FAQ

Frequently asked questions about Sophos Unified Threat Management on Amazon Web Services.

What is Sophos Unified Threat Management (UTM) on Amazon Web Services (AWS)?

Sophos UTM is a virtualized security solution that runs on an Amazon Elastic Compute Cloud (EC2) instance, and deploys into an Amazon Virtual Private Cloud (VPC). It provides an additional layer of security to help protect the applications, data and workloads in your AWS environment. Sophos UTM is an all-in-one solution that combines stateful packet inspection and control, Intrusion Prevention System (IPS), layer-7 application control, Virtual Private Network (VPN) connectivity, and a Web Application Firewall (WAF).

 

What can I do with Sophos UTM on AWS?

Sophos UTM on AWS goes beyond traditional Security Groups, by offering advanced firewall features. These features let you specify rules based on source and destination IP addresses, TCP and UDP ports, as well as providing deep packet inspection of all network traffic to detect and help prevent against malicious activity. In additional to Intrusion Prevention (IPS), Sophos UTM on AWS also provides a web application firewall (WAF) to help prevent against SQL Query injection (SQLi) and cross-site scripting (XSS) attacks. VPN technology allows you to create secure site-to-site network connections whether between the cloud and on-premises, or between regions in the cloud. Finally, Sophos UTM on AWS provides a centralized, easy-to-use, management console to help you manage the security of your AWS environment.

 

How is Sophos UTM on AWS different than the Sophos UTM that can be run on-premises?

Sophos UTM on AWS offers the same features and benefits as Sophos UTM running on-premises, but has been optimized to run in the AWS cloud. For example, you can use Amazon CloudWatch to send alarms to trigger scaling activities and Elastic Load Balancing to help distribute traffic to your UTM on AWS workers within Auto Scaling groups. This allows you to scale your protection up or down to match the capacity and protection requirements of your applications and workloads. You can use CloudFormation templates to specify your UTM configuration, and all of your configuration information is stored in an Amazon S3 bucket.

 

Do I need security solutions beyond what AWS provides?

AWS espouses a shared responsibility model, so it is important to understand the difference between security measures AWS implements and manages, versus security measures that you must implement and manage. In a nutshell, while AWS actively manages the security of their cloud, you retain responsibility for managing and maintaining the security of your applications and data in the AWS cloud. You can learn more by visiting the AWS Shared Responsibility page.

 

How is Sophos UTM on AWS different than Security Groups I create in my AWS account?

Security Groups within AWS act as a virtual firewall controlling inbound and outbound traffic to AWS resources residing in an Amazon Virtual Private Cloud (VPC). There are limits on the number of Security Groups you can create per VPC, as well as the number of rules you can place in each Security Group. Security Groups are stateful, meaning they keep track of a connection table at the Transport layer, but they do not provide deep packet inspection to help safeguard against malicious network traffic. Sophos UTM on AWS goes beyond traditional Security Groups, by offering advanced firewall features. These features let you specify rules based on source and destination IP addresses, TCP and UDP ports, as well as providing deep packet inspection of all network traffic to detect and help prevent against malicious activity. In additional to Intrusion Prevention (IPS), Sophos UTM on AWS also provides a web application firewall (WAF) to help prevent against SQL Query injection (SQLi) and cross-site scripting (XSS) attacks. VPN technology allows you to create secure site-to-site network connections whether between the cloud and on-premises, or between regions in the cloud. Finally, Sophos UTM on AWS provides a centralized, easy-to-use, management console to help you manage the security of your AWS environment.

 

Does Sophos UTM on AWS leverage other AWS services?

Yes. Sophos UTM on AWS leverages a number of AWS services including RESTful APIs, CloudWatch, CloudFormation, Auto Scaling, EC2, and S3. For example, you can use Amazon CloudWatch to send alarms to trigger scaling activities and Elastic Load Balancing to help distribute traffic to your UTM on AWS workers within Auto Scaling groups. This allows you to scale your protection up or down to match the capacity and protection requirements of your applications and workloads. You can use CloudFormation templates to specify your UTM configuration, and all of your configuration information is stored in an Amazon S3 bucket.

 

How do I get started with Sophos UTM on AWS?

Getting started with Sophos UTM on AWS is simple. Visit the AWS Marketplace. Select the Sophos UTM on AWS offering that fits your needs (i.e. Stand-alone or Auto Scaling), and your budget (e.g. PAYG or BYOL). The instructions on the offering page will walk you through configuration options before launching Sophos UTM on AWS into your Amazon VPC. You can visit the Sophos Community Knowledge Base for more information on how to configure and use Sophos UTM on AWS.

 

How is Sophos UTM on AWS licensed?

Sophos UTM on AWS offers you 2 licensing options—pay-as-you-go (PAYG) or bring-your-own-license (BYOL). PAYG licensing allows you to get started with the least amount of friction, so you can evaluate the solution and pay only for what you use. BYOL allows you to bring a license that you have purchased from a Sophos Partner, often at a discount from PAYG.

 

Is Sophos UTM on AWS available for trial?

Yes. Sophos UTM on AWS is available for a 30-day free trial. At the end of your free trial your Sophos UTM on AWS will convert to the normal PAYG rate.

 

How much does Sophos UTM on AWS cost?

The cost of Sophos UTM on AWS depends on whether you choose PAYG or BYOL. Pricing consists of 2 variables including the hourly Sophos software cost and the hourly Amazon Elastic Compute Cloud (EC2) instance cost. For PAYG you will pay the hourly sum of the Sophos software and EC2 instance costs. For example, in the US East (N. Virginia) running Sophos UTM on AWS with a C4.large EC2 instance, the software cost is $0.44/hr and the EC2 instance cost is $0.10, for a total hourly cost of $0.54. If you choose to BYOL, you only pay for the hourly EC2 instance cost, because you are bringing a license for which you’ve already paid. You can visit the Sophos UTM on AWS listings for the latest pricing information on both PAYG and BYOL.

 

In which regions is Sophos UTM on AWS available?

Sophos UTM on AWS is currently available in 14 AWS regions including US East (N. Virginia, Ohio), US West (N. California, Oregon), EU (Frankfurt, Ireland, London), Asia Pacific (Mumbai, Singapore, Sydney, Tokyo, Seoul), South America (Sao Paulo), Canada (Central). We continually add support for new regions based on customer demand. You can visit the Sophos UTM on AWS listing on the AWS Marketplace for the latest information on regional availability.

 

How can I get support for issues I encounter with Sophos UTM on AWS?

When you launch Sophos UTM on AWS, whether PAYG or BYOL, you have the option to share your contact details within the AWS Marketplace Product Support Connection. When you opt-in, you get Sophos support by phone and email. You may receive additional support, if you purchased a BYOL license and a support contract through a Sophos Partner. Finally, you can also visit the community driven support site.