Next-Gen Firewall Appliance | Unified Network Security | Sophos UTM

Sophos UTM

Unified protection for your business

Endpoint Protection

Keep your users safe by stopping malware and rogue websites, as well as controlling devices attached to computers.

Endpoint Protection
There are hundreds of thousands of pieces of new malware detected every day by SophosLabs. Nearly all of these threats are targeted at computers browsing the web and plugging in devices.

Sophos UTM Endpoint Protection helps you easily deploy our antivirus software to your computers and set policies to keep them safe wherever and however they’re connected. We also let you control which devices can be connected to these computers.

Learn more about our Endpoint Anti-Virus and Host Intrusion Prevention System (HIPS)

With our Endpoint Anti-Virus and HIPS you can make sure that files, webpages and devices are scanned as they’re accessed by computers, blocking or cleaning potential threats. Sophos HIPS takes protection beyond signatures with proactive and behavioral detection. And our live URL blocking can also stop bad websites before they load. We do this by checking against a list of known malicious URLs maintained by Sophos and accessed via the cloud.

Our antivirus detects, blocks and cleans:

  • Viruses
  • Trojans
  • Spyware
  • Adware
  • Potentially unwanted applications

Device Control
With device control you can reduce the risk of data loss and malware by managing removable devices connected to your computers.

Learn more about device control

Device control lets you define which computers have access to specific removable devices. This helps with stopping the spread of malware like Conficker, which uses this kind of hardware as a way to infect computers. You can also manage which endpoints are allowed particular devices—i.e., making sure that senior managers use only encrypted USB keys.

Our device control lets you manage:

  • Removable storage
  • Secure removable storage
  • CD and DVD devices
  • Infrared devices
  • Wi-Fi devices
  • Bluetooth interfaces

Protect Endpoints Everywhere with LiveConnect
Our LiveConnect service means that wherever and however your computers connect, you can keep them secure.

Learn more about LiveConnect

Sophos LiveConnect is a cloud service that lets your endpoint computers communicate with your Sophos UTM wherever they are. You can set policies for antivirus and device control, see alerts and even geographic locations, all from your central console. So even if your user is connected in a cafe or hotel, you know that endpoint protection is managed and the computer is safe.

Download the UTM Endpoint Protection datasheet

Watch the Sophos Endpoint Protection Video

^Back to top

Essential Network Firewall

A good firewall can prevent exploits that lead to data loss or theft, infected computers, and other incidents that cost you time and money. The protective features in our Essential Network Firewall are designed for simplicity. We make it easy to control incoming and outgoing traffic. So you can be assured that you are configured for complete protection.

Firewall
The firewall in our UTM appliance is easy to use. With an open, visual layout you can be as broad or as detailed as you need.

Learn more about our firewall

We make firewall configuration simple with an object-based approach. You define an object like a workstation, file server or web server, and re-use it as needed.

The packet filter is configured to deny-by-default. Only traffic that you specifically allow will pass through. This reduces the amount of time administrators spend learning and configuring the firewall. It also ensures that no unwanted traffic will be allowed through the firewall by accident.

The Sophos firewall includes a variety of tools and features for controlling data flows that are allowed to pass from the Internet to the internal LAN and vice versa:

  • Stateful packet filter
  • Application-level deep packet filtering
  • Controls network access for specific protocols and applications
  • Flexible rules management
  • Can include hosts, networks, groups or VPN users
  • Automatic rule generation for application proxies and internal services
  • Time-based activation
  • Policy-based routing
  • Interface-based rules
  • Network Address Translation
  • SNAT/DNAT, 1-to-1 NAT
  • Masquerading

Native Windows Remote Access
Sophos acts as a receiver for the native Windows VPN. So users can create tunnels quickly and easily.

Learn more about Native Windows Remote Access

Native Windows Remote Access is a budget-friendly VPN. It is designed for organizations that need secure remote access that is easy to deploy and easy to use. Using the client tools in Windows, employees can authenticate and build a secure tunnel to any Sophos installation in moments. And you control access by group, individuals or a combination of both.

  • PPTP (Point-To-Point Tunneling Protocol)
  • Supports strong encryption (128-bit)
  • Local or RADIUS based user authentication
  • Authentication protocols: MSCHAPv2
  • IP Address assignment via pool network or DHCP server
  • Supports native Windows and Apple iPhone client
  • L2TP (Layer-2-Tunneling Protocol) over IPSec
  • Authentication via pre-shared key or X.509 certificate
  • Local or RADIUS based user authentication
  • Authentication protocols: PAP, CHAP, MSCHAP, MSCHAPv2
  • IP Address assignment via pool network or DHCP server
  • Supports native Windows and Apple iPhone client

IPv6 Support
Sophos UTM lets you migrate step-by-step to the new world of IPv6.

Learn more about IPv6 Support

By supporting a set of different tunneling and translation techniques you can easily connect IPv6 “islands” over your existing IPv4 infrastructure or even run IPv6 and IPv4 at the same time, across the same networks. We are fully certified as “IPv6 Ready” and have one of the most complete implementations of IPv6 support.

Sophos UTM includes the first IPv6 ready packet filter with CC EAL4+ certification.

  • Tunnel Broker
  • SixXs
  • Freenet
  • Teredo
  • Dual Stack
  • 6to4 Mapping

Amazon Virtual Private Cloud Connector (VPC)
In addition to support for running UTM inside the Amazon Cloud itself, you can use UTM to access a dedicated private piece just for you using their dedicated and scalable hosting infrastructure. Sophos UTM is one of just three select providers to offer a secure connector to the Amazon VPC.

Learn more about Virtual Private Cloud Connector

Virtual Private Cloud Hardware Connector
A purpose-built connection utility to VPC to access all your hosted servers with the strongest level of security Amazon supports.

Knowledge Free
Amazon VPC uses BGP routing across multiple tunnels to provide the utmost in security and reliability. With UTM, you don’t have to study all the technical details, you can link your UTM to VPC in seconds.

Auto-Setup
Link your UTM to Amazon VPC using your Amazon account to have an encrypted connection to redundant Amazon gateways built automatically, or choose to download the configuration from your Amazon account and simply upload the file into UTM.

Download the Essential Network Firewall datasheet

^Back to top

Network Protection

Sophos Network Protection includes many fully integrated features: an intrusion prevention system, denial-of-service protection, a VPN gateway, an HTML5 VPN portal, advanced routing and more. We help protect your network by keeping bad traffic out and enabling secure access to authorized users.

Intrusion Prevention
Our Intrusion Prevention System identifies and stops threats that are hiding in incoming traffic. It analyzes approved traffic to protect your network from outside assaults.

Learn more about Intrusion Prevention

Our Intrusion Prevention System protects your network against new and existing threats. Using deep-packet inspection the IPS identifies and removes packets that contain malicious content before they enter your network. Our signature database is updated every few minutes, ensuring protection against even new threats that do not yet have a patch available but do have a pattern. Our IPS can also prevent an infected machine from threatening others in IT environments that do not run their own servers.

We can help stop intruders and protect against even the most sophisticated threats with fast and reliable pattern scanning technologies:

  • Identifies and blocks application and protocol related probes and attacks through deep-packet inspection
  • Flood protection: DoS, DDoS and portscan blocking
  • Database of over 8,000 patterns and rules including:
  • Probing, port scans, interrogations, host sweeps
  • Attacks on application vulnerabilities
  • Protocol exploitations
  • Intrusion detection and prevention
  • Notify administrator and/or block traffic immediately
  • Powerful management interface
  • One click to enable or disable complete rule sets e.g. for email or web servers

Branch Office VPN
Our Branch Office VPN lets employees at different locations send and receive information through the Internet via a secure connection. And it’s so easy to use, you can link sites without any experience with VPNs.

Learn more about Branch Office VPN

We give you trouble-free, stable connectivity between remote sites and headquarters with flexible administration. Connect everything with public or private IP addresses using multiple Internet connections. Fully share computers in both networks or limit the traffic that can travel over the tunnels. Build VPN tunnels across dozens or hundreds of devices from a central console with Sophos RED, without the need for technical skill at the remote sites. Plus, our VPN supports host names for tunnels with a built-in Dynamic DNS client.

Support for a broad range of standardized tunneling protocols and technologies enable secure connections between multiple offices via the Internet:

  • Supports IPsec and SSL protocols
  • IPSec offers high interoperability with other devices
  • SSL allows for easy setup between two Sophos UTM appliances
  • Star, hub-and-spoke, and fully meshed configurations
  • Nat-Traversal for establishing tunnels between NAT devices
  • Supports all major encryption and many authentication methods
  • DES, 3DES, AES, Serpent, Blowfish, Twofish
  • MD5, SHA-1
  • XAUTH allows for integration of One-Time-Password systems
  • Full Public Key Infrastructure (PKI) support

Remote Access VPN
For workers in the field requiring easy but secure remote access to their company network, Sophos supports a broad set of industry-standard VPN technologies including IPSec, SSL, Cisco VPN, iOS and native Windows VPN clients.

Learn more about Remote Access VPN

Sophos IPsec Client: A powerful and feature rich client for IPsec based remote access from Windows XP, Windows Vista or Windows 7 based PCs (32 and 64 bit support).

Sophos IPsec Client provides the following features:

  • Authentication via pre-shared key (PSK), PKI (X.509), smartcards, tokens, XAUTH
  • Encryption: AES (128/192/256), DES, 3DES (112/168), Blowfish (128/448), RSA (up to 2048 Bit), DH groups 1/2/5/14, MD5, SHA-256/384/512
  • Intelligent split-tunneling for optimum traffic routing
  • NAT-Traversal support
  • Multilingual (English, German, French)
  • Works with any Sophos UTM appliance running a UTM Network Protection subscription

System requirements

  • 128 MB RAM
  • Hard Drive
  • Windows XP, Vista, 7

Sophos SSL Client: Easy-to-use client for transparent SSL access to all company applications (no “Webifier” required). Installs on Windows, Linux, MacOS and UNIX operating systems.

Sophos SSL Client provides the following features:

  • Proven SSL- (TLS) based security
  • Minimal system requirements
  • Supports MD5, SHA, DES, 3DES and AES
  • Works through all firewalls, regardless of proxies and NAT
  • Independent from browser
  • Offers transparent access to all resources and applications within the corporate network
  • Once installed, runs without requiring administrative rights
  • Available for free with any Sophos UTM appliance running a UTM Network Protection subscription

System requirements

  • 128 MB RAM
  • Hard Drive

HTML5 VPN Portal
Give controlled network access to third parties and IT staff who are outside of the office. Our HTML5 VPN Portal allows access from anywhere.

Learn more about HTML5 VPN Portal

Giving remote access to your corporate resources has never been easier. Our HTML5 VPN Portal is the only solution of its kind with no need for ActiveX, Java or a client to install. Because it's pure HTML5 technology it works on all platforms, from Windows and Macs to iOS and Android. And it’s easy to set up. Automatic login stores resource credentials on the device. There’s no need to give it out to third-party users.

The Sophos HTML5 VPN Portal includes the following features and capabilities:

  • Pure HTML5 based KVM (Keyboard Video Mouse) Client in Portal
  • Only uses HTML5 canvas, web sockets and JavaScript
  • No plugin or client to install
  • No files are stored on devices, keeping data secure
  • Access your network resources with:
  • VNC, RDP, Citrix, SSH, Telnet, WebUI and WebApps
  • Auto-Login makes old single-password devices multiuser capable

Advanced Routing
Advanced routing capabilities in Sophos Network Protection provide optimal path selection, load balancing and stability.

Learn more about Advanced Routing

Sophos Network Protection offers different routing functions.

Static routing enables the manual entry of routers in the WebAdmin.

In policy routing, paths are independently defined by the source, target address and data type. This allows VoIP data to find the least low-lag path or unimportant information to find the cheapest connection route possible.

Dynamic OSPF routing enables the automated recognition of current network topologies and the selection of the most optimal route. Changes to the topology are automatically recognized.

Multicast routing allows for the distribution of single packets to many recipients, making (for example) the assignment of media streams more efficient.

Server Load balancing
Incoming data traffic can be dynamically divided over many servers in a cluster. The failure of a server in the list will be immediately recognized through a customizable availability test. Session persistence guarantees that clients are always connected with the same server.

WAN Link balancing
WAN Link Balancing enables the simple and simultaneous use of up to 32 Internet connections. You can easily balance your traffic across any mix of 3G/UMTS/Ethernet Ports. If your connections have different capacities you can also set different weights for each line to distribute the load accordingly.

Custom quality-of-service options
Sophos QoS can guarantee bandwidth availability for certain types of outgoing network traffic. Applications like P2P, Surfing, ERP or VoIP can be simply defined through a data selector and certain bandwidth pools with priorities can be allocated.

Sophos Network Protection offers the following routing functions:

  • Static/policy
  • Based on source/destination interface, network or service
  • Dynamic
  • OSPFv2 inclusive of MD5 and password authentication
  • BGP-4
  • Multicast
  • PIM-SM

Download the Network Protection datasheet

^Back to top

Email Protection

Protecting email against viruses, spam and data loss can be hard work. You must address infections caused by viruses that get past your desktop defenses, manage spam quarantines and ensure employees properly encrypt their email.

Sophos UTM Email Protection makes it easy to keep your inboxes clear of viruses and spam. We give you accurate, high-capacity mail filtering and email encryption. And handy management tools make life easier for you and your users.

Anti-Spam
Unwanted email can slow your network and your people. Our anti-spam software stops all spam before it’s delivered to employee mailboxes.

Learn more about Anti-Spam

We make sure that only useful emails get to your people. A single Sophos UTM appliance can scan millions of messages per day for multiple domains. And an extensive set of anti-spam technologies provides the highest detection and lowest false positive rates available.

Technologies and capabilities in our anti-spam include:

  • Identifies and disposes unsolicited SMTP and POP3 emails
  • Highest detection rate through combination of multiple methods to identify spam
  • Reputation service with spam outbreak detection (format and language agnostic) using patented Recurrent-Pattern Detection™ technology
  • Realtime Blackhole Lists (RBLs)
  • Dialup network blocking
  • Greylisting
  • BATV (Bounce Address Tag Verification)
  • SPF (Sender Policy Framework) record checking
  • Expression filter
  • Recipient validation (using Active Directory)
  • Reverse-DNS & HELO syntax checks
  • Phishing URL detection
  • Flexible management
  • Emails and attachments can be rejected with message to sender, passed with a warning or quarantined
  • Web-based UserPortal and daily quarantine reports about blocked emails allow for user self-servicing actions

Antivirus Scanning
Our dual scanning engines operate in parallel at the network gateway. So detected viruses and malware never reach employees’ computers.

Learn more about Antivirus Scanning

Malware is most commonly carried via the web and also in emails. Our solution stops malicious content before it enters the network. Our dual-scanning system scans files, messages and website objects twice with different engines. Reducing the risk of new and emerging threats from entering the network undetected.

Our antivirus includes the following features and capabilities:

  • Dual independent virus scanners with multiple detection methods
  • Frequent automatic updates
  • Behavioral scanning
  • Live protection
  • Scans HTTP, HTTPS, FTP, SMTP and POP3 traffic
  • Scans encrypted SMTP traffic
  • Flexible management
  • Easily set up file and content rules. Emails and attachments can be dropped, rejected with message to sender, passed with a warning, or quarantined

Email Encryption
You need to make sure that your email traffic is secure. We do that for you with email that’s automatically encrypted and decrypted at the gateway.

Learn more about Email Encryption

Encryption is an effective way to protect messages against data loss and theft. But it has to be easy to use. We go a step further. Users don’t have to do anything to encrypt and decrypt messages. Our email encryption and digital signing for SMTP emails is completely transparent. Plus, no additional software or client is needed.

We offer complete email encryption functionality inside Sophos UTM, so even small-to-medium businesses can be sure they’re sending secure email:

  • Encryption/decryption and digital Signatures for SMTP emails
  • Supports OpenPGP,S/MIME and TLS
  • Completely transparent to the enduser
  • No additional software on client PC required
  • Easy setup
  • Only three configuration steps to start
  • Central management of all keys and certificates
  • No key or certificate distribution required
  • Allows content/virus scanning even for encrypted SMTP emails
  • Allows usage of internal or external Certificate Authorities (CA)
  • Fully supports X.509 standard for digital certificates

Personal Quarantine & Email Manager
We give employees control over their spam quarantine and message activity. You save time and effort.

Learn more about Personal Quarantine and Email Manager

Our UserPortal allows employees to do email management tasks that otherwise fall to an administrator. Employees can make their own spam whitelist. They can review, release and delete messages. Our UserPortal also includes a personalized mail log. A searchable forensic display allows users to find out what happened to messages that were deleted because of a virus or blacklist entry.

Our web-based UserPortal gives the employee many options for tracking and monitoring quarantined email:

  • SMTP/POP3 Mail Quarantine
  • Search, view, release, download, delete and whitelist spam mails in your personalized quarantine
  • Individual Mail Log
  • Gain a quick overview over your complete email traffic
  • Personal Whitelist
  • Manage your personal email whitelist of sender addresses which should not be subject to spam scans
  • POP3 Account Management
  • Redirect POP3 email accounts through your UTM to take advantage of spam and virus scanning
  • Comprehensive Language Support
  • Available in 15 local languages
  • Customizable HTML Welcome page

Download the Email Protection datasheet

^Back to top

Web Protection

The web can threaten productivity and introduce malware to your network. Sophos Web Protection prevents malware infections and gives you control over employees’ web use. Spyware and viruses are stopped before they can enter the network.

You create easy policies that set where and how employees spend time online. Everything is tracked and arranged in detailed reports so you can see what people are doing and make changes as needed.

Application Control
We help you control the applications that could cause security or legal problems, like P2P or instant messaging. And you get a handle on the unwanted applications that clog your network.

Learn more about Application Control

Knowing how employees are using the Internet is impossible without an accurate picture. With patterns for hundreds of applications, we let you see exactly what apps are being used and by whom.

You’ll know who’s streaming music and slowing down the network. You see if employees are playing games or chatting on Facebook. Limit their use of unwanted apps while giving priority to the ones they need to do their jobs. Tune your network, and make your Internet usage safe and productive.

Application Control feature gives you:

  • Patterns for over 600 relevant applications
  • Deep Layer-7 inspection for true application identification (Next-Generation Firewall)
  • Unclassified application feedback
  • Updates on new applications
  • Complete control to block, allow, shape and prioritize applications
  • Detailed real-time reporting and forensic history
  • Graphical flow-monitor that shows everything as it happens

URL Filtering
Control which websites your employees can access. Protect the network and boost productivity. Block and allow an entire category of websites or a single URL.

Learn more about URL Filtering

Our URL Filtering gives you complete control over what websites can be accessed, by whom and when. Combined with a directory authentication resource like Active Directory, policies can be built for existing users and groups. Detailed reports show how the effectiveness of the policy so adjustments can be made if needed. And buckets can be used to combine categories into a single profile to save time building additional security policies.

Sophos URL Filtering features:

  • Comprehensive Up-to-Date Database with 35+ Million Websites Covering over 3.9 Billion Web Pages in 96 Categories:
  • Nudity, gambling, criminal activities, shopping, drugs, job search, sports, entertainment, etc.
  • Additional categories can be created for individual customization
  • International content from hundreds of countries in 65 languages
  • Re-categorization via online form
  • Fast Response Times through Globally Distributed Database Replications
  • Filter Might also Consider Global Reputation
  • Whitelists and Blacklists to Tailor Access for Groups of Users
  • Many User Authentication Options
  • IP Address, Active Directory SSO, eDirectory SSO, LDAP, RADIUS/TACACS+
  • Time-based access policies

Antivirus/Anti-spyware
A variety of web threats put your network at risk. Our antivirus scanning and spyware filtering stop malicious content before it enters the network.

Learn more about Antivirus/Anti-spyware

Our antispyware uses a live, global database to identify and block spam. Even spyware brought into the network on a USB drive is detected before it infects the network. And employees are notified when spyware is blocked.

Our anti-spyware:

  • Blocks (unintentional) downloads of spyware, adware, and other malicious software
  • Prevents infected systems from sending information back to servers hosting malware
  • Checks against a database of known spyware URLs
  • Filters and removes active content such as Java, Active X, Flash, cookies, VBScript or JavaScript

Our antivirus uses two scanning engines that operate in parallel to provide twice the protection. This helps stop even new and emerging threats from infecting the network.

Our antivirus:

  • Dual independent virus scanners with multiple detection methods
  • Frequent automatic updates
  • Behavioral scanning
  • Live protection
  • Scans HTTP, HTTPS, FTP, SMTP and POP3 traffic
  • Flexible management
  • Easily setup file and content rules
  • Emails and attachments can be dropped, rejected with message to sender, passed with a warning, or quarantined

HTTPS Scanning
Malware and other threats can hide in the encrypted traffic from trusted web sites. Our HTTPS Scanner lets you see this traffic and block malicious content.

Learn more about HTTPS Scanning

Our HTTPS scanner looks deep inside traffic to identify viruses, spyware and other malicious content that is accessed over HTTPS. We use an advanced man-in-the-middle approach to provide a full range of control. We act as a trusted authority that can be deployed by download, email attachment or directory policy push. So we can completely scan HTTPS, and your network is protected even if a trusted website becomes compromised. And programs that tunnel over HTTPS, like anonymous surfing, are prevented from connecting.

Our HTTPS scanning provides:

  • Transparent de-encryption and re-encryption of HTTPS traffic via a trusted man-in-the-middle technique
  • Complete filtering of encrypted HTTPS sessions and their contents via dual antivirus scanners
  • Stops tunneling programs from abusing open HTTPS ports
  • URL filtering for HTTPS sites
  • Automatic validation of server certificates prevents users from (un)intentionally bypassing certificate warning messages
  • Full CA management
  • One-click deployment of gateway certificate
  • Granular tuning and exceptions

Interactive Web and User Reporting
We give you the information you need, clearly and simply. Understand how your employees are using the web and how to improve your network protection.

Learn more about Interactive Web and User Reporting

Good reporting capabilities are powerful. With knowledge of employee behavior and network monitoring, you can get more out of your network protection. We provide clear, detailed and searchable reports. You get the information you need to adjust configurations and define how the Internet can be used.

Our User Reporting keeps you current on what’s going on in the network with:

  • Inline reports
  • Offer up-to-date statistical information for each security application, like Top Domains/Users by traffic or time spend, top email senders/receivers or top blocked attacks
  • Reporting graphs
  • Get easy to read flow graphs with daily, weekly, monthly and yearly statistics on web usage by IP address or user name
  • Executive reports
  • Includes a summary as well as many details about TOP-10 statistics for over 60 areas
  • Can be generated at will and also emailed out to a list of users (e.g. admin and/or CEO) on configurable schedules
  • Report anonymization
  • Hides user names and addresses within reports
  • Uses 4-eyes-principle to unhide selected names

Our Interactive Web Reporting system reacts to your data requests. The data shifts to match your needs. This gives you as much – or as little – detail as you need.

Interactive Web Reporting allows you to:

  • Move up, drill down, and even shift sideways through the data without starting over or “hitting bottom”
  • Add and edit filters at any time
  • Know exactly what users search for at the major search engines
  • Use departmental reports to easily view usage by company sections
  • Save all results for future reference
  • Mail any report immediately on-demand
  • Use report subscriptions to send one/multiple reports to one/multiple recipients at desired intervals

Download the Web Protection datasheet

^Back to top

Web Server Protection

Attackers can easily take advantage of your web server’s weaknesses to steal data, obtain unauthorized access and infect systems. They simply have to do something the web server doesn’t expect. Manually protecting the web server against these threats requires specialized expertise.

Sophos Web Server Protection eliminates this need. We use a reverse proxy to protect your web server and web applications against the unknown. A clear administrative interface simplifies policy setting.

Web Application Firewall
Hackers can use a number of attack methods to silently test your site and applications for security holes. Our Web Application Firewall keeps hackers at bay by scanning their activity and identifying probes and attacks.

Learn more about Web Application Firewall

The Sophos Web Application Firewall adds a scanning engine and attack pattern recognition to the Web Server Protection suite of tools. Easily create a security profile and in minutes your servers are protected from attacks like SQL injection and cross-site scripting (XSS). Patterns are downloaded and applied in real time to keep you protected automatically.

The Sophos Web Application Firewall identifies and prevents attacks against your web servers and applications:

  • Over 350 patterns are dedicated to this single area of protection
  • Live-updated in real time using Sophos Up2Date technology
  • Can be configured by any administrator, no special training is required
  • Support for multiple profiles, which can be applied to different servers separately
  • No complex regular expressions to master
  • Reduces the risk of data theft and site tampering

Antivirus Scanning
Our dual scanning engines operate in parallel at the network gateway, scanning all traffic to and from your web servers. Visitors are unable to upload infected content, and your servers are protected from exploits. Making sure they don’t hand out malicious files and infected content to your customers.

Learn more about Antivirus Scanning

Malware is most commonly carried via the web and also in emails. Our solution stops malicious content before it enters the network. Our dual-scanning system scans files, messages and website objects twice with different engines. Reducing the risk of new and emerging threats from entering the network undetected.

Our antivirus includes the following features and capabilities:

  • Dual, independent virus scanners with multiple detection methods
  • Virus signatures
  • Heuristic analysis
  • Scans HTTP and HTTPS, traffic to and from your servers
  • Compares content to a huge signature database
  • More than 800,000 virus signatures
  • Frequent automatic updates
  • Features flexible management
  • Can specify to scan uploads, downloads or both

Form Hardening
We inspect and validate the information submitted by visitors via forms on your websites. This stops users from submitting invalid data that can damage or exploit your server.

Learn more about Form Hardening

Form hardening is designed to prevent website visitors from submitting unexpected information via web forms. We check the data for each field to make sure it is valid. For example, if a user is offered a ratings dropdown with a possible value of “1-5,” any other number is invalid. Sophos Form Hardening rejects the form so your web server and applications remain protected.

Sophos Form Hardening technology gives you control of the data submitted via forms on your site with:

  • Form data analysis
  • Legitimate response awareness
  • Encrypted response packaging
  • Rejection of tampered forms
  • Rejection of forms that remove the form hardening package

URL Hardening
When your web server tries to interpret a crafted URL, it can create a hole that can be used to obtain access to your server. Our URL Hardening technology enforces the requests that a visitor is allowed to make, restricting them to valid ones only.

Learn more about URL Hardening

URL Hardening enforces the requests a client is allowed to make of a web server. It makes certain that the user’s next click is one the web server is actually expecting. This protects your web server if you have left a directory open, misconfigured a script/application or otherwise left your site open to exploitation. Simply define the “ingress” points for your website (i.e., www.sophos.com).

Sophos auto-whitelists’ the users next available “moves” by examining the valid links and navigable points the web server issues. Thus, URL Hardening regulates users’ activity to known paths and areas of expected access.

Sophos URL Hardening lets you keep visitors on proper paths as they move around your site(s):

  • Define and manage allowed entry URLs
  • Prevent unwanted "deep-linking" to your site and control entry points
  • Inspect the objects returned from a server in response to a user request and enforce that the next thing they request is on that list
  • Prevent users from passing commands to your servers that can exploit or overwhelm them
  • Keep visitors from accessing areas of the site not meant for them, like an /admin directory that is not appropriately secured
  • On-the-fly inspection and building of object and URL whitelist customizes the feature per-user

Cookie Protection
Hackers can exploit cookies and put your website visitors at risk. Our Cookie Protection ensures that the cookies given to visitors by your web servers have not been tampered with. Each cookie is digitally signed so the integrity of the information can be verified.

Learn more about Cookie Protection

Attackers can exploit the contents of cookies for their own gain. You can prevent cookie tampering by becoming an expert on cookies and how they can be used against users. Or you can prevent cookie tampering with Sophos Cookie Protection. Each cookie is digitally signed. Any attempt to tamper the cookie invalidates the signature. The server can verify that the cookie is valid before it is processed.

Sophos Cookie Protection prevents hackers from changing the contents of a cookie distributed by your web server(s) to your users:

  • Digitally signs each cookie
  • Tampering with the cookie invalidates the signature
  • Cookies declared invalid by Sophos Web Protection are not be handed to the web server
  • Protects against cookie poisoning techniques and other creative attacks that exploit these common data points

Download the Web Server Protection datasheet

^Back to top

Wireless Protection

Your wireless networks need the same policies and protection as the wired network. This can be difficult without a way to centrally manage the network and extend your security. We give you these capabilities with Wireless Protection. Now the wireless network is easily managed and protected, ensuring consistency across your organization.

Central Management
Sophos UTM acts as a wireless controller, centrally managing Sophos Wireless Access Points. All configuration, logging and troubleshooting is done within the UTM appliance.

Learn more about Central Management

Sophos Wireless Access Points are similar to thin clients in relation to the Sophos UTM. Intelligence in the access points is minimized and centralized in the Sophos UTM instead. Our built-in reporting displays information about connected wireless clients without the need for a separate tool. Controlling your wireless networks has never been easier.

Sophos Wireless Protection provides the following central management features:

  • Thin access point technology
  • Built-in wireless controller in Sophos UTM

Wi-Fi Hotspot
Easily set up wireless Internet access for guests or temporary users without the risk of compromising the integrity of your network.

Learn more about Wi-Fi Hotspot

Guests and contractors expect to get Internet access when they visit an organization. There isn’t an easy way to set up the infrastructure for this with time-based access and passwords for connecting. With Sophos UTM, you can easily configure various types of hotspots, depending on your policies for wireless access. With a voucher-based hotspot, for example, you have the flexibility to freely define Internet vouchers based on the validity period, a time quota or the data volume.

Download the Wireless Protection datasheet

Watch the Sophos UTM Wireless Protection Video

^Back to top

Sophos VPN Clients

High speed Internet connections mean businesses are becoming more spread out. With more and more people working outside the main office, you need an easy and secure means of connecting them to the corporate network. Sophos VPN Clients let you do that with options on how to allow users to connect.

Sophos IPsec Client
A powerful and feature rich client for IPsec based remote access from Windows XP, Windows Vista or Windows 7 based PCs (32 and 64 bit support).

Learn more about Sophos VPN Clients

Sophos IPsec Client provides the following features:

  • Authentication via pre-shared key (PSK), PKI (X.509), smartcards, tokens, XAUTH
  • Encryption: AES (128/192/256), DES, 3DES (112/168), Blowfish (128/448), RSA (up to 2048 Bit), DH groups 1/2/5/14, MD5, SHA-256/384/512
  • Intelligent split-tunneling for optimum traffic routing
  • NAT-Traversal support
  • Multilingual (English, German, French)
  • Works with any Sophos UTM appliance running a UTM Network Protection subscription

System requirements:

  • 128 MB RAM
  • Hard Drive
  • Windows XP, Vista, 7

Sophos SSL Client
Easy-to-use client for transparent SSL access to all company applications (no “Webifier” required). Installs on Windows, Linux, MacOS and UNIX operating systems.

Learn more about Sophos SSL Client

Sophos SSL Client provides the following features:

  • Proven SSL- (TLS) based security
  • Minimal system requirements
  • Supports MD5, SHA, DES, 3DES and AES
  • Works through all firewalls, regardless of proxies and NAT
  • Independent from browser
  • Offers transparent access to all resources and applications within the corporate network
  • Once installed, runs without requiring administrative rights
  • Available for free with any Sophos UTM appliance running a UTM Network Protection subscription

System requirements:

  • 128 MB RAM
  • Hard Drive
  • Windows 2000/XP, Windows Vista, Windows 7, Linux, Mac OS X, BSD or Solaris

"One-Click" VPN
Users can download and install their individual VPN packages including software, configuration files, keys and certificates from the Sophos UTM "UserPortal" by a single mouse click. The complete client PC installation with all components is done within minutes – no configuration required by the end user.

Download the VPN Clients datasheet

^Back to top

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information