Please note
This is our all-in-one roundup reviewing every Sophos consumer security solution for 2021. On this page, after our brief intro, you’ll find
(a) a full evaluation of Sophos Home Premium, along with our review of the free offering
(b) Sophos Home Free
You can jump to the reviews of those individual products by clicking on the links in the bar at the top of this page, but bear in mind that this article is really designed to be read all the way through, as when we evaluate the free offering, we refer back to features and capabilities discussed in the Home Premium review.
Sophos' consumer antivirus range is refreshingly simple. There's no densely packed comparison table stuffed with technical features, no pricing scheme so complex you need Excel to figure it out: there are just two straightforward products.
Sophos Home Free covers the security basics, with antivirus and malicious URL blocking. But there are also simple parental controls (unusual for a free app), including content filtering to block web content by type. And a web dashboard enables remotely viewing and managing the status of up to three other devices running the package.
Sophos Home Premium extends this with anti-phishing, advanced real-time threat prevention, an extra anti-ransomware layer, privacy tools (including webcam protection), and what the company calls 'advanced malware scan and clean.'
Opting for Premium gets support for up to ten devices, and these can all now be monitored from handy iOS and Android apps. (These have no security features of their own, though - they're purely for management of your Premium-protected devices.)
There's also live chat and email support, although it's for limited hours only: 8am to 8pm EST, Monday to Friday.
Prices are reasonable, with a 10-device, one-year Home Premium license costing just $42 for the first year, $60 on renewal. The equivalent Bitdefender Antivirus Plus license costs $80, and even a single device license is $20 initially, $40 on renewal.
Sophos Home Premium
Download the Sophos Home Premium trial, hand over your email address and within a couple of minutes it'll be installed and running an initial system scan.
This isn't a speedy process, with the app taking 54 minutes to scan our 50GB of test executables, 23:32 on the second run. Most antivirus take 15-30 minutes first time, and by scanning only new and changed files, subsequent runs can be very fast (Bitdefender managed 27 seconds.)
We were surprised to find Sophos Home had added around 1.4GB of files to our system (we're seen far more powerful suites use much less.)
Sophos Home also required 17 background processes and a handful of drivers running in the background, more than we've seen in any recent review.
Running top benchmark PCMark Professional before and after installing an antivirus gives us a measure of its performance impact, and Sophos Home Premium sapped our speeds more than most, cutting our score by 4.6%. That's not far away from vendors like Trend Micro (4%), Norton (3.3%) and AVAST (3.2%), but it can't match the lighter touch of Avira (1.7%), Bitdefender (1%) and Kaspersky (0.6%.)
There's another potential downside in having so many active processes, in that this could give malware more opportunity to attack and perhaps disable your protection. We test this in several ways – by trying to kill or stop processes, delete key files, pause or remove services, unload filter drivers and more – but Sophos' tamper protection did its job, blocking everything we attempted.
Interface
Double-click the Sophos Home system tray icon and the program's very simple interface appears. There's some status information (last update, last scan time), a Scan Computer button, and a handful of other buttons for lesser functions (management, settings and a few other bits and pieces – more on those later).
Tap the Scan button and Sophos Home runs a full system scan on your PC. There's no upfront way to customize the scan, and no quick scan, or removable device scan, or indeed any other scan type.
Sophos adds a right-click option to Explorer, which is useful as a way to scan a particular file, folder or drive. Unlike Bitdefender and Kaspersky, though, this doesn't support simultaneous scans. If it's busy running a lengthy system scan, and you try a right-click scan from Explorer, you're warned that 'a scan is already running, try again later.'
Sophos also adds an icon to your system tray, but it doesn't do very much. You can left-click it to launch the program, but that's it; there's no right-click menu with shortcut options, and the icon doesn't change to reflect the app state (scanning, virus found, and so on).
This simplicity certainly means that Sophos Home is easy to use, but if you're looking for any level of power or control over the app, expect to be disappointed.
Antivirus options
Sophos Home does have some security options and settings, but they're only available via a web interface. Tap the Settings button, for instance, and a browser tab opens at the Sophos website. Log in and you can then begin configuring the program.
If you're thinking this is a little inconvenient, we agree. But once you're logged in, it doesn't take any more time, and it does at least mean the support pages are only a click or two away, if you need them.
This kind of central management is also good news if you're intending to use Sophos' remote device management features. If your family aren't technical types, for instance, you don't have to worry about them messing with low-level antivirus settings, because the client doesn't have any. If there's a problem, they can contact you, and you're able to log on and make whatever tweaks you need within a couple of minutes.
The Sophos Settings pages open at the Protection tab, where there are tools to schedule scans and exclude particular drives, files and folders from checks.
Advanced options include the ability to enable or disable multiple techniques used by Sophos to block common exploits. There's specific exploit protection for browsers, browser plugins, Java and more; prevention of privilege escalation, code cave utilization and APC violations; and further layers to fool sandbox-aware malware, prevent backdoor traffic, protect against DLL hijacking, and more.
These lists are interesting, and it's good to see Sophos covering so many common attack vectors. But as almost all of these settings are highly technical, and turned on by default, they're unlikely to help most users.
For example, even if you know that the 'APC violation' switch aims to 'prevent attacks from using Application Procedure Calls (APC) to run their code', would you be confident enough to know when it should be turned off, and what the consequences might be? (It's okay, we're not even slightly qualified to decide that, either.)
It's good to see that Sophos Home Premium has at least some configuration options, and the ability to schedule scans and exclude particular objects is helpful. But the other settings won't make much difference to anyone, and overall, the package is still distinctly short on genuinely useful settings and tweaks.
Protection
To get an initial idea of how well an antivirus performs, we'll typically check its results with the main independent testing labs. Unfortunately, that's not so easy with Sophos Home, as it's not covered in most of the reports we follow.
Sophos Home is included in the SE-Labs Home Anti-Malware report for July-September 2020, though, and its results were poor, with the company ranking equal 11th out of a field of 14 (it only clearly outranked Malwarebytes Premium.)
Sophos enterprise products are covered in a handful of other tests, and although these results can't tell us much about Sophos Home, they do give us some idea of how Sophos performs against other companies.
Sophos appears in the August-November 2020 Enterprise version of AV-Comparatives' Real-World Protection Test, for example, where it ranked 12th out of 19 contenders. This lagged behind big antivirus names including Kaspersky (1st place), Avast (2nd) and ESET (5th), but outperformed some more enterprise-oriented companies; CrowdStrike (14th), VMware (16th), Cisco (17th) and so on.
MRG Effitas 360 Assessment & Certification reports certify products as meeting a set standard, rather than simply awarding a score. The first report of 2020 included Sophos business-oriented Intercept X product, though, and this was one of nine to achieve the probably-good-enough Level 2 certification (Bitdefender, ESET and Symantec were the only three to reach Level 1.)
We ran some further tests of our own, beginning with behavioral checks, where custom executables exploit common Windows tools and tricks to weaken security settings and download malicious files.
Sophos Home Premium seemed unconcerned about most of this, ignoring the behavior and allowing our executables to keep running. Trend Micro was much tougher on our apps, spotting their unusual actions and closing them down immediately, and Bitdefender and Kaspersky weren't far behind.
The engine did immediately detect and quarantine any malicious files, though. And Sophos' detection is so good that even our custom ransomware was blocked before it could touch our test documents. (Some antivirus only realize there's a threat after it begins encrypting files, many never detect it at all.)
Sophos clearly performs well in some areas, then, not so much in others. We think SE-Labs' 11th out of 14 is probably fair; it's not great, but it's also far from the worst we've seen. There's not a lot of data to go on, though, and we would like to see Sophos Home covered at AV-Comparatives and AV-Test to get a clearer idea of how it compares to the competition.
Blocking malicious URLs
Sophos Home Premium includes a simple web protection layer which aims to keep you safe from dangerous websites. That's great, but beware, it only works with the most common browsers (Chrome, Firefox, Edge, Safari, Internet Explorer.)
We tried to visit some up-to-date malicious links provided by top security company MRG Effitas and Sophos caught them all, raising desktop notifications to highlight the problem.
The app didn't falsely flag any websites during testing, but if that happens to you, there's no 'let me in anyway' button or other quick way to bypass Sophos and load the page.
To get around the block you must open the Sophos Home Premium console, click Settings > Web and enter the URL or domain you'd like to whitelist. Not difficult, at all, but it could still be a hassle if it happens regularly.
Of course, if you're looking to impose restrictions on someone else – maybe your kids or employees, for example – making it more difficult to get around this web protection could be a real plus. Just keep in mind that if they install and use an unsupported browser, such as Brave, they won't be restricted at all.
Content filtering
Sophos Home Premium has one of the shortest feature lists in the antivirus world, but poke around in the web-based Settings menus for a while and you'll find one unusual extra: a simple parental controls-like content filtering system.
Don't get excited – it's extremely basic. There are three lists of site types: 'Adult & Inappropriate', 'Social Networking & Computing' and 'General Interest', and these include various content areas which you might like to block: 'Drugs', 'Violence', 'Networking' and so on. All areas are enabled by default, but you can disable any with a click.
It doesn't take long to begin spotting issues. There's no single item to block social networking sites, for instance. And while there's a site whitelist for domains which should never be blocked, Sophos Home doesn't provide a blacklist to specify sites which should never be available.
Still, it's easy enough to get started, and you can limit access to the worst of the web in a very few clicks.
Once the system is set up, attempting to visit a site in a no-go category got us a desktop notification, and a message in our web browser explaining that Sophos Home had blocked access to the site.
While that sounds good, there's a problem. As with the malicious URL filter, the content filtering system blocks access from the top browsers only, so if a user installs something like Brave they'll be able to view whatever content they like.
Tech-savvy teenagers will bypass Sophos Home Premium without much difficulty, then. But if you're just looking for something to protect very young children from discovering web nastiness by accident, this feature could still be useful.
Bonus features
Although the Sophos Home Premium interface lists Privacy as one of its layers of protection, this only includes a single item: monitoring for webcam hijacking.
We tried grabbing a frame from the webcam with a custom app of our own. A very obvious alert appeared in a blue band across the center of our screen, much better than the small (and quick-to-disappear) desktop notifications you'll get with some products.
The alert asked us whether we'd like to block or allow our app to access the webcam. We tapped Allow, and our app was able to grab its frame.
That's all good news so far, but once again, there's a catch or two.
The first problem is webcam access alerts aren't consistent. The warning generated by our application was very clear, but when we tested webcam use via a website, Sophos Home only displayed a small notification that 'Host Process for Windows Services 10' required access, and didn't give us a Block/ Allow choice. A user might easily assume that this is a legitimate Windows process and so not an issue.
The second issue is even more fundamental: Sophos Home Premium doesn't maintain a blacklist or whitelist of our decisions, and instead, every time we ran our app, it asked us if we'd like to approve access again.
Sophos' webcam protection can keep you safe to a degree, then, but it's extremely basic, and some users may eventually turn it off to avoid annoying alerts.
Sophos lists several other features as a part of Home Premium's armory, but they're not always easy to test.
The company says, 'Sophos Home supports password security by preventing malware from stealing your usernames or passwords stored in your machine’s memory', for instance, but we don't have a meaningful way to measure that.
The company claims Home can 'secure your banking and credit card information against malicious third parties and keylogger software.' We're unclear how they're protecting users from 'malicious third parties', but the keylogger claim is easier to check.
We ran a keylogger of our own, launched Chrome and logged into a couple of sites. Checking the logs, Sophos had done its job; our keylogger recorded a character for everything we typed, but it was scrambled, so for instance 'password' became '7xhnkw63.' We don't know how many processes it protects, but even if it's the main browsers, that's a handy extra feature and a positive way to end the review.
Final verdict
The lack of features and configurability may be a problem for experienced users, but Sophos Home could be worth a look if you're after a simple centrally managed antivirus to protect several desktop PCs. It helps that the price is right, too.
Sophos Home Free
Equipping your PC or Mac with Sophos Home Free is quick and easy. Sign up with an email address, download and install the app, and it's ready to go within two or three minutes.
Sophos Home Free looks and feels much like Sophos Home Premium. As it comes with a 30-day free trial of Home Premium, that's no great surprise, but even when the trial has expired, there are barely any visible changes.
The interface looks much the same, with little more than a Scan button and a scattering of settings accessible from Sophos' web dashboard.
The only real extra is a content filtering system which enables blocking access to websites by their content type (adult, violent, drugs and so on). But as we discussed in the Home Premium review above, it's basic, easy to bypass, and you'll probably be better off with something else.
This lack of features will be a problem for many, but it's really the point of the package. It's not aimed at experts who want to create their own custom scan types and define different scan nesting depths for individual archive types. It's a stripped-back antivirus, simple enough that it can be used by the most non-technical of newbies, which you can just leave running in the background to keep you safe.
Sophos Home does have one bonus for those looking to protect multiple devices: you're able to tweak, monitor and manage the security of all your devices from a central web dashboard. If you're installing Sophos for several family members, say, who don't want to spend time learning low-level security details, that could be a real advantage.
Protection
Although Sophos Home Free looks like Home Premium, it does leave out a number of important features.
Some of these are very specific. There's no anti-keylogger layer to protect your browser, for instance. No protection against webcam hijacking. No live chat or email support. And you can manage a maximum of three devices on a Sophos Home Free account (Sophos Home Premium can handle 10).
Other differences are harder to define. Sophos Home Free doesn't include 'advanced real-time threat prevention' or 'advanced malware scan and clean', for instance, but the company doesn't explain exactly what this means, or what the impact might be.
Should you use this version, then? The free build caught everything we threw at it, but our tests were too small-scale to give a definitive verdict. We would normally try to get confirmation of an antivirus app’s abilities by checking results from the big testing labs, but they mostly don't cover Sophos Home. And even when they do, they're typically looking at Sophos Home Premium, not Free.
Sophos Home Free is an interesting product, simpler than most competitors and with handy central management of all your device security. It's extremely short on features, though, and we'd like to see more coverage from the testing labs, too.
Check Sophos Home out anyway, especially if you're looking to protect a large number of devices. But focus on Sophos Home Premium, not Free – at $42 to cover up to 10 devices for a year, it's already very cheap, and the extra features are worth the minimal cost.
- We've also highlighted the best antivirus software
from TechRadar - All the latest technology news https://ift.tt/2JNAqiF
No comments:
Post a Comment