Oxford, U.K., 16 Nov 2015
Sophos (LSE: SOPH), a global leader in network and endpoint security, has introduced the first synchronised security protection against today's sophisticated threats, with the Sophos Security Heartbeat capability of the Sophos XG series of next-generation firewalls and UTM.
This new technology directly links next-generation firewalls and UTM with next-generation endpoint security to share threat intelligence that enables faster detection of threats, automatic isolation of infected devices, and more immediate and targeted response and resolution.
With Security Heartbeat, organisations of any size can advance their defences against increasingly co-ordinated and stealthy attacks and drive a dramatic reduction in the time and resources required to investigate and address security incidents.
The Security Heartbeat pulses continuous, real-time information about suspicious behaviour or malicious activity between endpoints and the network firewall or UTM. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach. The Sophos XG Firewall uses data provided by Sophos endpoint protection to isolate and restrict access to and from the affected device, and in parallel, the endpoint protection can remediate the attack.
IT organisations can benefit from advanced threat protection capabilities without requiring additional agents, layers of complex management tools, logging and analysis tools, or expense. The Security Heartbeat is fully enabled and included as part of the Sophos XG Firewall and Sophos cloud-managed endpoint protection.
"Today, Sophos has taken the next big step in next-generation security. Organisations of every size know they need endpoint security and network security - they are two foundational pillars of any IT security strategy. But for too long, these two product segments simply didn't communicate with each other - they were independent and isolated silos, which limited their effectiveness and their manageability," commented Kris Hagerman, CEO at Sophos. "Only Sophos links leading network security technology with leading endpoint security technology together in a co-ordinated and integrated approach. This is synchronised security that delivers both better protection and better manageability for organisations of any size."
Christian Christiansen, vice-president of security products at IDC, comments: "No other company is close to delivering this type of synchronised and integrated communication between endpoint and network security products. For the midmarket, the time and resource savings will be very compelling, as their ability to stay ahead of increasingly sophisticated threats with today's products will only become more challenging."
How does the Security Heartbeat work?
* When a new Sophos protected endpoint is added to the network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and the endpoint immediately starts sharing the health status.
* If suspicious traffic is identified by the firewall, or malware is detected on the endpoint, security and threat information is instantly shared securely via the Security Heartbeat.
* The endpoint reports context-rich information such as the computer name, username and process information associated with the threat.
* The firewall can automatically take action to isolate the endpoint from any routed or remote networks and trigger additional action on the endpoint to mitigate risk and prevent data loss.
* After the threat has been removed, the endpoint uses the Security Heartbeat to communicate the updated health status back to the network, which then re-establishes normal service to the endpoint.
Jon Oltsik, senior analyst at ESG, comments: "This is a good step toward synchronised security solutions. Having viewed tests of the Sophos XG Firewall with a Sophos protected endpoint, I have seen how the information passed in the Security Heartbeat can reduce the risk to a business by increasing the speed of detection and response. It is not just management interface integration; the two products share valuable information, making each one more effective and efficient. For companies that do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations."
New features of Sophos XG Firewall:
Built on the foundation of Sophos' market-leading UTM and next-generation firewalls, the Sophos XG Firewall includes proven technology from Sophos and Cyberoam, and delivers the following new features:
* Network security control centre. Innovative interface that delivers instant network and threat intelligence so users can take action fast.
* Unified policy model. Simplified policy management with preconfigured templates for business apps to dramatically streamline configuration.
* User and app risk analysis. App Risk Score features help identify high-risk users and applications and highlight potential security hotspots.
* User threat quotient. Manage user-centric policies based on an individual's known behaviour, as well as the health status of the computer or mobile device s/he is using.
* Sophos Firewall Manager. Full-featured centralised management of multiple firewalls that's free for Sophos partners and managed service providers.
* Centralised cloud management. Sophos partners and MSPs can manage multiple Sophos XG Firewall installations from the cloud, using the new Sophos Cloud Firewall Manager.
* Security Heartbeat. This unique capability, an industry first, meaningfully links the firewall and endpoint together, enabling them to share intelligence and enhance protection against advanced threats.
* Series of appliances. A comprehensive range of appliances with options for every customer, including the new entry-level XG 85(w) and high-end XG 750 models.
* Hardware flexibility. The Sophos XG Firewall operating system will also run on existing Sophos SG appliances and Cyberoam NG appliances.
* Deployment flexibility. Customers can choose to deploy as hardware, software or virtual appliances, and every feature is available on every form factor.
Available models range from a desktop appliance with integrated WiFi to rack-mount appliances for the data centre. Pricing is available from authorised Sophos partners worldwide.
Michelle Drolet, CEO at Towerwall, a Sophos partner, adds: "There will never be a perfect security solution that stops all the threats. But, with Sophos, we are getting close to perfect. This approach to synchronised security from Sophos allows everything to talk to one another and is a game-changer for the industry."
Timothy Speakman, system administrator at Contra Costa Health Services, a Sophos customer, commented: "What Sophos is doing to deliver synchronised security with the new XG Firewall is impressive. As a company, we are looking forward to how the network will be integrated fully with the endpoint, saving us the amount of time it typically takes to research threats, act on them, and actively manage security for the entire organisation."
Kerrigan Addicott-Case, system administrator at Office Information Systems, a Sophos customer, concluded: "We are extremely excited about the Sophos product roadmap. The Security Heartbeat feature within the XG Firewall is remarkable. This new technology is one of the most interesting features on the market, and we look forward to where this will take us."
Connect with Sophos
Twitter
LinkedIn
Facebook
Google+
Spiceworks
YouTube
Sophos Blog
Naked Security News
Share