Sophos antivirus

Discussion in 'other anti-virus software' started by kloshar, Jan 2, 2004.

Thread Status:
Not open for further replies.
  1. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    Hello!

    Do you recomend Sophos Antivirus program? It seems to be quite good thing.
     
  2. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    For companies yes. For private use no.

    wizard
     
  3. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    Why not for private use? There are many people who use this antivirus at home.
     
  4. Karl_Menshy

    Karl_Menshy Registered Member

    Joined:
    Apr 18, 2003
    Posts:
    135
    I personally think that Sophos is a nice home AV, too. The only issue is that the updating process is heavily based on network resources. Updating at home means to download ide files by hand and then place them into the program dir.

    But besides updating, the intercheck technology is really a nice feature on older comps.

    Oh, and yes, pricing...last time I checked they did not sell a home license but rather a minimum of a 5-licenses package, anybody more info on this?
     
  5. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    Sophos is a product designed to support large companies networks. That's there strength. Besides that it offers nothing special to support home users. It starts with having no heuristics, no unpacking engine and limited detection of malware targeting home users like all sorts of trojans and so on.

    The other big disadvantage is the price. It is compared to other av's extremely expensive (from a home user's point of view).

    For home users other av products are definitly a better choice.

    wizard
     
  6. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    Huh, I know lot, but realy lot of people who use Sophos at home. And they say that it is realy perfect. Just updating. But if you know how to do it, you can make Scheduled task to open its site every day. So the updating is not a problem.

    Yes, that is true.

    I don't agree with that. It has very strong heuristics, unpacking engine is better than f-secure's, and it can detect all kind of things. Trust me.
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,790
    Location:
    Texas

    VERY expensive!
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Sophos is aimed at business users and those I know who use it speak well of Sophos' support (which is doubtless why it costs so much compared to others). If you think you will need that support then it should be worth your consideration.
     
  9. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Are you sure you are talking about Sophos?

    Sophos heavily relies on virus signatures database. No heuristics engine is used at all. It can detect some viruses genetically but that about it.

    No it does have unpacking engine at all. It only supports a few archives (ARJ, CMZ, GZIP, RAR, RAR3, TAR, UUE, ZIP, LHA, LZH, BZip2, Stuffit).


    tECHNODROME
     
  10. noone

    noone Guest

    Most corporations get a license for their employees' home computers along with the site license... I think just about all people who use it at home get it for free from their employers.

    Like most other corporate editions, it's no-frills, and according to its proponents, thus lighter, faster and more stable than a lot of home-user targeted AVs.
     
  11. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,790
    Location:
    Texas

    I trialed it long ago not knowing who it was targeted to. Very nice interface and ran very well on a win98 machine.
     
  12. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear Wizard and Technodrome, Sophos DOES have heuristic detection capability and it also has unpacking support for packers viz. Diet, LZEX, Petite, PKLite, UPX, etc. in addition it uses checksumming technology just like KAV 5.
     
  13. AgentX

    AgentX Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    44
    Location:
    The Intarweb
    I second that.
    Sophos mentions its heuristics in the datasheets and manuals.
    However, it's not very effective against 'other' malware, an arena where KAV, McAfee
    and F-Secure really shine.

    Regards,
    AgentX
     
  14. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    malwares poses as a threat when the surfing habits go wild. with some common sense even NAV provides good protection.
     
  15. AgentX

    AgentX Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    44
    Location:
    The Intarweb
    I agree! But even with all the good habits, one can't escape from being trapped in an
    unwarranted situation. That's why they say, "Better safe than sorry!". ;)

    - AgentX
     
  16. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    hmmm.... nowadays those blasted vulnerabilities are causing all this trouble. Panda IS is now detecting vulnerabilities and prompting user to download and install patches. how cool can that be.
     
  17. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Sophos uses genetic approach as I said above. This approach usually will only detect viruses within the same family.

    There is no etc. Sophos is able to unpack only a few common of hundreds packers (you named them all). Does this make a good unpacking engine? No. It makes no unpacking engine at all.

    When it comes to classic detection, Sophos AV is very good scanner.

    tECHNODROME
     
  18. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I personally have to agree with technodrome that sophos is a very good corporate av but not a very good av for home users, it just wasn't written to be a home av.

    bigc
     
  19. COZY

    COZY Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    7
    I've been working with a company using Sophos for over a year now, I'm not a 'Techie' so I wouldn't know the in's and out's of the program but as the company I work for has no IT dept as such I tend to have to cover this area.

    My own experience is that for those with a limited knowledge (like myself) the support doesn't cater for a 'home user / novice' standard. Sophos aims itself at a corporate / everyone's an IT wizz kid level - an attitude which I have on several occasions found somewhat annoying particularly when every machine on our netwrok seems to have been infected and teh terminology been used is/was baffling!!

    The update side of things was solved by the installation of another piece of software called enterprise manager which updates the server and then workstations on the network automatically. However the AV has no in built update facility therefore making it tedious to update manually.

    Overall I personally haven't been that impressed although they do seem to be winning numerous awards so they must be doing something right!
     
  20. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear Technodrome, its true that due to the nature of genetic algorithm, Sophos can catch variants of the same family, thats heuristics. you can't say Sophos doesn't use heuristics. also when i used ETC i meant things like PeCompact, Aspack, Neolite, wwpack32, so i didn't name them all. i'd add that it means it has some unpacking capability rather than NO UNPACKING capability. there are AVs that doesn't use heuristics at all and with no unpacker support. just don't let others confuse Sophos with them. i'm sure you'll understand.
     
Loading...
Thread Status:
Not open for further replies.