NYES Digital Logo

Sophos – Intercept X for Servers Advanced


Defend your data from malware without sacrificing server performance. Sophos Server Protection protects your server environment from malicious attacks while keeping your servers running at optimum performance. Designed to secure business- critical servers

SKU: 186 Categories: ,

Note - no other Sophos licenses are required for the server with the Sophos Intercept X for Servers Advanced license


Defend your data from malware without sacrificing server performance. Sophos Server Protection protects your server environment from malicious attacks while keeping your servers running at optimum performance. Designed to secure business- critical servers, Sophos Server Protection includes server application whitelisting, advanced anti-malware, and behavior analysis. It’s server security made simple, providing protection for your Windows, Linux, and UNIX systems, whether you’re running physical or virtualized servers, on premise, or in the cloud, including Amazon Web Services (AWS) and Azure.



Protects Windows, Linux, and UNIX systems with minimal resource use

Protects against ransomware running locally or remotely

Synchronized Security with Destination Heartbeat

Protects and manage server policies for auto- scaling groups in AWS

Protects server images in Azure

Server Lockdown with application whitelisting

Advanced, policy-based rules

Simplified management from the cloud or an on-premise console


Better protection 

Sophos Server Protection offers innovative features like anti-ransomware and pre-execution emulation for identifying suspicious behavioral patterns, giving you the broadest protection for your servers and data, including from zero-day attacks. Our CryptoGuard anti-ransomware detects and intercepts unsolicited encryption of files, resulting from ransomware running on a remote endpoint that is connected to the server. Server Lockdown uses application whitelisting to secure servers with a default deny policy, preventing all unauthorized applications from executing. Once a server is locked down, anti-malware and a Host Intrusion Prevention System (HIPS) behavior analysis prevent content-based threats (such as an infected PDF or Word document) that could otherwise exploit vulnerabilities within whitelisted applications.

Sophos Server Protection also includes Malicious Traffic Detection, which monitors for traffic associated with malware. This feature enables early detection and removal of malware, along with Synchronized Security with Security Heartbeat to accelerate threat discovery, isolation, and remediation.


High-performance security built for servers 

Servers are the repositories for the majority of most organizational data. With users needing continuous access, maximum uptime and optimal performance are of utmost importance. The server-specific policies provide out-of-the-box protection, giving you granular control of the lightweight agent. A variety of server-specific techniques enable small and fast updates, designed to require fewer server resources and mitigate any impact. Automatic application exclusions for key business applications, like Exchange or SQL, prevent false positives and needless rescanning of files.


Simple to use, including one-click Server Lockdown 

Sophos Server Protection Advanced is the only solution that locks down your server with a single click, securing servers in a safe state and preventing unauthorized applications from running. With that click, Sophos automatically scans the system, establishes an inventory of known- good applications, and whitelists just those applications. Other whitelisting applications require the manual creation of rules to secure scripts and other system files, but Sophos manages the connections between applications and the associated files, such as DLLs, data files, and scripts.

Server Lockdown is only an example of how Sophos has made server security simple. With policy- based rules for server groups, as well as application, peripheral, and web control, Sophos makes it easy to control what happens on your servers, whether they be physical, virtual, or in the cloud


Cloud or on-premises management 

When it comes to managing your servers, you have options. Our cloud-based Sophos Central, hosted by Sophos, provides instant access to new features with no console servers to set up and maintain. It also manages other Sophos products, including Endpoint, Mobile, Wireless, Email, and Web — all from a single pane of glass.

If you prefer to manage your servers with an on-premises console, Sophos Enterprise Console provides you with that option. Either way, you get sophisticated functionality coupled with a simple, intuitive interface for your servers and your users’ workstations, too.


Intercept X Advanced for Servers 


Features include: 

Deep Learning The artificial intelligence built into Intercept X Advanced for Server is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures.

Exploit Protection - Denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. This allows Sophos to ward off evasive hackers and zero-day attacks in your network.

Active Adversary Protection - Protects against advanced hacking techniques performed by attackers to establish their presence on a device, steal credentials, escalate privileges, or gain more enduring access, including Code Cave mitigation and credential theft protection.

WipeGuard - Advanced anti-ransomware protection, preventing adversaries from encrypting the master boot record (MBR).

Root Cause Analysis - Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers guidance to help remediate infections today and bolster your security posture.


Central Server Protection 

Features include: 

Malicious Traffic Detection (MTD) - Monitors HTTP traffic for signs of connectivity to known bad locations such as command and control servers, an early indicator that a new piece of malware may be present.

 Synchronized Security Heartbeat™ - Synchronized Security simplifies and unifies defenses with real-time intelligence sharing between your servers and firewall. Get better protection against advanced threats and spend less time responding to incidents.

Web Control - Provides control of potentially inappropriate websites for acceptable use by site category.

Application Control - Point-and-click blocking of applications by category or by name. Enables administrators to block certain legitimate applications from running on servers.

 Peripheral Control - Enables you to monitor and manage access to removable media and peripheral devices connected to your physical servers.

Data Loss Prevention (DLP) - Designed to reduce the risk of accidental data transfer to removable storage devices, corporate web browsers, email clients and IM clients.

Windows Firewall Control - Provides the ability to monitor and control the native firewall on Windows servers.

Cloud Workload Discovery (AWS Map View) - Attackers take advantage of unused cloud regions to avoid detection. Sophos now discovers workloads in every public AWS region, even the ones you are not actively using.


 Intercept X Advanced for Servers
Automatic Scan Exclusions (AWS and Azure) Yes
Cloud Workload Discovery Yes
Peripheral Control Yes
Web Control Yes
Application Control Yes
Data Loss Protection (DLP) Yes
Malicious Traffic Detection (MTD) Yes
Synchronized Security Heartbeat Yes
Server Lockdown (Whitelisting) Yes
CryptoGuard Yes
WipeGuard Yes
Active Adversary Mitigation Yes
Exploit Protection Yes
Root Cause Analysis Yes
Deep Learning Yes