Specifications
15
SOPHOS ENDPOINT SECURITY AND DATA PROTECTION REVIEWER’S GUIDE
You can also significantly reduce the risk of network bridging between a
corporate network and a non-corporate network. The Block bridged mode is
available for both wireless and modem types of device. The mode works by
disabling either wireless or modem network adapters when an endpoint is
connected to a physical network (typically through an Ethernet connection).
Once the endpoint is disconnected from the physical network, the wireless or
modem network adapters are seamlessly re-enabled.
Data control policies
Deploying a stand-alone DLP solution to protect against the accidental loss of
sensitive data can be time consuming and costly, and can have a significant
impact on the system performance of your endpoints. Sophos removes this pain
by integrating the scanning for sensitive information into the endpoint agent,
making it easier for you to configure, deploy and manage.
You can monitor and control the transfer of files to specified storage devices
(e.g. removable storage device or optical drive) or by specified internet-enabled
applications (e.g. email client, web browser or instant messaging) without having
to deploy a separate solution and another endpoint agent.
Sophos provides a number of preconfigured data control rules covering national
identification numbers to confidential document markers. You can use these rules
out of the box or tailor to meet your own needs.
Figure 9: Device control – preventing network bridging