Microsoft’s takedown of No-IP – there’s a better way to battle DNS abuse

no-ip-150Microsoft’s takedown of the No-IP dynamic DNS service generated a lot of controversy when legitimate customers were impacted by the disruption of 18,000 subdomains abused by cybercriminals.

Microsoft has done its fair share of good, frequently working with law enforcement to take out servers that control malware spewing bots, such as the ZeroAccess botnet. But in this case, Microsoft misfired and caused a lot of collateral damage, according to Sophos security adviser Maxim Weinstein.

In a new post at Dark Reading Maxim writes that the Microsoft vs. No-IP case highlights the need for “clear standards of abuse handling, and transparency on which service providers measure up.”

Continue reading

The Sophos World Cup ‘dream team': See which players made our roster

world-cupWhether you call it football or soccer, the FIFA World Cup is the ultimate sporting event. Thirty-two nations and the world’s top players, on the biggest stage, all vying for the chance to be called the world’s best.

To celebrate the World Cup, we picked some of the best players in the world and put them on our dream roster. And because we think many of the same qualities that make a great footballer also make great security products, we matched our top players with their counterparts from our product line-up.

Check out our roster — and let us know what you think. Who would you want on your team?

Continue reading

New release of Sophos Antivirus for NetApp

Version 3.0 of our high-performance malware scanner for NetApp filers, Sophos Antivirus (SAV) for NetApp, is now available.

The new version of SAV for NetApp, a component of Sophos for Network Storage, supports Data ONTAP C-mode and clustering, along with legacy 7-mode scanning. In either C-mode or 7-mode, SAV for NetApp provides the ability to protect multiple filers with a single scanning server.

The new release also brings reliability improvements and support for Windows Server 2012 and Windows Server 2012 R2.

Continue reading

How to protect your virtual desktops and servers? Try our product picker tool

virtualization-securityWe’ve got a handy little web tool you can use to figure out in seconds what kind of antivirus protection you need for your virtual desktops and servers.

Head on over to our virtualization webpage, where you can click through our quick survey. Tell us what you’re looking to protect, and we’ll show you the best approach and the right Sophos product (Sophos Antivirus for vShieldSophos Server Protection, or Sophos Endpoint Antivirus) for your needs.

You don’t need to register with your email address or anything — just click and go!

Continue reading

Sophos Antivirus for vShield and OpenSSL Vulnerability (Heartbleed)

With respect to the OpenSSL vulnerability (Heartbleed), we have audited all Sophos products and discovered that SAV for vShield versions 1.0 and 1.1 are affected by the vulnerability. We plan to have a patch available that can be manually applied early next week and will have an automatic update available during the next update cycle.

Please check our knowledgebase article, we will update it as we get more information.

Ian Lakie

Senior Product Manager

Sophos Antivirus for vShield trounces the competition

Server ProtectionA new report by the Tolly Group found that Sophos Antivirus for vShield “consistently outperformed Trend Micro Deep Security 9 and McAfee MOVE” in virtual server and virtual desktop (VDI) environments.

Sophos Antivirus for vShield provides centralized, agentless antivirus scanning for virtual machines (VMs) running on VMware’s ESXi hypervisor. It’s natural that an agentless solution would outperform traditional endpoint antivirus products, which have to be installed and run in parallel on each virtual machine. But, as it turns out, even agentless scanners vary quite a bit in their impact on VM and host resource use and performance.

Continue reading

How to protect your virtual machines from malware, without hurting performance

Virtual-machinesVirtual machines — whether running on VMware ESXi, Citrix Xen, or Microsoft Hyper-V — create an interesting security challenge. On one hand, they’re every bit as susceptible to malware and other threats as conventional systems. On the other hand, traditional antivirus software doesn’t always play nicely with dynamic, highly consolidated virtual environments.

In particular, the overhead of running multiple concurrent antivirus scanners on a single host can affect performance and scalability. Meanwhile, the constant starting, stopping, and cloning of virtual machines can leave systems unprotected.

A new Sophos whitepaper explores these challenges and presents two effective approaches to securing your virtual machines without sacrificing performance: agentless antivirus and virtualization-optimized endpoint security.

Continue reading