Advice Request Anyone on the new Sophos Home Beta?

[Deleted Member 3a5v73x]

This is my 2nd year on testing sophos beta
I got it by e-mail
And it’s very good but many bugs

What bugs exactly? You could write them down here to see if they could be replicated and afterwards reported to Sophos Home devs. Just by telling that product has 'bugs' ain't gonna make it better. There is no software without bugs, there is only discovered and undiscovered bugs, and if you are in a beta testing program, you are there for a reason for specific software devs to recieve feedback and suggestion from you, otherwise you just consume the 1 seat of Sophos Home Beta's 10.000 seats, which was reduced from 50.000 seats last year Beta, since they didn't get much feedback and people have little understanding what Beta products in general is all about.

 

[Hollow]

What bugs exactly? You could write them down here to see if they could be replicated and afterwards reported to Sophos Home devs. Just by telling that product has 'bugs' ain't gonna make it better. There is no software without bugs, there is only discovered and undiscovered bugs, and if you are in a beta testing program, you are there for a reason for specific software devs to recieve feedback and suggestion from you, otherwise you just consume the 1 seat of Sophos Home Beta's 10.000 seats, which was reduced from 50.000 seats last year Beta, since they didn't get much feedback and people have little understanding what Beta products in general is all about.

I know mate
I periodically report the problems and provide feedback to improve product

 

[jtshadow92]

That's fair. Not to go off topic anymore, but IMO it's a bit of a yes/no answer. WD IMO is barely noticeable provided that you aren't installing/uninstalling a lot of programs and transferring a lot of files on a very regular basis, that's were WD has it's biggest impact. If you aren't doing those things very frequently, like in my case, you don't even notice it. Again, everyone may have a different opinion on the matter and that's totally fine. I'm just speaking from my own personal experience and for me in my day to day usage, I don't feel it at all. Doesn't mean that MS can't improve on it though.



Ya it's web browsing has a slight impact that is still there from the previous version, not very much, but it's there. I think they have addressed a lot of issues with this new version, but the product as a whole is still very much a work in progress. As I've said in my previous post, I think this new version will make a lot of people happy, but it still may not meet everyone's needs and that's fine, as no product can meet everyone's needs. The way I look at it, SH/SHP are still very new products compared to the other product/vendors out there and will take time to get to where the others are currently.

I do agree that they have a ton of processes running. Adding them all up was about 160mb, which isn't bad at all, but it's still a lot of processes. If I could suggest another area that Sophos can improve on with these products, it would be to consolidate as many processes as they can and hopefully they can cut it down to potentially 1-3 process max.

I totally agree with you!

 

[SComelli]

I think version 2.0 is now out of the beta: my 3 PC are upgraded to v2.0.11 and I've never opted into the beta ...

 

[notabot]

2.x feels lighter than 1.x on my old PC. The online dashboard doesn’t show anything related to intercept X/ML.

For my new laptop I’ve spent the time to configure Win 10 native security mechanisms, so I’ll pass on Sophos there.

2.x feels lighter and with intercept x and quarantine it is a significant improvement over 1.x but tbh the only advantage I see it having over Windows Defender is the web dashboard to manage many machines.

- There’s no testing suite to verify if all modules work as intended.
- There’s little configurability with respect to how aggressive we want the AV to be. Windows Defender is very configurable via group policy.
- There’s nothing like ASR
- no 2FA on Sophos home login page
- we have no info on what’s being scanned & monitored and whatnot, eg what happens to a file not present in whitelists ? What happens with svchost processes? What happens with scripts ?
- there’s no configuration regarding what’s being uploaded.
- we have no clue how well it performs under various scenarios because it doesn’t participate in tests.

I don’t think it’s a bad suite and the devs clearly worked hard for this release but to the extent it can’t beat free (WD), realistically there’s significant room for improvements.

 

[ForgottenSeer 72227]

2.x feels lighter than 1.x on my old PC. The online dashboard doesn’t show anything related to intercept X/ML.

I'm not sure if you were referring to this, but there is a ML setting that is on by default. Also, the Intercept X, is really the HMPA componets, so pretty much everything under the exploit settings.

I don’t think it’s a bad suite and the devs clearly worked hard for this release but to the extent it can’t beat free (WD), realistically there’s significant room for improvements.

I agree!

It has come along ways and for me personally I quite like the changes/improvements.

I think you make a great point about it compared to WD and the features within W10, but IMHO I think the same can be said for pretty much all 3rd party AV's/suites. If one really takes the time to tweak/harden Windows what are you really getting by going to 3rd parties? Like it or not MS is slowly making 3rd party security suites irreverent. I mean just look at the hub results for Hard Configurator which is nothing more that a program to easily take advantage of the security/hardening within W10. From what I've seen, its pretty much damn near perfect.

Don't get me wrong, there are some great 3rd parties out there, I think Sophos is one of them, but I think it will be a matter of time before they take their final bow and leave the stage, at least for consumers that is.

 

[ZeroDay]

I'm not sure if you were referring to this, but there is a ML setting that is on by default. Also, the Intercept X, is really the HMPA componets, so pretty much everything under the exploit settings.

View attachment 207014




I agree!

It has come along ways and for me personally I quite like the changes/improvements.

I think you make a great point about it compared to WD and the features within W10, but IMHO I think the same can be said for pretty much all 3rd party AV's/suites. If one really takes the time to tweak/harden Windows what are you really getting by going to 3rd parties? Like it or not MS is slowly making 3rd party security suites irreverent. I mean just look at the hub results for Hard Configurator which is nothing more that a program to easily take advantage of the security/hardening within W10. From what I've seen, its pretty much damn near perfect.

Don't get me wrong, there are some great 3rd parties out there, I think Sophos is one of them, but I think it will be a matter of time before they take their final bow and leave the stage, at least for consumers that is.

Exactly that ^^ MS have done and continue to do a great job at securing Win 10 third party security software is no longer really needed let alone a necessity.

 

[notabot]

I'm not sure if you were referring to this, but there is a ML setting that is on by default. Also, the Intercept X, is really the HMPA componets, so pretty much everything under the exploit settings.

View attachment 207014




I agree!

It has come along ways and for me personally I quite like the changes/improvements.

I think you make a great point about it compared to WD and the features within W10, but IMHO I think the same can be said for pretty much all 3rd party AV's/suites. If one really takes the time to tweak/harden Windows what are you really getting by going to 3rd parties? Like it or not MS is slowly making 3rd party security suites irreverent. I mean just look at the hub results for Hard Configurator which is nothing more that a program to easily take advantage of the security/hardening within W10. From what I've seen, its pretty much damn near perfect.

Don't get me wrong, there are some great 3rd parties out there, I think Sophos is one of them, but I think it will be a matter of time before they take their final bow and leave the stage, at least for consumers that is.

Just double checked I don’t have the artificial intelligence frame at all, so for whatever reason I may not have ML at all for Sophos Home Premium 2.x

Which brings us back to the point on being able to test config, had I not posted here I wouldn’t know it was supposed to be enable-able or on by default, if it’s running or not, if it’s running correctly or not etc.

 

[ForgottenSeer 72227]

Just double checked I don’t have the artificial intelligence frame at all, so for whatever reason I may not have ML at all for Sophos Home Premium 2.x

Which brings us back to the point on being able to test config, had I not posted here I wouldn’t know it was supposed to be enable-able or on by default, if it’s running or not, if it’s running correctly or not etc.

Hmm if you are indeed running SHP, then maybe they haven't fully rolled out everything just yet. So far there doesn't seem to be any announcement from Sophos about the official release of SHP 2.0, so my assumption is that they haven't rolled it out officialy just yet. When I download it, I still have the beta tag on both the dashboard and the program it's self. Maybe give it another couple of weeks and see if Sophos officially releases it. Chances are if there is an announcement on their website, its officially released.

 

[Deleted Member 3a5v73x]

Windows 2.0.11 and Mac 2.0.9 - January 22, 2019

Applies to: Sophos Home Windows 2.0.11, Sophos Home Mac 2.0.9

Windows 2.0.11
Fixes

• CHOME-5124 - Messaging butons are missing on high DPI displays
• CHOME-5114 - slow boot issue on a very small number of Windows machines
• CHOME-5112 - BSOD on reboot seen on 1 Windows machine

Mac 2.0.9
Fixes

• CHOME-4560 - Initial fast scan aborts automatically
• CHOME-4989 - Text changes for auto-clean off scenarios for clarity
• CHOME-5088, 5089 - Scheduled scan bug fixes

Features

• CHOME-5029 - Mac Smart Scan (run a scan 48 hours on the behavioral detection)
• CHOME-4999 - System extension approval is now mandatory within the app on initial install

 

[Deleted Member 3a5v73x]

As of starting from the build 2.0.11, it's no longer in BETA. Previous stable versions of 1.3.x should be automatically upgraded in the background to the latest 2.0.x

 

[ForgottenSeer 72227]

As of starting from the build 2.0.11, it's no longer in BETA. Previous stable versions of 1.3.x should be automatically upgraded in the background to the latest 2.0.x

Glad to hear that it's been offically released. Couple of quick questions, since I was part of the beta testing, does that mean I am still part of the beta program, or will the beta tag disappear after a short while from the dashboard?

Also, in the case of @notabot not seeing ML in the settings, are all the new features being rolled out gradually, or should it be there?

 

[SComelli]

Yesterday "Artificial Intelligence - Machine Learning" has been enabled on my 3 PCs running Sophos Home Premium.

 

[amico81]

is the new quarantine feature available for all versions inclusiv the free home version?

 

[davisd]

Sophos Home is out of Beta and is Final now. 30/01/2019
Sophos Home: Cybersecurity Made Simple

is the new quarantine feature availabe for all versions inclusiv the free home version?

Quarantine is also available in Sophos Home Free.
Excluding a file or application from Machine Learning detection (can be used as a reference for Free version users as well.)


As for a side note, AI (Machine Learning) is NOT included in the Free version.
Comparison Of Sophos Home Free and Sophos Home Premium

See the future of cybersecurity with the new version of Sophos Home

All versions have new features
In addition to the features that are new for Sophos Home Premium for PC, above, all versions of Sophos Home have had an update.

• Scheduled Scan – Users can now setup and administer scheduled file system scans for customized protection.
• Quarantine – More advanced users can now reconcile true and false positive file detections.
• UI Enhancements – Updates to the user interface make it easier to manage multiple devices’ security from one web browser, wherever the device is.

 

[Mahesh Sudula]

Hi All,
Sophos 2019 version is out. Received an email offering a continual beta license again for 1 year.Appreciate that !

 

[ForgottenSeer 72227]

Glad to hear that it has been finally released! Since it has now been officially released I'm curious as to what others think of the changes? @ForgottenSeer 58943, have you had a chance to play with it? I know that you didn't get a chance to try the beta.

Looking forward to see it being tested, curious to see how the "ML" component does.

 

[Mahesh Sudula]

Glad to hear that it has been finally released! Since it has now been officially released I'm curious as to what others think of the changes? @ForgottenSeer 58943, have you had a chance to play with it? I know that you didn't get a chance to try the beta.

Looking forward to see it being tested, curious to see how the "ML" component does.

I just tested it against one sample "Trick bot' for which it didn't have signature
It blocked it successfully with dynamic detection "ML.PE.A" after 2-4 mins it's remnant was deleted and detected as "ML.PE.C".
Moreover they added some tamper protection..I did see it in action .
Ok with the improvements..however testing in the long run would give us more insight

 

[LahiruRajinda]

Didn't use it in a while. Logged in to try the Beta. Too bad my premium license expires in 4 days.

 

[notabot]

I’ve kept it on my old machine. It flagged some executables that misused register shifts, I know they’re not malicious but interceptX static analysis looks quite strong.

That said, to install it in a new machine I’d want to see

1) something like WD’s protected folders , on top of the existing anti ransomware features
2) totp/u2f 2FA on their web dashboard
3) to be able to configure more real time protection, eg I’d want something like WD’s “Block at First Sight”.
4) AMSI
5) ASR-like functionality in its behavior blocking
6) test files so that I can verify each advertised feature works as intended
7) block autorun, not just autoplay
8) Allow hardening of hips rules

All I’m asking is features that are there for free alternatives

Integration of mobile devices into the web dashboard would also be nice