mobile +64 27 609-6409

Current thread:

Sophos Anti-Virus Walker, Sam (May 11)
- <Possible follow-ups>
- Re: Sophos Anti-Virus HALL, NATHANIEL D. (May 11)
- Re: Sophos Anti-Virus Bob Ono (May 11)
- Re: Sophos Anti-Virus Michael Bean (May 11)
- Re: Sophos Anti-Virus Munoz, Aaron (May 11)
- Re: Sophos Anti-Virus Gregg, Christopher S. (May 11)
- Re: Sophos Anti-Virus Mark Borrie (May 13)
- Re: Sophos Anti-Virus Patrick D Menard (May 14)