Sophos Anti-Virus 7.3.3 review | AV Scan

Wednesday, July 2, 2008

Sophos Anti-Virus 7.3.3 review

Note: please check out the FAQ if you have any issues.

You probably haven't come across Sophos antivirus, because it's enterprise software, which means the company's target consumers are small- to large-scale organizations instead of home users.

I'm generally against 'elitist' software like these, but Sophos seems to have a loyal customer base so I thought it deserved a review. I've been using Sophos for almost six months now; I don't like it, and the only reason I still have it is because my university gives me a free copy.

Admittedly, Sophos detects viruses and malware pretty well. It scans quite fast, and is also not very RAM intensive (a combination which is becoming increasingly rare these days). Moreover, it seems to catch adware pretty well compared to other antiviruses (of course antiviruses aren't necessarily supposed to do this, but we're glad they started).

AV Comparatives claims that Sophos was one of the top performers in their tests. My experience suggests a different story.

From my many weeks of using it, I've come across situations where Sophos detects a virus but can't clean it. Of course such cases are very rare, but isn't that enough to scare people crazy, especially when they're supposedly running an antivirus which is so precious that it's not even sold to individuals? I've seen this happening to a friend of mine working on her doctoral thesis who completely freaked out; we had to delete the file.

Moreover, Sophos doesn't always provide names for the viruses/malware it's caught, and resorts to a generic label. "Mal/packer"? Come on. I'm not too name-savvy either, but since you can get into a confusing spot (such as Sophos telling you it's found this nasty piece of code but can't fix it), providing more info, at least the name, was obligatory. That way the user can look up the threat online, and download the cure/fix from whichever antivirus camp that's offering it, instead of having to delete the file.

Sophos also generates lots of false alerts (why is this getting so common in antiviruses these days?): when I scanned my computer it found 4 'viruses' (including a very innocent text file I had created myself) which I'm very sure they weren't. Last but not the least: the interface isn't the most user-friendly around, and looks pretty bland: reminds me of the days when I was trying out .Net.

Sophos does allow trial downloads, but all in all, certainly not a good antivirus for your (organization's) money.

The good:
- Good detection rate
- Scans fast
- Not too heavy on system resources

The bad:
- Uninviting interface
- Often does not provide adequate information

The ugly:

- Lots of false alerts

Price: CAD $228 (SBE edition for 5 users)
Go to: Sophos website


Anonymous said...

That is why you have another antivirus system on your computer Avast for example so if sophos can't delete it avast will.

Tashfeen Mahmud said...

Actually, that would most likely cause further problems. Antiviruses tend to dislike each other, and conflict quite easily.

John Becker said...

I have used SOPHOS for nearly 9 years, and have had only 2 occasions where it did not detect a virus.

I have also used it as a very effective rootkit scanner. In a recent instance, SOPHOS removed a rootkit no other scanner could.

Moreover, SOPHOS' technical support is top-notch, and available within 30 minutes or less 24x7x365, try that with any other vendor.

True that they focus only on SBE and Corporate environment, therefore not home-user appropriate.

Tashfeen Mahmud said...

I agree that it's a pretty good antivirus. But based on my user experience, I still think NOD32 and Kaspersky perform a lot better.