Netherlands: Netwerkinfrastructuur

Sophos Server Application

Issue link:

Contents of this Issue


Page 1 of 3

Server Application Whitelisting A Sophos Whitepaper 1 The Challenge of Protecting Corporate Servers The volume and value of data stored on corporate servers has made them the prime targets of directed malware and zero-day attacks. Protecting the integrity and availability of servers and confidentiality of the data they contain is a top concern of any organization today. Until now, organizations were left with no choice but to deploy endpoint security for their server protection. However, endpoint security falls short in distinguishing servers from endpoint computers, requiring extensive configuration and optimization which makes it an extremely complex process. Application Whitelisting is increasingly finding its way into corporate environments as a more suitable method to keep advanced and unknown threats from reaching the servers. Whitelisting helps organizations keep the server operating system and the applications it installs secure with a default-deny rule, instead of focusing on the known-bad (default allow). This approach offers proactive, signature-less protection against known and unknown threats and ensures only applications authorized by IT run in the system. But conventional application whitelisting comes with huge management overhead, not just at the time of initial deployment but also during maintenance and change management. Midsized companies with limited IT knowledge and resources are often discouraged from implementing this method or they are impelled to invest in expensive consulting services. Sophos Application Whitelisting—Simple and Effective Server Protection Sophos Cloud Server Protection offers the easiest server application whitelisting solution to mid-market and pragmatic enterprises. It ensures effective security, optimized server performance, quick deployment and easy management. It's also the only solution to offer application whitelisting tightly integrated with server anti- malware and HIPS (Host-based Intrusion Prevention System) for effective server protection against known and zero-day attacks such as in-memory, DLL injection and script-based attacks. With the industry's first one-click server lockdown feature, the solution automatically scans the server for any malware while fingerprinting the applications, establishes the application whitelist baseline, then locks down the server. Once in lockdown mode, the baseline application files cannot be replaced or tampered with. However, Sophos ServerAuthority recognizes server applications and adapts its configuration to automatically enable trusted changes. It also sets antivirus scanning exclusions on its own for high performance. These features eliminate tedious and time-consuming manual configurations and rule-setting. Sophos' context-aware security engine continuously monitors the system to prevent content-based attacks. OVERVIEW Sophos Application Whitelisting, combined with advanced anti- malware and HIPS, delivers powerful server protection that's simple to deploy and maintain. HIGHLIGHTS Ì One-click server lockdown Ì Automatic trust rules to adapt to a server environment Ì Integration with anti-malware and HIPS protects against content-based and zero-day attacks Ì Automated antivirus scanning exclusions to enhance performance Ì Cloud-based protection and management

Articles in this issue

Archives of this issue

view archives of Netherlands: Netwerkinfrastructuur - Sophos Server Application