Sophos released its latest version of what it simply calls (free) and (paid) just before we began testing, and as such it may have a leg up on competitors that have revisions in progress. As it stands, the set of features, cloud-based configuration, and price make it the outstanding entrant in the field. On its anti-virus performance, it’s not perfect, but it’s close. AV-TEST found it detected 98.4 percent of macOS malware, over 95 percent of macOS PUA, and over 99 percent of Windows malware. Those scores could be marginally better, but these databases are constantly being updated. During our real-world tests, it knocked out macOS malware as soon as it was unzipped from an encrypted archive.

It also prevented us from loading web pages with malicious software via the WICAR test site. Note: This review is part of our. Go there for details about competing products and how we tested them.

Macworld Sophos Home Premium did an excellent job of knocking out malware during our spot-check testing. Sophos doesn't have a full standalone app to manage its operation. Rather, you use the cloud-based Web app in a browser to handle configuration, operation, and remote management of other systems. Sophos appears in macOS as just a system menu item with a few options, such as the ability to perform a manual scan. Because the software protects a system in real time, the scan function is needed only if protection is otherwise paused. The cloud-based approach allows Sophos to push updates to its interface without requiring a user download, and it has the most robust remote management of any of the software packages we tested. Only Sophos seems to put all controls in the cloud, while other AV software that offer Web-based controls have just a subset, such as initiating a remote scan.

Sophos Removal Tool Mac

Macworld Unlike other antivirus suites, Sophos utilizes cloud-based controls. Sophos markets this as a way to help family members, especially ones not at the same address. That’s apparent both from the licensing, with a $50 a year fee covering up to 10 computers (Mac and PC), and from how the license owner can send a link for another person to install and join the family group without additional steps for setup. Then the administrator can configure and run scans remotely. As one of only two companies offering ransomware-specific file monitoring, Sophos rises to the top with a proviso: We were unable to independently test the feature separately, although we had it demonstrated for us by the company and examined said demo in-depth.

(More on that in a moment.) That's because Apple's silent XProtect feature has definitions for all known ransomware, blocking it from running. XProtect uses virus signatures, so cannot protect against new ransomware malware or variants, but will block anything already discovered. Macworld The demo Sophos showed us used an in-house ransomware test package developed by its research side.

We examined script on our own, and it’s straightforward—we didn’t find any weird gotchas or wired demos in it. As the demonstration virus infected files, the originals were retained and not deleted, and by the time three files had been hit, Sophos Home Premium halted the attack and alerted the user. It’s possible to have legitimate software that encrypts or modifies a set of files, and thus the software provides an alert and won’t allow the putative file to delete documents.

Sophos Home also includes outbound network blocking to known malicious servers, malicious website blocking, web filtering for parental control, and alerts for mic and webcam usage. Sophos handles the web and network stuff via its kernel extension, which examines all traffic and allows central management of options.

The bottom line Sophos Home Premium is the best in show, providing effective malware protection, PUA protection, ransomware monitoring, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing makes it possible to protect a household and an extended family, giving it an edge over its nearest competition. If you're considering Sophos' free version, it's quite good but lacks enough of the Premium version's features that we recommend the instead. Version tested: 2.0.2 Editor's note: Updated 4/20/2018 to clarify how we evaluated the performance of Sophos's ransomeware detection.

With the release of Sophos Enterprise Anti-Virus 9.2.x, Sophos changed how their enterprise antivirus solution for Macs was installed. While, Sophos has now switched to using an application to install their enterprise antivirus software.

This switch was a problem for Mac admins who wanted to deploy Sophos Enterprise Anti-Virus 9.2.x, as the previously-available installer package had simplified the task of deployment. The new Sophos Enterprise Anti-Virus 9.2.x install application added further complexity by storing many of the installer’s files and other components outside the application in a separate Sophos Installer Components directory. However, after doing some research and testing, it looks like it is possible to repackage Sophos Enterprise 9.2.x for deployment. For more details, see below the jump.

Sophos’ application can be run from the command line using the InstallationDeployer tool and include both install and remove switches. Here’s how to install and uninstall Sophos 9.x using the Sophos Enterprise Anti-Virus installer application: Install: /path/to/Sophos Installer.app/Contents/MacOS/tools/InstallationDeployer -install Uninstall: /Library/Application Support/Sophos/opm/Installer.app/Contents/MacOS/tools/InstallationDeployer -remove With these commands, it’s possible to add the Sophos Installer application and the Sophos Installer Components directory to an installer package and run the needed commands with preinstall and postinstall scripts.

The other part of the puzzle is providing configuration and login credentials, to allow Sophos 9.2.x to communicate back with the Sophos Enterprise console following installation. After working on the problem in his own shop, figured out that: /Library/Preferences/com.sophos.sau.plist /Library/Sophos Anti-Virus/Sophos.keychain Once I had this information and understood what was going on, here’s how I repackaged Sophos Enterprise Anti-Virus 9.2.x so that it could be deployed via an installer package. Prerequisites: A copy of the Sophos Installer application and the Sophos Installer Components directory from your Sophos Enterprise console server.

The Sophos installer is available from the link below: smb://yoursophosenterpriseservernamegoeshere/SophosUpdate/CIDs/S000/ESCOSX/ A copy of the Sophos.keychain file, which will need to be taken from the following location on a Sophos Enterprise-managed machine: /Library/Sophos Anti-Virus/Sophos.keychain A copy of the com.sophos.sau.plist file, which will need to be taken from the following location on a Sophos Enterprise-managed machine: /Library/Preferences/com.sophos.sau.plist 1. Set up a new Packages project and select Raw Package. In this case, I’m naming the project Sophos Enterprise Anti-Virus 9.2.4 3. Once the Packages project opens, click on the Project tab. You’ll want to make sure that the your information is correctly set here (if you don’t know what to put in, check the Help menu for the Packages User Guide. The information you need is in Chapter 4 – Configuring a project.) In this example, I’m not changing any of the options from what is set by default. Next, click on the Settings tab.

Sophos Mac Free

In the case of my project, I want to install with root privileges and not require a logout, restart or shutdown. To accomplish this, I’m choosing the following options in the Settings section: In the Post-Installation Behavior section, set On Success: to Do Nothing In the Options section, check the box for Require admin password for installation. Click on the Scripts tab in your Packages project. Select the Sophos Installer application and the Sophos Installer Components directory and drag it into the Additional Resources section of your Packages project.

Select the Sophos.keychain file and drag it into the Additional Resources section of your Packages project. The last piece is doing an automated uninstall of any existing Sophos installations, then installing a fresh copy of Sophos with the pre-configured autoupdate settings. For this, you’ll need a preinstall script and postinstall script. Here are the ones I’m using: Preinstall: Postinstall: 9.

Once you’ve got the preinstall and postinstall scripts built, run the following command to make the script executable: sudo chmod a+x /path/to/preinstall sudo chmod a+x /path/to/postinstall 10. Once completed, add the preinstall and postinstall scripts to your Packages project. Last step, go ahead and build the package. (If you don’t know to build, check the Help menu for the Packages User Guide. The information you need is in Chapter 3 – Creating a raw package project and Chapter 10 – Building a project.) Testing the installer Once the package has been built, test it by taking it to a test machine that does not have Sophos and install it.

The end result should be that Sophos Anti-Virus installs properly and has the pre-configured settings for your Sophos Enterprise server included automatically. I just worked on a similar approach, but the two Library-Files were not necessary. The URL of the Update-Server are specified in the ESCOSX/Sophos Installer Component/rms/mrinit.conf File. Everything else comes from the Settings off the Sophos Console. So my install-Script just checks if previous Sophos-Installations were around, uninstalls them, then calls the install-binary.

But the it occured to me that we had to repackage it because installing a.pkg from a share doesn’t work. Now changing that to the.app gives us direct access to the install routine actually makes life easier for us instead of harder. No need for repackaging, just mount the share, install sophos, enjoy a free afternoon.

Here goes: #!/bin/sh sudo mkdir -p /mnt/sophos sudo mount -t smbfs //UserName:PassWord@your.sophos.server.url/SophosUpdate /mnt/sophos/ sudo “/mnt/sophos/CIDs/S000/ESCOSX/Sophos Installer.app/Contents/MacOS/tools/InstallationDeployer” –install exit 0.