Sophos Home Updated. Need Your Feedback!

Discussion in 'other anti-virus software' started by Alex_Sophos, May 23, 2016.

  1. fmon

    fmon formerly: Impet

    Joined:
    May 5, 2013
    Posts:
    1,141
    +1 :thumb:
     
  2. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    275
    Location:
    Philippines
    Quarantine, a roll-back feature or something else just to restore AV "disinfection" actions should be a feature.

    How I'm seeing it, the quarantine acts as a way to reduce false-positive detections via reputation of other users' actions/feedback. This feature is turned off by default, and can be activated by more advanced users of your software.
     
  3. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    508
    Location:
    USA
    Thanks Alex, but really looking forward to Sophos Home at least adding an opt-in to quarantine. You need the smart guys on your side to recommend the product, righto_O

    I'll give you two years to fix this, because that's when my current AV subscription expires, so no hurry. But the sooner, the better :)
     
  4. fmon

    fmon formerly: Impet

    Joined:
    May 5, 2013
    Posts:
    1,141
    Two years? I'll give you about 1 month, happy Easter ... :geek:
     
  5. Alex_Sophos

    Alex_Sophos Registered Member

    Joined:
    Feb 9, 2016
    Posts:
    52
    We had an excellent discussion regarding quarantine last week with the engineers, and we referenced the comments here. Will keep you posted.

    In regards to a malware quarantine, would you (anyone on this forum can answer) prefer that:
    1. Malware is listed in a quarantine and you have to choose what says and what should be removed OR
    2. All malware automatically removed, but have a restore option for a limited time period, such as 15 or 30 days, for each piece of malware removed?
     
  6. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    474
    Location:
    USA--Colorado
    #1 for sure.
     
  7. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,229
    Location:
    USA,IA
    I say #1
     
  8. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    2,535
    Location:
    The etherlands
    Failing an Allow / Quarantine prompt, which I doubt the devs would consider given the presumed philosophy behind / target market of Sophos Home, #1 would be the preferred option.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,223

    My Preference would be 1.
     
  10. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    508
    Location:
    USA
    Yup, #1 for sure.

    With #2 there still exists the possibility (especially in regard to a false positive) that an infrequently used file may go down the rabbit hole before you notice that it's gone. It wouldn't be obvious that something had been deleted, until you had tried to run something with a dependency on it.
     
  11. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    920
    #1. IMHO Automatically Remove, no matter how you look at it, is a bad idea.
     
  12. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,473
    2 by default for noobs, 1 as an option that can be enable from the configuration.

    With 2 you can always restore an you get a notification anyway.

    In both cases malware is automatically removed and you have the option to recover it, I don't see much difference besides the expire feature after x days
     
  13. Achelous

    Achelous Registered Member

    Joined:
    Mar 20, 2017
    Posts:
    10
    Location:
    UK
    This. +1.

    If someone installs Sophos Home and enables the real-time protection only for it to mark some files as malicious (when they are really false positive detection's), but securely remove them as opposed to quarantining them, how is the user supposed to approach this situation? It can cause them a lot of hassle to go through backups which may or may not contain the now-lost files, or for them to scramble through the web to re-obtain the files... In some cases, they may not be retrievable depending on the scenario.

    You could always add the Quarantine functionality back and place a new option in the Settings to allow a user to have new detection's auto-removed as opposed to being quarantined... Then you can please both the customers who want automated removal and ones who would like it to be quarantined until further investigation.

    I really do think that Sophos as a team should re-think this decision.
     
  14. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,237
    Location:
    USA
    I use Sophos home for my family that are not so tech savvy. I however, do not because of this exact reason. It needs to be more granular for us power users.
     
  15. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    2,904
    #1 :thumb:
     
  16. klv12gcn

    klv12gcn Registered Member

    Joined:
    May 25, 2008
    Posts:
    2
    Location:
    Bermuda Triangle
    Choice no. 1. :thumb:
    In my personal experience, luckily Sophos hasn't deleted any wrong files yet. But if possible, I prefer the infected files to be moved to quarantine. So, just in case, if it's correct, I can empty quarantine later, if it's a false alarm, I'd like to have my file back. ;)
     
  17. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,473
    Am I the only one who don't see any difference between the 2 options besides the expiration of the quarantined file?
     
  18. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    805
    Location:
    255.255.255.255
    Does Sophos Free has HMP.A integrated ?
     
  19. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    437
    No, their enterprise stuff does.
     
  20. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    805
    Location:
    255.255.255.255
    Oh! Its disappointing ( although understandable from business perspective).
    Plus I was wondering that Sophos is getting low score consistently for months in independent test, which has HMPA integrated. So, is it even worth to get HMPA, keeping in mind its cost.

    I will definitely like to see HMPA integrated in free version too in future. If sophos is serious ( a big question ) about its free version to compete with much better free products, it needs to incorporate better security components.
     
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,744
    Location:
    Among the gum trees
    HMP.A isn't free so why would they add it to an AV for free?
     
  22. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    488
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,744
    Location:
    Among the gum trees
  24. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,473
    I expect them to release Invincea tech at least in their free AV, I think it would make sense.
     
  25. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    805
    Location:
    255.255.255.255
    Even Sophos was not free earlier. But they did release a free version for consumers. The point is not just paid component ( which in this case is still valid point though as sophos would want its money back that it invested in HMP). The main issue whether the missing feature in free product is worth for the consumer to upgrade to paid.
    It generally holds true for majority of AV companies but I do not see that valid for sophos. Currently, sophos is only for enterprise. You wont find normal people using it.

    If it really want to capture the market away from other free AV companies then it need to beat them. Adding HMPA could be one such measure which might make it more lucrative than the competition.
     
Loading...