Whilst I’m not directly involved operationally I know that Sunshine Coast
Council uses both Crowdstrike and Sophos.
Crowdstrike provide the ability to scan on execution with some quite detailed
analysis visualisation. However Sophos is used for scanning documents submitted
or zip files etc ie bulk directories where you may not want to open/execute
every file.
There is no complete disk scan function with Crowdstrike but then with disks
consisting of x,000,000’s of files that’s not necessarily a bad thing... just
something to keep in mind in changes in workflow and incident approaches.
Sorry I don’t have a comprehensive analysis on the different products at the
moment, our selection process was done before I started here...
I’d watch the extra’s such as firewall management that may be part of your
Sophos license and may be an optional extra for Crowdstrike...
It is worth noting that like many security vendors, Crowdstrike have a number
of other security related capabilities associated with the product such as
vulnerability assessment as well as the Antivirus capability, emergency
patching and incident response.
From: lg-it-bounce@xxxxxxxxxxxxx <lg-it-bounce@xxxxxxxxxxxxx> On Behalf Of Matt
Gray
Sent: Friday, 30 April 2021 3:52 PM
To: lg-it@xxxxxxxxxxxxx
Subject: lg-it Re: EDR / EPP Query
[SCC External Email: Use caution with links and attachments]
Hi Steven,
The City of Launceston will be looking at alternative later in the year so will
be interested in finding out which vendor you choose as we will also be moving
away from Sophos.
Cheers
[cid:image001.png@01D45CB2.316F0340]
Matt Gray
Manager Technology and Information Services
T 03 6323 3136 I M 0407 139 184 I
www.launceston.tas.gov.au<http://www.launceston.tas.gov.au/>
From: lg-it-bounce@xxxxxxxxxxxxx<mailto:lg-it-bounce@xxxxxxxxxxxxx>
<lg-it-bounce@xxxxxxxxxxxxx<mailto:lg-it-bounce@xxxxxxxxxxxxx>> On Behalf Of
Steven Yorke
Sent: Friday, 30 April 2021 3:40 PM
To: lg-it@xxxxxxxxxxxxx<mailto:lg-it@xxxxxxxxxxxxx>
Subject: lg-it EDR / EPP Query
Hi all,
I'm in the process of looking at alternatives to our current AV solution
(Sophos) and wondering if anyone has experience with any of the 'next
generation' products like Crowdstrike / Palo Alto / Cisco AMP.
Interested if anyone has moved from something like Sophos to Crowdstrike and
their experience etc. The product has very good reviews on places like Gartner
however so does our current Sophos solution.
Any advise or suggestions would be great. Have a great weekend.
Regards,
Steven Yorke [cid:image002.gif@01D73DDA.34408F10]
Coordinator – IT Infrastructure & Operations
Computing Services
[cid:image003.png@01D73DDA.34408F10]
2 Midland Square
Midland WA 6056
t 08 9267 9330
m 0422 22 1862
www.swan.wa.gov.au<http://www.swan.wa.gov.au/>
IMPORTANT: This e-mail message, including any attached files, is private and
may contain information that is confidential. Only the intended recipient may
access or use it. If you are not the intended recipient, please delete this
e-mail and notify us promptly. We use virus-scanning software but exclude all
liability for viruses or similar defects in any attachment.
[https://www.launceston.tas.gov.au/files/assets/public/internal-communications/it/twitter.png]<https://twitter.com/LtonCityCouncil>[https://www.launceston.tas.gov.au/files/assets/public/internal-communications/it/youtube.png]<https://www.youtube.com/user/LauncestonCtyCouncil>[https://www.launceston.tas.gov.au/files/assets/public/internal-communications/it/www.png]<https://www.launceston.tas.gov.au>[https://www.launceston.tas.gov.au/files/assets/public/internal-communications/it/lcc_yvyl.png]<https://yourvoiceyourlaunceston.com.au/>
Please consider the environment before printing this, or any other e-mail or
document.
________________________________________
CONFIDENTIALITY NOTICE AND DISCLAIMER
Information in this transmission is intended only for the person(s) to whom it
is addressed and may contain privileged and/or confidential information. If you
are not the intended recipient, any disclosure, copying or dissemination of the
information is unauthorised and you should delete/destroy all copies and notify
the sender. No liability is accepted for any unauthorised use of the
information contained in this transmission.
This disclaimer has been automatically added.
[Sunshine Coast Council]<http://www.sunshinecoast.qld.gov.au/>
[Sunshine Coast Council is on
Facebook]<https://www.sunshinecoast.qld.gov.au/Council/Contact-Council> __ __
To find out more about the Sunshine Coast Council, visit us online at
www.sunshinecoast.qld.gov.au.<http://www.sunshinecoast.qld.gov.au/> If
correspondence includes personal information, please refer to Council's Privacy
Policy<https://www.sunshinecoast.qld.gov.au/Terms-of-Use> .
This email and any attachments are confidential and only for the use of the
addressee. If you have received this email in error you are requested to notify
the sender by return email or contact council on 07 5475 7272, and are
prohibited from forwarding, printing, copying or using it in anyway, in whole
or part. Please note that some council staff utilise mobile devices, which may
result in information being transmitted overseas prior to delivery of any
communication to the device. In sending an email to council, you are agreeing
that the content of your email may be transmitted overseas.
Any views expressed in this email are the author's, except where the email
makes it clear otherwise. The unauthorised publication of an email and any
attachments generated for the official functions of council is strictly
prohibited. Please note that council is subject to the Right to Information Act
2009 (Qld) and Information Privacy Act 2009 (Qld).