Sophos has launched the latest version of its next-generation XG Firewall. This new version strengthens the delivery of enterprise-grade security to organisations of all sizes with several additions.
The additions include Sophos Sandstorm, the extension of the Security Heartbeat to automatically isolate an endpoint with a missing heartbeat, the dynamic identification of application traffic, and the inclusion of an advanced secure web gateway that dramatically improves protection while simplifying policy and enforcement.
Sophos Sandstorm is the next-generation cloud-sandbox technology that gives customers advanced defence against zero-day threats without additional hardware. It provides payload analysis to block evasive threats like ransomware disguised as executables, PDFs and Microsoft Office documents — sending them to its cloud-sandbox to be detonated and observed in a safe environment. This out-of-band cloud sandbox maximises network performance and throughput providing a transparent user experience while delivering IT admin with a detailed threat report for every incident. This delivers high levels of visibility into network events.
“Today’s sophisticated attacks can’t be stopped by simply increasing the number of standalone security products – defences need to communicate and coordinate in order to be effective,” says Brett Myroff, MD of Sophos distributor, Netxactics. “Sophos Sandstorm leverages real-time threat intelligence and dynamic sample detonation service in the cloud to prevent advanced zero-day threats from impacting networks and endpoints. Integrating sandboxing into the synchronised security platform accelerates the speed at which an IT organisation can identify and prevent a threat from spreading without requiring additional hardware or expertise.”
The Security Heartbeat pulses real-time information about suspicious behaviour or malicious activity between endpoints and the network firewall or UTM. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach. A new capability in the Sophos XG Firewall is the detection of a missing ‘heartbeat’ which usually indicates an endpoint has been tampered with or has become infected. If an endpoint has active network traffic but no Security Heartbeat, the XG Firewall will isolate and restrict access to and from the affected device, while the endpoint protection automatically remediates the attack.
In addition, Sophos XG Firewall now includes destination heartbeat protection, which blocks endpoints from trying to communicate to an infected device or server, preventing further infection within a network. Sophos makes this technology simple to manage, with traffic light-style indicators that provide instant insights into the health state of network devices. IT organisations can benefit from these advanced threat protection capabilities without requiring additional agents, layers of complex management tools, logging and analysis tools or expense.
“Sophos has made the XG Firewall part of an intelligent security system which is very attractive to companies who don’t have dedicated teams of IT security experts,” says Joshua Mittler, senior research analyst at NSS Labs. “The synchronised security strategy is gaining popularity as the automatic isolation of suspicious or compromised endpoints dramatically increases protection and the organisations’ ability to act effectively following a security incident. Sophos is one of the first to deliver this type of simple, intelligent and coordinated approach to IT security.”
Additional new features in Sophos XG Firewall include:
* Enterprise-Grade Secure Web Gateway (SWG) – a new inheritance-based policy building tool enables multiple user and group based web control policies to be easily built.
* Streamlined User Experience – XG Firewall makes managing network security easier than ever with all-new navigation including a logically organised menu and tabs for click-access to anywhere. Streamlined firewall rule screen makes it easier and more intuitive to build sophisticated rules.
* The Sophos XG Firewall is available on-premise as a hardware appliance, or for all the major virtualisation platforms as well as through the Microsoft Azure marketplace for securing infrastructure-as-a-service deployments in the cloud.
Available models range from a desktop appliance with integrated Wi-Fi to rack-mount appliances purpose-built for the data centre. Pricing is available from authorised Sophos partners worldwide.