The best endpoint security suite is...

The best endpoint security suite is...

Summary: Wondering which endpoint security suite keeps your clients the most protected? Enex TestLab racks them all up and puts them through their paces.

TOPICS: Security, Malware

Sophos Computer Security SBE 4.0

Target market: small- to medium-sized organisations
Price (including GST): AU$917.50 for 10 licences
Phone: 02 9409 9100

Sophos Computer Security SBE 4.0 is a small business package for both Mac- and Windows-based platforms. The solution is comprised of an arsenal of technologies for mitigating internet security threats.

A limited trial can be downloaded directly from the Sophos website. The windows version for a single client installer is around 62MB in size.

Default setting and features/option

A quick and easy installation, yet administrators should note that the client firewall component must be specified for installation within the default set-up wizard. Once installed, Sophos runs preconfigured with a high standard of firewall protection. The product has an easy-to-use and highly configurable user management interface.


Sophos did satisfactorily in both areas tested. Overall, it performed very well in malware tests with a total combined detection rate of 99 per cent. The firewall kept the host well hidden on the network.

(Credit: Enex TestLab)

Overall rating 4.5 out of 5
The good
  • Excellent firewall for locking down incoming/outgoing connections
  • One of the best anti-malware detection engines (based on the current report context)
The bad
  • The desktop firewall may come across as an annoyance during the early stages of building application firewall rules as it alerts the user of any application requesting external network access (but good from a security perspective)
The bottom line A good product for small business security that just works with the out-of-box settings.
ROI Good "out of the box" performance at a fair price.
ROI score 4.0 out of 5

Topics: Security, Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Awesome Hi Tech!

    Wow! Hold onto these work experience kids that did this! Mind numbingly awesome tech and security work! Well done ZD. I wish this went on for another 10 pages at least. I just did not want this work to end!
  • AVG Internet Security Business Edition 9.0

    AVG introduced Internet Security Business Edition 9.0 in late October. Among it's enhancements is an improved firewall. for more information. An optimization scan capability has been added, as well, which improves future scans by up to 50% .
  • Anti virus comparison story

    I can only go from my point of view - working in the field, hands on, every day, as a freelancer.

    I consistently get money from Nortons who I love. Without them I wouldnt make as much money getting rid of viruses from infected machines with up to date and working Nortons on it. In my tests, I have found the best to be Sophos simply because I image the C drives and when they viruses are all gone, take time to write the image to a spare drive and have Sophos trial installed, AVG 9 free installed on another machine and have recently tried Kaspersky. Kaspersky found the least of those 3 with Trend and many other antiviruses (over months on different machines) installed. AVG free consistently found all but about 4 viruses and Sophos found the most.

    Even with all THAT, absolutely NONE of them, updated and working, found ALL of them. Quite often, I have detected unknown viruses and submitted them to be told they were new, to various companies. Sorry, but your tests are really not "real time". If you want real tests, you really ought to find people like me who are in the trenches all day and late into the night, often and get US to test the antiviruses for you, periodically. The truth is that you need MORE than an antivirus program if you think you have an infection that your current one doesnt detect AND you need the knowledge to find and eradicate unknown viruses, too. You wont learn THAT in any course available
  • Feedback

    hey Eugene,

    please feel free to email me personally with any criticism about the article, happy to hear what we should do better.


    Renai LeMay
    News Editor
  • Awesome

    Great article guys finally an impartial look at this field naming names! please keep it up. Ignore the manufacturer whinging here.
  • Easily pleased...

    You are easily pleased. Why not just go get some brochures or checkout the websites from the tested vendors. It's about the same level of information and detail. There's nothing here. Did you write this review?
  • Missed the point (and the detail)

    I think 'Easily pleased' has missed the point and the detail unfortunately. There are useful metrics and an impartial assessment of possible 'flaws' included that you obviously would not find in a vendor brochure, and no, I did not write the review (I simply read it thoroughly).
  • Copy from the product

    I agree with you. There's nothing here. May be Mr Ian just installed all these software and did a preview.

    No critical comment on the products ... it's just like the Gartner Magic Quadrant , every product is a magic ...
  • Not 17 years experience of testing

    Hi...please don't spoil the name of RMIT ...

    The content does not really reflect the 17 years of testing experience from RMIT ....
  • Easily pleased

    @Missed the point, who are you addressing? Sounds like the world. :p I repeat, you are easily pleased. Either that or you are an awesome troll and I commend you for sucking me in.
  • No One Following Links ?

    Are you guys nuts?

    "Malware test sets were introduced to each product using standard inbound vectors, devices and protocols that included HTTP, SMTP/POP3, FTP, DVD and USB injection mechanisms to accurately represent real-world threats. Each test set also contained malware-free samples" and then the results ;,139023452,339299322-13,00.htm
    AV vendors will not promote those in their brochures, well none I have seen !
  • Good Work ZDNet keep it up!

    Even if a lot of people see this as a brochure or just scratching the surface, at least the results can show which AV software really doesn't stack up. I'm guessing anyone using Trend Micro and reading this will change immediately (If they are not rebuilding due to too many trojans already).
    I think this is a great indicator for people that do not want to spend too much time reviewing the products themselves to have a quick over view, all in one place.
    ...and by all means if you diagree this is a great forum to express your views, so don't hold back, or start flaming. Just tell us how it is in YHO.
    Great job guys!
  • BTW -

    Hi Guys,
    Does anyone have an opinion on I've found that it can detect and repair toor kit viruses that other products don't pick up. So I run a scan with this tool once per month or so, just in case. I also run AVG as my everyday virus detector, and ZoneAlarm for the firewall.
    Any opinions on this setup?
  • versions

    I guess you tested the previous workspace version of Kaspersky , regarding to screen shots you've used.
  • Performance stats? Footprints?

    One of the biggest metrics felt by users of anti-virus is how much it slows down their system and how much memory it takes up.

    Can you please add these and redetermine results.
  • I recently ran across some malware that my normal bag of tricks (Avast, Spybot S&D, and Sophos) didn't catch and take care of. This one allowed AV to run but would strip the definitions out so the software was blind then infected the AV itself. With the help of a Windows guru, we got malwarebytes installed and it found, and cleaned the PC. Problem solved! Great tool.
    Doug H.
  • Hi ZDnet,
    The testing you have conducted seems to have several flaws that could drastically effect the results;
    Firstly: by disconnecting the machines from the internet during the test you are disabling many protection features that are enabled by default in many of the products. If these test are real world tests then I am sure you agree in the real world the machine would be connected to the internet(the majority of the time) and if not then a large portion of your threat samples would never reach the machine through the "real world" protocols you used ie HTTP and SMTP/POP3.
    Secondly: Through the infection vectors USB and DVD that you tested, many products have the default capability to block programs from running automatically from these devices which in my experience is how threats are introduced, in these tests did the user actually have to find and click on the threat to execute it, and if so - is this "real world"?
    Thirdly: How was the test set found? How many times had it been used? and how fresh were the samples? I would imagine that this would impact how realistic the results are to the real-world user.

    I think for future tests you should look to provide a truly real world scenario that includes machines being connected to the internet throughout the test and that real live threats found on the internet during the test are used to determine how well products protect the user.

    Looking Forward to future real-world reviews