Sophos AntiVirus & Enterprise Manager
Installation of the software is relatively straightforward and certainly not as time-consuming as eTrust, for example.
The installation on the deployment server consists of the AV software and Enterprise Manager.
The interface for the AV engine itself is quick and easy and at first glance appears to lack the bells and whistles of some of the flashier interfaces. But when you attempt to configure the scan engine you find that it is actually quite powerful and flexible. Immediate scans can be performed on selected drives, scans can be scheduled, and live resident memory scanning is handled by InterCheck Server.
The executable definition files for scanning can be edited by the user and new file types added if required, although the list is quite extensive.
The scanning engine can be configured to run at normal or low priority, it can perform quick or deep scans, it scans archives, and if required, adds the scan results to a checksum file. However the Sophos scan times on quite a large collection of files was quite consistent regardless of which of the deep or quick scan options were selected.
Immediate mode configuration allows the user to select how the scan responds to a virus and can be configured to disinfect Boot Sectors, Documents, and Programs. Infected files can be renamed, deleted, moved, or copied to another location; there is also an option to irretrievably "shred" the offending file.
The Alerting options are very comprehensive and includes options to configure Network Messaging, SMTP e-mail, and set SNMP Traps.
Deploying and administering the AV software enterprise wide is the responsibility of the Enterprise Manager, which for the most part has a logical and relatively easy-to-use interface. When the app is launched the user is presented with the "library configuration view". At this point the source of the virus updates for distribution from your server, which on the Sophos parent Web site is called a Databank, is defined and the update frequency scheduled.
It was at this point that we became a little unstuck. We set the download Web site to the Sophos default and could not manage to connect using the supplied username and password. We had, during the configuration, set the option to "auto detect configuration" for the Internet. Unfortunately this did not detect our configuration and we were directed to disable the option by Sophos tech support after which the connection was established without a hitch.
To delve any deeper into the deployment and admin click on the "Start SAVAdmin" button--this launches the Sophos AntiVirus Administrator.
This application also employs a simple tree structure to navigate though your network and once PCs are "discovered" they, along with their attributes, are displayed on the right-hand side of the tree. The range of attributes displayed is quite extensive and includes not only the PC's current OS but also access details and complete details on the AV installation on the system right down to the version number of the Dat files and whether a particular aspect of the AV is active or not.
From here, AV updates can be pushed to single or multiple systems and while the update process initially appears relatively complex, given the simplicity of the rest of the processes, this is only the case because Sophos has included additional powerful features as can be seen in Figure 3. SAVAdmin also enables the administrator to remotely view the target PC's scan and error logs.
Should anyone on your network have an unprotected PC or out-of-date software, EM can identify the offenders and it can be configured to automatically update them.
Additional administrative support is provided by EM Reporter, which collates virus alerts generated by your Sophos AV and produces customisable reports to keep the administrator abreast of the unsavoury activity on the network.
And, although we did not test it, Sophos also provide a solution for nomadic employees who occasionally wander in and out of your network with potentially dangerous notebook computers: Remote Update. This provides "on the road" updating of the notebook via a network or Web site provided by the employer.
| Product | Sophos AntiVirus & Enterprise Manager |
| Price | Price $84 (per PC for 25 licences) |
| Vendor | Sophos |
| Phone | 02 9409 9112 |
| Web | www.sophos.com.au |
| Interoperability |  ½ |
| Relatively simple to drive and supports a wide range of environments including Mac. | |
| Futureproofing |  ½ |
| Solid package with a powerful set of features. | |
| ROI |  |
| Moderate cost per seat. | |
| Service |  ½ |
| 24x7 phone and fax support; e-mail and Web support. | |
| Rating |  ½ |
