Sophos Readying Cloud-Based Endpoint Protection For MSPs


U.K.-based Sophos is retooling its endpoint protection platform, readying a cloud-based option for small and mid-sized businesses, according to Sophos CTO Gerhard Eschelbeck, who sees the platform's Web-enablement as the cornerstone for getting Sophos products to grab managed service providers' attention.

In an interview with CRN, Eschelbeck said his goal is to Web-enable the entire Sophos portfolio so managed service providers can deploy the security software and remotely service customers. The goal is to deploy the endpoint protection without requiring customers to maintain a local management server for policies and reporting capabilities, he said.

"There's a push for a significant cloud-based model, and partners have expressed interest in providing cloud-based services as well," Eschelbeck said.

[Related: 6 Steps To Address BYOD: A Security Management Roadmap]

Management of the policies and reporting will be happening through a centralized cloud application, Eschelbeck said. Endpoint protection is the first phase of Sophos' Web-enablement, followed by Web filtering capabilities, networking and mobile capabilities over the next year, he said. The company will also continue to support its current set of on-premise endpoint protection, data protection and network security products.

Sophos competes in a crowded market for endpoint protection platforms, with the bulk of its customer deployments in Europe. Sophos provides antimalware, vulnerability monitoring and data loss prevention capabilities, and it's integrating its 2011 purchase of security appliance maker Astaro. It's portfolio also includes disk encryption and mobile device management.

Sophos hasn't had the same success in the United States, where it has run into trouble unseating U.S.-based market stalwarts McAfee and Symantec, said Chris Morales, a senior analyst in the enterprise security practice at the 451 Group. The company continues to try to gain ground by aiming its portfolio at small and midsized businesses, he said.

The company is trying to put some weight behind its push into the U.S. market. In February, the company announced the hiring of former-Fortinet executive Michael Valentine as its new channel chief. Valentine told CRN in an interview at the 2013 RSA Conference that he would boost efforts to attract more partners.

In January Sophos changed its licensing from per-device to per-user, differentiating it in the market as a value player. The idea is that smaller organizations with limited IT budgets can reduce costs under Sophos because employees now have multiple computers to protect, from desktops and laptops to mobile devices, Morales said.

"Sophos is consolidating, integrating and managing costs to make its products easy to use," Morales said. "Most organizations study the cost of doing a replacement and typically find that a rip and replace project is not cheap and usually more expensive than the product itself."

In 2011, Sophos brought Eschelbeck in when the company was managing the fallout following a prominent security researcher's intense review of its endpoint protection platform. At Black Hat 2011, Tavis Ormandy, an independent security researcher who also works as an information security engineer at Google Inc., issued a report detailing serious design and implementation weaknesses in the Sophos software. Sophos addressed the criticism publicly, accepting the findings and rolling out updates to correct weak encryption implementations and other issues.

Eschelbeck believes the company has turned a corner from the incident. He has a long history in the security industry, starting out as vice president of engineering at McAfee. Shortly thereafter, he served as CTO at vulnerability management vendor Qualys Inc. Eschelbeck said that despite some naysayers, he helped build out Qualys' technology platform for vulnerability management-as-a-service. And, before joining Sophos, Eschelbeck was at Broomfield, Colo.-based antivirus vendor Webroot, where he built out cloud-based Web and email security services.

"We're now in an era where we need to provide the ability to bring all these products to market in a unified way through the cloud," Eschelbeck said. "It's about having integrated products, a common user interface and common reporting."

PUBLISHED APRIL 10, 2013