When Dan Schiappa was approached to join security vendor Sophos Inc. just over a year ago, he said he’d only leave if he could “radically change” its client applications.
Today the next step in his overhaul was officially announced: The addition of what the company calls Malicious Traffic Detection to its desktop agents for organizations subscribing to the Advanced version of its Endpoint Protection suite.
MTD does what network devices do: Look at traffic, decide if a file talking to a bad site, and take action. But Schiappa, now senior vice president and general manager of Sophos’ Enduser Security Group, said MTD can be a “huge advancement” over network security because endpoints aren’t always on the corporate network. Staff may work from home or a hotel and don’t need a VPN, he said, but still need to be protected when logging onto the corporate network.
MTD is also a boon for organizations that allow staff to bring their own devices, he added, or allow partners to access their network
Malicious Traffic Detection was quietly added to Endpoint Protection in December, but the company is only announcing it now.
Schiappa came from Microsoft Corp., where he headed the Windows security team. Before that he worked at RSA.
The addition of Malicious Traffic Detection is part of a new component architecture Sophos has created which includes what the company calls System Protector, that correlates data from components like MTD to identify threats. The new architecture will allow constant feature upgrades. “What we’re announcing (today) is the first piece of many small new introductions”, with MTD. “We’ll be introduce more components going forward” and update them regularly. “This way our customers will get the benefit of constant innovation without waiting for big releases.”
For example, coming soon is Application Tracking, which will capture data on every file on the system such as where it came from, how long did it run. Combined with Sophos Cloud (the SaaS version of thecompany’s management suite) and MTD, administrators will be able to create a policy wherever a user goes and to each device. It will also will allow the sharing of more information on subscriber devices to determine if a system has been infected.
Also on Tuesday Sophos announced SafeGuard Encryption 7, a full disc and file encryption for Windows and Macintosh platforms. However, Schiappa acknowledged that few new big features were added. The big change is a new architecture, setting up a major revision possibly this year.
Also new is Mobile Encryption 3, which integrates with SafeGuard Encryption and now supports Android devices.