UWIT recommends using Sophos for campus antivirus needs and provides downloads for Windows, Mac, and Linux. All networked computers should have some sort of security software especially if they are used for browsing, download, or opening attachments. Antivirus software excels at detecting known threats but typically perform poorly against new threats so you must still be vigilant.

https://itconnect.uw.edu/wares/uware/sophos-anti-virus-software/

Recommendations

  • If Sophos ever flags a Microsoft document (Word, Excel, Powerpoint, etc) or Adobe document (PDF) be extremely wary of opening it. Many current ransomware attacks are exploiting these document types due to their prevalence. If in doubt ask for CompHelp to assist; we can safely open them in a VM rather than risking a real system
  • Sophos should not be used to scan Time Machine disks; see the Time Machine Guide for more information
  • Sophos will occasionally flag non-malicious software such as netcat (nc.exe in CompHelp's UU4W folder) because it can have malicious uses. If you are sure you trust a file you can approve it in the Sophos Quarantine Manager
  • Sophos will occasionally flag older files; most likely this means it has detected adware
  • If you get warnings that Sophos couldn't update check the last update time. Older versions tried to update every 10 minutes but the Sophos servers now only allow updates once an hour. This means they fail 5 out of 6 updates but if the last update was within an hour you are still receiving updates. The frequency can be changed in the Sophos preferences.
  • comphelp/security/sophos.txt
  • Last modified: 2017/08/01 15:38
  • by essach