Sophos Intercept X Advanced for Server (Formerly Central Server Protection Advanced)
Unmatched Server Protection
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
More pricing below, click here!
Please Note: All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
Overview:
Whether in the cloud or on premises, you need to protect the critical applications and data at the core of your organization. Intercept X for Server offers a comprehensive, defense-in-depth approach using deep learning malware detection, exploit prevention, anti-ransomware technology, application white listing, active adversary protection, and in-depth root cause analysis.
Highlights
- Discover and protect workloads in Microsoft Azure and Amazon Web Services
- Protect against ransomware on servers, including remote attacks from rogue endpoints
- Server Lockdown whitelists applications
- Block advanced hacking techniques and exploits
- Root cause analysis details the cause of attacks and infection path
- Synchronized Security shares threat, health, and security information across multiple Sophos products
- Simplified management from Sophos Central
- Threat protection for Windows and Linux systems
Powerful server-specific protection
Intercept X for Server leverages a broad set of protections to stop zero-day attacks, exploits, and hackers. These protections prevent attacks from reaching servers in the first place, detect attacks before they run, or stop them and provide a thorough cleanup if they manage to evade protection. Its constantly updated artificial intelligence model is trained to look for suspicious attributes of potentially malicious code on servers. Plus, server-specific features such as Server Lockdown and Cloud Workload Discovery ensure that server configurations are safe.
Intercept X for Server discovers and protects workloads in the cloud, including Microsoft Azure and Amazon Web Services. By connecting Sophos Central with AWS and Azure, Intercept X for Server visually confirms that servers are protected, making management easier by displaying relevant information in Sophos Central.
Stop server-based ransomware
CryptoGuard defends against ransomware, working at the file system level to detect and intercept unsolicited file encryption, both on the server or from a remote endpoint connected to the server. WipeGuard similarly works to protect the master boot record from malicious encryption.
Sophos Intercept X for Server locks down your server with a single click, whitelisting your applications to secure servers in a safe state and preventing unauthorised applications from running. Sophos automatically scans the system and establishes an inventory (whitelist) of known good applications without the need for manual rule creation. Sophos creates an unbreakable bond between applications and associated files, such as DLLs, data files, and scripts.
Disrupt attacks: Deny hackers access to servers
Vulnerabilities appear at an alarming rate, and patching servers without disrupting users can be challenging. Exploit attacks can be devastating and are often undetectable by traditional server protection technologies. Intercept X for Server is designed to stop even the most stubborn hacker from using exploit techniques to harvest credentials, whether they try to remain hidden and persistent, or move laterally, Intercept X is designed to stop them.
Root cause analysis
Intercept X for Server also includes detection and response technology to provide complete visibility so admins will know how an attack got in, where it went, what it touched, and what you should do next. Intercept X for Server provides this without an additional agent or management console.
Synchronized Security
Synchronized Security is a best of breed security system that enables your defenses to be as coordinated as the attacks they protect against. It combines an intuitive security platform with award-winning products that actively work together to block advanced threats to give you unparalleled protection.
Easy to manage with Sophos Central
Managing your security from Sophos Central means you no longer need to deploy servers to secure your systems. Sophos Central, hosted by Sophos, provides instant access with no console servers to set up. Sophos Central provides out-of-the-box policies for servers while also managing other Sophos products, including Sophos Intercept X, Mobile, Wireless, Email, and Web - all from a single pane of glass.
Features:
Powerful, Server-Specific Protection
Protect the critical applications and data at the core of your organization, whether that data is on physical servers, virtual servers, or in the cloud. Intercept X for Server employs a comprehensive defense-in-depth approach including these essential protections:
Deep Learning Neural Network
Protects against never-before-seen malware
Our constantly updated artificial intelligence model that is trained to look for suspicious attributes of potentially malicious code
Anti-Exploit
Prevents an attacker from leveraging common hacking techniques
Protects against browser, plugin, or Java-based exploit kits even if your servers are not fully patched
Root Cause Analysis
Incident response with forensic detail
Provides the who, what, when, where, and how of a given attack, allowing IT the ability to constantly improve upon their security posture
CryptoGuard and WipeGuard
Stops ransomware and master boot record attacks
Automatically identifies and stops unwanted encryption attempts as well as system-crippling MBR attacks
Anti-Hacker Capabilities
Protects against the most persistent hacking attempts
Prevents pervasive, real-time hacking techniques such as credential harvesting, lateral movement, and code-caving
Server Lockdown
Provides application whitelisting with a single click
Reduces the attack surface by ensuring that only known and trusted application executables can be configured and run on a server
What's New:
Sophos Central Server Protection gets a host of new features to further enhance your protection. We’re also updating the license names to better reflect these new capabilities.
Intercept X Advanced for Server
Formerly Central Server Protection Advanced
New features include:
- Deep Learning
The artificial intelligence built into Intercept X Advanced for Server is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures. - Exploit Protection
Denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. This allows Sophos to ward off evasive hackers and zero-day attacks in your network. - Active Adversary Protection
Protects against advanced hacking techniques performed by attackers to establish their presence on a device, steal credentials, escalate privileges, or gain more enduring access, including Code Cave mitigation and credential theft protection. - WipeGuard
Advanced anti-ransomware protection, preventing adversaries from encrypting the master boot record (MBR). - Root Cause Analysis
Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers guidance to help remediate infections today and bolster your security posture.
Central Server Protection
Formerly Central Server Protection Standard
New features include:
- Malicious Traffic Detection (MTD)
Monitors HTTP traffic for signs of connectivity to known bad locations such as command and control servers, an early indicator that a new piece of malware may be present. - Synchronized Security Heartbeat™
Synchronized Security simplifies and unifies defenses with real-time intelligence sharing between your servers and firewall. Get better protection against advanced threats and spend less time responding to incidents. - Web Control
Provides control of potentially inappropriate websites for acceptable use by site category. - Application Control
Point-and-click blocking of applications by category or by name. Enables administrators to block certain legitimate applications from running on servers. - Peripheral Control
Enables you to monitor and manage access to removable media and peripheral devices connected to your physical servers. - Data Loss Prevention (DLP)
Designed to reduce the risk of accidental data transfer to removable storage devices, corporate web browsers, email clients and IM clients. - Windows Firewall Control
Provides the ability to monitor and control the native firewall on Windows servers. - Cloud Workload Discovery (AWS Map View)
Attackers take advantage of unused cloud regions to avoid detection. Sophos now discovers workloads in every public AWS region, even the ones you are not actively using.
Central Server Protection | Intercept X Advanced for Server | |
---|---|---|
AV Signatures / HIPS / Live Protection | ||
Automatic Scan Exclusions (AWS and Azure) | ||
Cloud Workload Discovery | ||
Peripheral Control | ||
Web Control | ||
Application Control | ||
Data Loss Protection (DLP) | ||
Malicious Traffic Detection (MTD) | ||
Synchronized Security Heartbeat | ||
Server Lockdown (Whitelisting) | ||
CryptoGuard | ||
WipeGuard | ||
Active Adversary Mitigation | ||
Exploit Protection | ||
Root Cause Analysis | ||
Deep Learning |
Technical Specifications:
Windows Server
Supported platforms |
---|
Windows Server 2008 R2 and later |
System requirements |
Disk space: 2 GB minimum |
RAM: 2 GB minimum |
Supported languages |
English, French, German, Italian, Japanese, Spanish, and Simplified and Traditional Chinese |
Linux Server
Supported platforms |
---|
CentOS |
Debian |
Novell Open Enterprise Server |
Oracle Linux |
Red Hat Enterprise Linux |
SUSE Linux Enterprise Server |
Ubuntu |
System requirements |
Disk space: 1 GB minimum |
RAM: 1 GB minimum |
Supported languages |
English, Japanese |
UNIX Server
Supported platforms |
---|
AIX |
Solaris (SPARC and Intel) |
System requirements |
Disk space: 1 GB minimum |
RAM: 1 GB minimum |
Supported languages |
English, Japanese |
How to Buy:
Sophos Server Protection can be deployed on a physical server, or run on a VM (either in your datacenter or on AWS or Azure). It can be managed either through the Sophos-maintained Sophos Central website, or through an on-premises management console. Both deliver outstanding performance and protection. See the table to licensing options below for details of the features available across the two price tiers on both Sophos Central and on premises with the Sophos Enterprise Console (purchased separately).
Sophos Central | Sophos Enterprise Console | ||
---|---|---|---|
Central Intercept X Advanced for Server | Central Server Protection | Server Protection for Virtualization, Windows, and Linux | |
Platforms | |||
Windows Server | |||
Linux1 | |||
Public Cloud (Microsoft Azure and Amazon AWS) | |||
Prevent - Attack Surface Reduction | |||
Application Whitelisting [Server Lockdown] | |||
Web Security | |||
Windows Firewall Control | |||
Download Reputation | |||
Web Control (URL Blocking) | |||
Peripheral Control (e.g., USB) | |||
Application Control | |||
Prevent - Before It Runs on Device | |||
Deep Learning malware detection | |||
Exploit Prevention | |||
Anti-malware File Scanning | |||
Live Protection | |||
Pre-execution Behavior Analysis [HIPS] | |||
Off-board scanning for VMs (ESXi and Hyper-V)2 | |||
Detect Potentially Unwanted Applications (PUA) | |||
Data Loss Prevention | |||
Detect - Stop Running Threat | |||
Anti-Hacker/Active Adversary Mitigations | |||
Ransomware File Protection [CryptoGuard] includes detection of attacks on the server from remote connected endpoints | Add-on3 | ||
Disk and Boot Record Protection [WipeGuard] | |||
Malicious Traffic Detection | |||
Respond - Investigate and Remove | |||
Sophos Clean Automated Malware Removal | |||
Malware Removal | |||
Root Cause Analysis | |||
Manage - Control | |||
Server-specific policy management | |||
Update Cache and Message Relay | |||
Automatic Scanning Exclusions | |||
Synchronized Application Control4 | |||
Manage - Visibility | |||
Azure Workload Discovery and Protection | |||
AWS Workload Discovery and Protection | |||
AWS Map, multi-region visualization | |||
Synchronized Security with Security Heartbeat (Enhanced threat protection, positive source identification, and automated isolation)4 | |||
Windows Remote Desktop Services (user visibility) | |||
Manage - Sophos Central | |||
Cloud-based management, eliminating the need the install and maintain a separate server on premises, and managing security of servers in a single console with endpoints, mobile, email, wireless | |||
Multi-factor authentication | |||
Role-based administration |
11 All features available on Windows; selected features available on Linux
2 See features of Sophos for Virtual Environments with its ultra-thin agent deployment
3 For Windows Servers managed by Sophos Enterprise Console, CryptoGuard is available with the Endpoint Exploit Prevention (EXP) Add-on license
4 When used in conjunction with the Sophos XG Firewall
Alternative deployment option - Sophos for Virtual Environments
Sophos for Virtual Environments enables malware detection to be offloaded to a centralized Security VM to reduce the potential performance impact on Windows virtual servers. Licensed per virtual server, with entitlement to the Sophos for Virtual Environments alternative deployment option included with all Sophos Server Protection licenses.
Support for Windows servers on VMware ESXi and Microsoft Hyper-V
Features include:
- Off-board malware protection to a centralized Sophos Security VM
- Lightweight guest Virtual Machine Agent, infrequent updates
- Memory-resident malware detection
- Automated Threat Cleanup
- Prevent update storms and scan storms
- Windows Security Center integration
- Visibility of connected guest VMs (Sophos Central only)
Documentation:
Download the Sophos Server Protection Data Sheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Pricing and product availability subject to change without notice.
- Full Server Agent and Sophos for Virtual Environments light agent cannot be deployed on the same server
Windows Server Agent:
- Deep Learning Anti-malware, Exploit Prevention, Active Adversary Protection, CryptoGuard and WipeGuard Anti-Ransomware, Root Cause Analysis, Application Whitelisting [Server Lockdown], Live Protection, Malicious Traffic Detection, Behaviour Analysis/HIPS, File Integrity Monitoring, Web Security, Download Reputation, Web Control, Peripheral Control, Application Control, Data Loss Prevention, Windows Firewall Control, Synchronized Security, Sophos Clean Malware Removal, Automatic Scanning Exclusions, AWS/Azure Cloud Workload Discovery
Linux Server Agent
- Anti-malware, Live Protection, Malicious Traffic Detection, Synchronized Security, AWS/Azure Cloud Workload Discovery
Sophos for Virtual Environments (Alternative to full Server Agent)
- For Windows Servers on VMware ESXi and Microsoft Hyper-V, a light guest VM agent off-loads malware scanning to a centralized Security VM. Anti-malware, Live Protection, Malware Removal.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.
*Price per license. Quantity must be 1 or greater.
*Price per license. Quantity must be 10 or greater.
*Price per license. Quantity must be 25 or greater.
*Price per license. Quantity must be 50 or greater.
*Price per license. Quantity must be 100 or greater.