Network Defence

Sophos Server Protection

Comprehensive threat protection that doesn’t slow down your servers

Sophos Server Protection safeguards mission-critical servers from malicious attacks without impacting their performance. Designed to secure business-critical Windows, Linux and UNIX systems and optimised for virtual environments, Sophos Server Protection integrates server application whitelisting/lockdown with advanced anti-malware and HIPS, providing effective protection against zero-day attacks.

Key features

Extremely lightweight with a small footprint, Sophos Server Protection’s

whitelisting/lockdown protects against known and unknown threats, while Device Control protects against data theft via USB sticks. Malicious Traffic Detection blocks or alerts based on traffic to known Command and Control URLs. Application Control limits the applications that can execute, further reducing opportunities for attack. Lastly, Server Lockdown ensures only specific applications and associated/trusted files are able to run, while a comprehensive malware scan before lockdown ensures servers are locked in a known-good state.


  • Pre-execution emulation identifies suspicious behavioural patterns, offering the broadest protection for servers and data.
  • Server Lockdown secures servers with a default deny policy, preventing all unauthorised applications from executing.
  • Once a server is locked down, anti-malware and HIPS (host-based intrusion prevention system) behaviour analysis prevent content-based threats such as an infected Word document that could otherwise exploit vulnerabilities within whitelisted applications.
  • Includes Malicious Traffic Detection, which monitors for traffic associated with malware, enabling early detection and removal.

Other solutions