Call a Specialist Today! 020 8138 5775
Free Delivery! Free Delivery!

Sophos Central Server Protection (Formerly Central Server Protection Standard)
The unified console for managing your Sophos products

Sophos Central Server Protection Standard

More pricing below, click here!

Please Note: All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.


Defend your data from malware without sacrificing server performance. Sophos Server Protection protects your server environment from malicious attacks while keeping your servers running at optimum performance. Designed to secure business- critical servers, Sophos Server Protection includes server application whitelisting, advanced anti-malware, and behavior analysis. It's server security made simple, providing protection for your Windows, Linux, and UNIX systems, whether you're running physical or virtualized servers, on premise, or in the cloud, including Amazon Web Services (AWS) and Azure.


  • Protects Windows, Linux, and UNIX systems with minimal resource use
  • Protects against ransomware running locally or remotely
  • Synchronized Security with Destination Heartbeat
  • Protects and manage server policies for auto- scaling groups in AWS
  • Protects server images in Azure
  • Server Lockdown with application whitelisting
  • Advanced, policy-based rules
  • Simplified management from the cloud or an on-premise console

Better protection

Sophos Server Protection offers innovative features like anti-ransomware and pre-execution emulation for identifying suspicious behavioral patterns, giving you the broadest protection for your servers and data, including from zero-day attacks. Our CryptoGuard anti-ransomware detects and intercepts unsolicited encryption of files, resulting from ransomware running on a remote endpoint that is connected to the server. Server Lockdown uses application whitelisting to secure servers with a default deny policy, preventing all unauthorised applications from executing. Once a server is locked down, anti-malware and a Host Intrusion Prevention System (HIPS) behavior analysis prevent content-based threats (such as an infected PDF or Word document) that could otherwise exploit vulnerabilities within whitelisted applications.

Sophos Server Protection also includes Malicious Traffic Detection, which monitors for traffic associated with malware. This feature enables early detection and removal of malware, along with Synchronized Security with Security Heartbeat to accelerate threat discovery, isolation, and remediation.

High-performance security built for servers

Servers are the repositories for the majority of most organizational data. With users needing continuous access, maximum uptime and optimal performance are of utmost importance. The server-specific policies provide out-of-the-box protection, giving you granular control of the lightweight agent. A variety of server-specific techniques enable small and fast updates, designed to require fewer server resources and mitigate any impact. Automatic application exclusions for key business applications, like Exchange or SQL, prevent false positives and needless rescanning of files.

Simple to use, including one-click Server Lockdown

Sophos Server Protection Advanced is the only solution that locks down your server with a single click, securing servers in a safe state and preventing unauthorised applications from running. With that click, Sophos automatically scans the system, establishes an inventory of known- good applications, and whitelists just those applications. Other whitelisting applications require the manual creation of rules to secure scripts and other system files, but Sophos manages the connections between applications and the associated files, such as DLLs, data files, and scripts.

Server Lockdown is only an example of how Sophos has made server security simple. With policy- based rules for server groups, as well as application, peripheral, and web control, Sophos makes it easy to control what happens on your servers, whether they be physical, virtual, or in the cloud

Cloud or on-premises management

When it comes to managing your servers, you have options. Our cloud-based Sophos Central, hosted by Sophos, provides instant access to new features with no console servers to set up and maintain. It also manages other Sophos products, including Endpoint, Mobile, Wireless, Email, and Web - all from a single pane of glass.

If you prefer to manage your servers with an on-premises console, Sophos Enterprise Console provides you with that option. Either way, you get sophisticated functionality coupled with a simple, intuitive interface for your servers and your users' workstations, too.

Security for every platform

With support for a broad range of platforms, you can protect every server in your organization. In addition to Windows Server, Sophos Server Protection secures the most common variants of Linux and Unix-based operating systems.

What's New:

Sophos Central Server Protection gets a host of new features to further enhance your protection. We’re also updating the license names to better reflect these new capabilities.

Intercept X Advanced for Server

Formerly Central Server Protection Advanced

New features include:

  • Deep Learning
    The artificial intelligence built into Intercept X Advanced for Server is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures.
  • Exploit Protection
    Denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. This allows Sophos to ward off evasive hackers and zero-day attacks in your network.
  • Active Adversary Protection
    Protects against advanced hacking techniques performed by attackers to establish their presence on a device, steal credentials, escalate privileges, or gain more enduring access, including Code Cave mitigation and credential theft protection.
  • WipeGuard
    Advanced anti-ransomware protection, preventing adversaries from encrypting the master boot record (MBR).
  • Root Cause Analysis
    Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers guidance to help remediate infections today and bolster your security posture.

Central Server Protection

Formerly Central Server Protection Standard

New features include:

  • Malicious Traffic Detection (MTD)
    Monitors HTTP traffic for signs of connectivity to known bad locations such as command and control servers, an early indicator that a new piece of malware may be present.
  • Synchronized Security Heartbeat™
    Synchronized Security simplifies and unifies defenses with real-time intelligence sharing between your servers and firewall. Get better protection against advanced threats and spend less time responding to incidents.
  • Web Control
    Provides control of potentially inappropriate websites for acceptable use by site category.
  • Application Control
    Point-and-click blocking of applications by category or by name. Enables administrators to block certain legitimate applications from running on servers.
  • Peripheral Control
    Enables you to monitor and manage access to removable media and peripheral devices connected to your physical servers.
  • Data Loss Prevention (DLP)
    Designed to reduce the risk of accidental data transfer to removable storage devices, corporate web browsers, email clients and IM clients.
  • Windows Firewall Control
    Provides the ability to monitor and control the native firewall on Windows servers.
  • Cloud Workload Discovery (AWS Map View)
    Attackers take advantage of unused cloud regions to avoid detection. Sophos now discovers workloads in every public AWS region, even the ones you are not actively using.

  Central Server Protection Intercept X Advanced for Server
AV Signatures / HIPS / Live Protection    
Automatic Scan Exclusions (AWS and Azure)
Cloud Workload Discovery
Peripheral Control
Web Control
Application Control
Data Loss Protection (DLP)
Malicious Traffic Detection (MTD)
Synchronized Security Heartbeat
Server Lockdown (Whitelisting)  
Active Adversary Mitigation  
Exploit Protection  
Root Cause Analysis  
Deep Learning  

Technical Specifications:

Windows Server

Supported platforms
Windows Server 2008 R2 and later
System requirements
Disk space: 1 GB minimum
RAM: 1 GB* minimum
Supported languages
English, French, German, Italian, Japanese, Spanish, and Simplified and Traditional Chinese

*If using lockdown, the required memory is 2 GB.

Linux Server

Supported platforms
Novell Open Enterprise Server
Oracle Linux
Red Hat Enterprise Linux
SUSE Linux Enterprise Server
System requirements
Disk space: 1 GB minimum
RAM: 1 GB minimum
Supported languages
English, Japanese

UNIX Server

Supported platforms
Solaris (SPARC and Intel)
System requirements
Disk space: 1 GB minimum
RAM: 1 GB minimum
Supported languages
English, Japanese

How to Buy:

Sophos Server Protection can be deployed on a physical server, or run on a VM (either in your datacenter or on AWS or Azure). It can be managed either through the Sophos-maintained Sophos Central website, or through an on-premises management console. Both deliver outstanding performance and protection. See the table to licensing options below for details of the features available across the two price tiers on both Sophos Central and on premises with the Sophos Enterprise Console (purchased separately).

Sophos Central Sophos Enterprise Console
  Central Intercept X Advanced for Server Central Server Protection Server Protection for Virtualization, Windows, and Linux
Windows Server
Public Cloud (Microsoft Azure and Amazon AWS)  
Prevent - Attack Surface Reduction
Application Whitelisting [Server Lockdown]    
Web Security
Windows Firewall Control      
Download Reputation
Web Control (URL Blocking)
Peripheral Control (e.g., USB)
Application Control
Prevent - Before It Runs on Device
Deep Learning malware detection    
Exploit Prevention    
Anti-malware File Scanning
Live Protection
Pre-execution Behavior Analysis [HIPS]
Off-board scanning for VMs (ESXi and Hyper-V)2
Detect Potentially Unwanted Applications (PUA)
Data Loss Prevention
Detect - Stop Running Threat
Anti-Hacker/Active Adversary Mitigations    
Ransomware File Protection [CryptoGuard] includes detection of attacks on the server from remote connected endpoints   Add-on3
Disk and Boot Record Protection [WipeGuard]    
Malicious Traffic Detection  
Respond - Investigate and Remove
Sophos Clean Automated Malware Removal    
Malware Removal  
Root Cause Analysis    
Manage - Control
Server-specific policy management
Update Cache and Message Relay  
Automatic Scanning Exclusions  
Synchronized Application Control4  
Manage - Visibility
Azure Workload Discovery and Protection  
AWS Workload Discovery and Protection  
AWS Map, multi-region visualization  
Synchronized Security with Security Heartbeat (Enhanced threat protection, positive source identification, and automated isolation)4  
Windows Remote Desktop Services (user visibility)  
Manage - Sophos Central
Cloud-based management, eliminating the need the install and maintain a separate server on premises, and managing security of servers in a single console with endpoints, mobile, email, wireless  
Multi-factor authentication  
Role-based administration

11 All features available on Windows; selected features available on Linux
2 See features of Sophos for Virtual Environments with its ultra-thin agent deployment
3 For Windows Servers managed by Sophos Enterprise Console, CryptoGuard is available with the Endpoint Exploit Prevention (EXP) Add-on license
4 When used in conjunction with the Sophos XG Firewall

Alternative deployment option - Sophos for Virtual Environments

Sophos for Virtual Environments enables malware detection to be offloaded to a centralized Security VM to reduce the potential performance impact on Windows virtual servers. Licensed per virtual server, with entitlement to the Sophos for Virtual Environments alternative deployment option included with all Sophos Server Protection licenses.

Support for Windows servers on VMware ESXi and Microsoft Hyper-V

Features include:

  • Off-board malware protection to a centralized Sophos Security VM
  • Lightweight guest Virtual Machine Agent, infrequent updates
  • Memory-resident malware detection
  • Automated Threat Cleanup
  • Prevent update storms and scan storms
  • Windows Security Center integration
  • Visibility of connected guest VMs (Sophos Central only)


Download the Sophos Server Protection Data Sheet (PDF).

It appears you don't have a PDF plugin for this browser. No biggie... you can click here to download the PDF file.

Pricing Notes:

Includes choice of: