Sophos Ltd. has shipped an edition of its next-generation Intercept X security product for servers.
Officially dubbed Intercept X for Server and available immediately, the new product draws on the same functionality as the original version of Intercept X, which is designed to protect desktops and laptops from malware, ransomware, and advanced persistent threats, including exploits not yet included on any vendor’s “black list.” The new version of the product tailors those capabilities to the unique requirements of servers, however.
“Attacks to single endpoints are devastating for sure, but an attack to a server could literally devastate an entire organization,” says Kendra Krause, Sophos’s vice president of global channels. “We just feel that there is an extra level of security that’s needed for servers.”
Until today, Sophos’s server security portfolio consisted of two products, Central Server Protection Standard and Central Server Protection Advanced. Intercept X for Server is an expanded and re-branded version of the latter offering. Sophos will upgrade existing Central Server Advanced users to the new system automatically.
Central Server Protection Standard remains on the market as a separate product under its original name. In conjunction with the launch of Intercept X for Server, however, Sophos has equipped the older system with features previously available only in Central Server Protection Advanced, including web control, application control, and data loss protection functionality.
Features in Intercept X for Server borrowed from the endpoint version of the product include its neural networking-based deep learning technology, which blocks previously unidentified threats in real time. According to Sophos researchers, 75 percent of all malware found in an organization’s environment is unique to that organization, suggesting that the vast majority of malware is previously unknown.
Other features adapted from the original Intercept X include its exploit protection functionality, which prevents attackers from leveraging known vulnerabilities, and its root cause analysis component, which helps users detect successful breaches, isolate why they occurred, and identify compromised files.
New features specific to Intercept X for Server include cloud workload discovery functionality that automatically locates and protects virtual servers running in either the Microsoft Azure or Amazon Web Services public clouds.
Like most Sophos security solutions, Intercept X for Server takes advantage of the vendor’s “synchronized security” technology, which enables separate products with different responsibilities to share information and address threats collaboratively. Technicians can administer the new solution via the same Sophos Central interface they use to manage other Sophos products.
According to Krause, Intercept X for Server represents a cross-selling opportunity for businesses running endpoint protection alone, as well as an upsell opportunity for companies running older server security products. Cross-selling is among the key opportunities Sophos is urging its partners to capitalize on in its 2019 fiscal year, which began in April.
The first release of Intercept X reached market in September of 2016. Sophos made the system available through its MSP Connect partner program, which lets managed service providers optimize cash flow by paying for software via monthly recurring fees, two months later. A major update of the product bearing deep learning capabilities and enhanced exploit protections arrived this January.
Sophos added anti-ransomware technology from Intercept X to select editions of Central Server Protection in April of 2017.
According to Sophos, attackers increasingly have servers in their crosshairs, and are using breached devices to surreptitiously mine cryptocurrencies and steer traffic to malicious websites.
Intercept X for Server is the second significant addition to the Sophos product family in as many months. The company shipped a new cloud-based email security offering in June.