If you’ve ever tuned into one of our biweekly webinars or perused our other video content, then you know that we often use those events as opportunities to give you guided tours of some of the many network and endpoint security products that we carry. Now, we get if you’re thinking, “Well, I bet you have nothing bad to say about the products you carry.” And while we would certainly never badmouth one of our business partners, we also make it our duty to highlight the products that we truly believe are the best for mid-sized businesses (and it’s our conversations with clients that often determine the products that we cover).
Our recent webinar on Sophos Central is a perfect example of a product that our clients are actively talking and asking about. Designed as the central admin for managing the different Sophos products you may utilize, the central admin platform they have developed is looking like it will become the new standard in IT.
After all, at the rate that threats are evolving and with more end users requiring the mobility to work from home, a Starbucks, or out in the field, attackers have more points of access than ever before with which to break into your network. You need protection that will follow your employees wherever they may go on whatever device they are using, signaling a major paradigm shift in how people are starting to think about endpoint security.
Now, in the world of IT, our industry relies on constant paradigm shifts and when it comes to your central admin platform, Sophos Central has arguably changed the game for mid-size businesses.
Why? Well, let’s get into Sophos Central itself. If you take a look at the image at the top of this article, you see that the platform allows you to control your endpoint and network security. Be it securing the network perimeter, web, email, or wireless or securing the endpoint device, mobile devices, data protection, and your servers, the days of having to log into multiple platforms are gone, saving you a considerable amount of time and freeing admins up to focus on such ongoing tasks as improving their network security posture.
Taking a Look at the Sophos Central Dashboard
In the world of IT, we’re used to big things coming in small packages. And as the above screenshot of the Sophos Central dashboard shows, it doesn’t look like much to the untrained eye. In the above screenshot we see a medium alert in the top center that you simply have to click on to clear a threat. From there, you can drill into reports, the report logs, web stats, email security, and begin syncing your users up with your Active Directory. With Sophos Central, you have unparalleled visibility at the touch of a fingertip.
In addition, you can see all of the machines that are running on the network, including your own. One of the most exciting aspects of Sophos Central is that it has a somewhat modular quality to it that allows you to modify tamper protection and other features at a granular level. For instance, you can set up tamper protection for every user while additionally generating an individual tamper protection code for each individual user. This comes in handy when you have an employee who is perhaps out in the field that requires troubleshooting of some sort. Even if they’re not online or using their personal device, you can create a new password while they are in lockdown for only the machine they are using and then return them to a safe environment without once compromising your security.
Policies, Lockdowns, and Application Control
Moving on, you can also launch a scan to see all events, their status, and everything that is up and running. From there you can start driving into policies or simply click on one and start editing it to see which machines it is running on alongside the different settings. For instance, if you are running Sophos’ add-on Intercept X, which provides anti-malware or malware remediation capabilities in addition to guarding against ransomware, you can schedule a scan along with certain exclusions. Now, you can click on global scanning exclusion to see which ones you’ve set up for the whole environment, but if you have some additional exclusions for your admin team, then you can add those so they only apply to that policy.
When it comes to your end user, Sophos Central’s Peripheral Control allows you to review how you’ve set up particular end user groups and start blocking particular applications and actions to ensure there are no breaches in your endpoint. For example, you can block bridge for internet so that if an end user is working in Starbucks and a hacker attempts to bridge their wireless and come back into network through your VPN, they won’t be able to. Additionally, when it comes to exceptions, let’s say you’ve decided to block all thumb drives. But if you have an admin stick that you want to be able to plug into any box, you can whitelist the boxes you wish to access and add that exception to your end user group.
With Sophos Central Application Control, you can see what has already been blocked and the categories that you’re doing. It also has a powerful search bar that allows you to look for applications based on name or category, like IE. Furthermore, you check on any new applications added to a particular category and block anything that you don’t really new, which is a favorite pastime of our VP of Sales & Technology, Pete Greco. Lastly, you can do some light mobile device management whether you’ve provided your employees with tablets or smart phones or they own their own, like blocking the App Store, camera, and other features. You can push out Office Exchange settings to their email if it’s a company device and much more.
If you have a guest visiting that needs to access your wireless network, Sophos Central also provides you with the ability to push out the password to all of your users so that you don’t have to worry about an employee giving it away to the wrong person by accident.
When it comes to remote lock and wipe, Sophos Central truly boasts some unique and cutting-edge features. For example, if you have a web content filter in place on an employee’s computer and they take it off of the network, the same content filtering will be in place providing you with real-time reports if a user goes to a blocked or malicious site, even if they don’t return to the office for weeks.
Of course, when it comes to first setting up your whitelists or particular settings, Productive is always here to help guide you through this easy but intricate process. And like we mentioned before, Sophos Central boasts both macro and micro feature that allow you to block, warn, or allow applications in one fell swoop. But most businesses need some degree of customization to best support how a particular organization functions, so you can allow for PDFs or videos and customize to the most granular level. Ultimately, when it comes to permissions, most employees should never receive an executable so you can block that right off the bat as you establish Acceptable Web Usage for your end users.
What if you’ve created some global whitelists that are in an incorrect category? Or they are in a correct category, but you still need to access them for whatever legitimate reason? You can label them accordingly, such as Productive Content in our case. And with each new site that gets added to that list, you can add them by calling a tag that will allow it for the group for which you’ve enabled it. Or you can label a site that is an allowed group that you don’t want people to have access to as blocked, doing so automatically. You can also manage your device encryption if you’re running BitLocker in order to manage keys, logging in, and password resets all straight from Sophos Central.
Of course, there is much more we can cover, and if you’re curious we suggest you catch the full recorded webinar with transcript here. And if you’re interested in doing a trial of Sophos Central or need help configuring it in the most optimal way for your organization, then simply give us a call and we will do everything we can to ensure a smooth transition to a much easier way of doing our jobs.
Want to learn more about Sophos Central or schedule a trial. Click here to contact us today!