Sophos makes anti-virus protection more manageable

The recent high-profile outbreaks of the "Melissa" and "ExploreZip" viruses underscore the need for vigilant virus protection on every machine on an enterprise network. Vigilance is more than simply slapping a virus-protection package on a machine as it comes through the door and then forgetting about it; it means installing virus protection and ensuring that it is up-to-date and functioning properly.

Sophos Inc. offers a virus-protection solution with that requirement in mind in its Sophos Anti-Virus (SAV) product. SAV can be configured to meet a variety of needs in a variety of situations, including use on servers, clients and stand-alone machines.

SAV consists of two components—InterCheck and Sweep—that work together to provide virus protection. InterCheck ensures that every file accessed on a system is scanned for viruses by maintaining a list of virus-scanned files. If a system attempts to access a new file or one that has changed since it was scanned, InterCheck uses Sweep to scan the file for problems and then allows or denies access to the file. Administrators have a choice of three basic configurations:

* Deploying Sweep and the InterCheck server on a server and the InterCheck client on the clients. (Once installed on a server, the software can be deployed via log-in scripts to clients.)

* Deploying Sweep and InterCheck on the clients.

* Deploying SWEEP by itself to provide scanning only.

By offering this flexibility, Sophos allows administrators to pick the best configurations for their environments. You can maintain a central list of scanned files so that additional scanning on other workstations is minimized. You can offload scanning to servers to ease the burden on workstations, or vice versa. You also can deploy a stand-alone Sophos installation for machines that are not on a network.

SAV supports a wide variety of server platforms, including Microsoft Corp.'s Windows 3.1, Windows 95/98 and Windows NT, as well as Novell Inc.'s NetWare, several flavors of Unix, Compaq Computer Corp.'s OpenVMS and IBM Corp.'s OS/2. The Unix and OpenVMS versions of Sophos scan PC files stored on these systems for viruses. SAV client platforms include Windows 3.1, 95/98 and NT and Apple Computer Inc.'s Macintosh.

We configured SAV on a Windows NT server. We were able to set up SAV and get it running quickly. Although the multiple configurations of SAV can make setting it up a bit confusing, the excellent documentation and informative installer made the process simple.

After we loaded the software, Inter-Check scanned a new or changed file the first time it was accessed. After that, it would check files when they were opened again to see if the files had been changed and needed to be scanned again.

Sophos includes many options for alerting administrators to the presence of a virus. On Windows NT, these include the Event Log, Simple Mail Transfer Protocol mail and network communications. The options enable an administrator to track which viruses are found on the network and what paths the viruses are taking to get on to the network.

As new updates to Sophos become available, they can be deployed automatically to the clients on the network. This is a nice feature, but we would like to see more functionality for ensuring that clients are running Sophos. As it is, only the Windows NT version of the server will tell you which clients are running the software.If the recent outbreak of viruses has you rethinking your virus-protection strategy, Sophos' combination of ease of use and centralized management and reporting of virus protection make it worthy of your consideration.

-- Hammond is a Denver-based free-lance writer. He can be reached at


Sophos Anti-VirusSophos Inc.(781)

Price and Availability: The Sophos Anti-Virus server license is available on the open market starting at $595.

Remarks: If you're looking for an enterprise virus protection package with centralized reporting and management features, Sophos should be on your short list.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.