Sophos Central Server Protection (Formerly Sophos Cloud Server)
The unified console for managing your Sophos products
Sorry, this product is no longer available, replace by the Central Server Protection.
Defend your data from malware without sacrificing server performance. Sophos Server Protection protects your server environment from malicious attacks while keeping your servers running at optimum performance. Designed to secure business- critical servers, Sophos Server Protection includes server application whitelisting, advanced anti-malware, and behavior analysis. It’s server security made simple, providing protection for your Windows, Linux, and UNIX systems, whether you’re running physical or virtualized servers, on premise, or in the cloud, including Amazon Web Services (AWS) and Azure.
- Protects Windows, Linux, and UNIX systems with minimal resource use
- Protects against ransomware running locally or remotely
- Synchronized Security with Destination Heartbeat
- Protects and manage server policies for auto- scaling groups in AWS
- Protects server images in Azure
- Server Lockdown with application whitelisting
- Advanced, policy-based rules
- Simplified management from the cloud or an on-premise console
Sophos Server Protection offers innovative features like anti-ransomware and pre-execution emulation for identifying suspicious behavioral patterns, giving you the broadest protection for your servers and data, including from zero-day attacks. Our CryptoGuard anti-ransomware detects and intercepts unsolicited encryption of files, resulting from ransomware running on a remote endpoint that is connected to the server. Server Lockdown uses application whitelisting to secure servers with a default deny policy, preventing all unauthorized applications from executing. Once a server is locked down, anti-malware and a Host Intrusion Prevention System (HIPS) behavior analysis prevent content-based threats (such as an infected PDF or Word document) that could otherwise exploit vulnerabilities within whitelisted applications.
Sophos Server Protection also includes Malicious Traffic Detection, which monitors for traffic associated with malware. This feature enables early detection and removal of malware, along with Synchronized Security with Security Heartbeat to accelerate threat discovery, isolation, and remediation.
High-performance security built for servers
Servers are the repositories for the majority of most organizational data. With users needing continuous access, maximum uptime and optimal performance are of utmost importance. The server-specific policies provide out-of-the-box protection, giving you granular control of the lightweight agent. A variety of server-specific techniques enable small and fast updates, designed to require fewer server resources and mitigate any impact. Automatic application exclusions for key business applications, like Exchange or SQL, prevent false positives and needless rescanning of files.
Simple to use, including one-click Server Lockdown
Sophos Server Protection Advanced is the only solution that locks down your server with a single click, securing servers in a safe state and preventing unauthorized applications from running. With that click, Sophos automatically scans the system, establishes an inventory of known- good applications, and whitelists just those applications. Other whitelisting applications require the manual creation of rules to secure scripts and other system files, but Sophos manages the connections between applications and the associated files, such as DLLs, data files, and scripts.
Server Lockdown is only an example of how Sophos has made server security simple. With policy- based rules for server groups, as well as application, peripheral, and web control, Sophos makes it easy to control what happens on your servers, whether they be physical, virtual, or in the cloud
Cloud or on-premises management
When it comes to managing your servers, you have options. Our cloud-based Sophos Central, hosted by Sophos, provides instant access to new features with no console servers to set up and maintain. It also manages other Sophos products, including Endpoint, Mobile, Wireless, Email, and Web — all from a single pane of glass.
If you prefer to manage your servers with an on-premises console, Sophos Enterprise Console provides you with that option. Either way, you get sophisticated functionality coupled with a simple, intuitive interface for your servers and your users’ workstations, too.
Security for every platform
With support for a broad range of platforms, you can protect every server in your organization. In addition to Windows Server, Sophos Server Protection secures the most common variants of Linux and Unix-based operating systems.
Sophos Central Server Protection gets a host of new features to further enhance your protection. We’re also updating the license names to better reflect these new capabilities.
Intercept X Advanced for Server
Formerly Central Server Protection Advanced
New features include:
- Deep Learning
The artificial intelligence built into Intercept X Advanced for Server is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures.
- Exploit Protection
Denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. This allows Sophos to ward off evasive hackers and zero-day attacks in your network.
- Active Adversary Protection
Protects against advanced hacking techniques performed by attackers to establish their presence on a device, steal credentials, escalate privileges, or gain more enduring access, including Code Cave mitigation and credential theft protection.
Advanced anti-ransomware protection, preventing adversaries from encrypting the master boot record (MBR).
- Root Cause Analysis
Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers guidance to help remediate infections today and bolster your security posture.
Central Server Protection
Formerly Central Server Protection Standard
New features include:
- Malicious Traffic Detection (MTD)
Monitors HTTP traffic for signs of connectivity to known bad locations such as command and control servers, an early indicator that a new piece of malware may be present.
- Synchronized Security Heartbeat™
Synchronized Security simplifies and unifies defenses with real-time intelligence sharing between your servers and firewall. Get better protection against advanced threats and spend less time responding to incidents.
- Web Control
Provides control of potentially inappropriate websites for acceptable use by site category.
- Application Control
Point-and-click blocking of applications by category or by name. Enables administrators to block certain legitimate applications from running on servers.
- Peripheral Control
Enables you to monitor and manage access to removable media and peripheral devices connected to your physical servers.
- Data Loss Prevention (DLP)
Designed to reduce the risk of accidental data transfer to removable storage devices, corporate web browsers, email clients and IM clients.
- Windows Firewall Control
Provides the ability to monitor and control the native firewall on Windows servers.
- Cloud Workload Discovery (AWS Map View)
Attackers take advantage of unused cloud regions to avoid detection. Sophos now discovers workloads in every public AWS region, even the ones you are not actively using.
|Central Server Protection||Intercept X Advanced for Server|
|AV Signatures / HIPS / Live Protection|
|Automatic Scan Exclusions (AWS and Azure)|
|Cloud Workload Discovery|
|Data Loss Protection (DLP)|
|Malicious Traffic Detection (MTD)|
|Synchronized Security Heartbeat|
|Server Lockdown (Whitelisting)|
|Active Adversary Mitigation|
|Root Cause Analysis|
|Windows Server 2008 R2 and later|
|Disk space: 1 GB minimum|
|RAM: 1 GB* minimum|
|English, French, German, Italian, Japanese, Spanish, and Simplified and Traditional Chinese|
*If using lockdown, the required memory is 2 GB.
|Novell Open Enterprise Server|
|Red Hat Enterprise Linux|
|SUSE Linux Enterprise Server|
|Disk space: 1 GB minimum|
|RAM: 1 GB minimum|
|Solaris (SPARC and Intel)|
|Disk space: 1 GB minimum|
|RAM: 1 GB minimum|
How to Buy:
Sophos Server Protection can be deployed on a physical server, or run on a VM (either in your datacenter or on AWS or Azure). It can be managed either through the Sophos-maintained Sophos Central website, or through an on-premises management console. Both deliver outstanding performance and protection. See the table to licensing options below for details of the features available across the two price tiers on both Sophos Central and on premises with the Sophos Enterprise Console (purchased separately).
|Sophos Central||Sophos Enterprise Console|
|Central Intercept X Advanced for Server||Central Server Protection||Server Protection for Virtualization, Windows, and Linux|
|Public Cloud (Microsoft Azure and Amazon AWS)|
|Prevent - Attack Surface Reduction|
|Application Whitelisting [Server Lockdown]|
|Windows Firewall Control|
|Web Control (URL Blocking)|
|Peripheral Control (e.g., USB)|
|Prevent - Before It Runs on Device|
|Deep Learning malware detection|
|Anti-malware File Scanning|
|Pre-execution Behavior Analysis [HIPS]|
|Off-board scanning for VMs (ESXi and Hyper-V)2|
|Detect Potentially Unwanted Applications (PUA)|
|Data Loss Prevention|
|Detect - Stop Running Threat|
|Anti-Hacker/Active Adversary Mitigations|
|Ransomware File Protection [CryptoGuard] includes detection of attacks on the server from remote connected endpoints||Add-on3|
|Disk and Boot Record Protection [WipeGuard]|
|Malicious Traffic Detection|
|Respond - Investigate and Remove|
|Sophos Clean Automated Malware Removal|
|Root Cause Analysis|
|Manage - Control|
|Server-specific policy management|
|Update Cache and Message Relay|
|Automatic Scanning Exclusions|
|Synchronized Application Control4|
|Manage - Visibility|
|Azure Workload Discovery and Protection|
|AWS Workload Discovery and Protection|
|AWS Map, multi-region visualization|
|Synchronized Security with Security Heartbeat (Enhanced threat protection, positive source identification, and automated isolation)4|
|Windows Remote Desktop Services (user visibility)|
|Manage - Sophos Central|
|Cloud-based management, eliminating the need the install and maintain a separate server on premises, and managing security of servers in a single console with endpoints, mobile, email, wireless|
11 All features available on Windows; selected features available on Linux
2 See features of Sophos for Virtual Environments with its ultra-thin agent deployment
3 For Windows Servers managed by Sophos Enterprise Console, CryptoGuard is available with the Endpoint Exploit Prevention (EXP) Add-on license
4 When used in conjunction with the Sophos XG Firewall
Alternative deployment option – Sophos for Virtual Environments
Sophos for Virtual Environments enables malware detection to be offloaded to a centralized Security VM to reduce the potential performance impact on Windows virtual servers. Licensed per virtual server, with entitlement to the Sophos for Virtual Environments alternative deployment option included with all Sophos Server Protection licenses.
Support for Windows servers on VMware ESXi and Microsoft Hyper-V
- Off-board malware protection to a centralized Sophos Security VM
- Lightweight guest Virtual Machine Agent, infrequent updates
- Memory-resident malware detection
- Automated Threat Cleanup
- Prevent update storms and scan storms
- Windows Security Center integration
- Visibility of connected guest VMs (Sophos Central only)
Download the Sophos Server Protection Data Sheet (PDF).