- Blocks evasive zero-day ransomware and targeted threats with Sophos Sandstorm
- Automatically isolates endpoints upon detection of a missing Security Heartbeat™
- Proactive protection by dynamically identifying unknown application traffic
- Adds enterprise-grade Secure Web Gateway policy enforcement and tools
- Available as a hardware appliance, software or virtual appliance, or for Microsoft Azure, extending support for IaaS environments
OXFORD, U.K., Dec. 20, 2016 - Sophos (LSE: SOPH), a global leader in network and endpoint security, today launched its latest version of the next-generation Sophos XG Firewall. This new version strengthens the delivery of enterprise-grade security to organizations of all sizes with the addition of Sophos Sandstorm, the extension of the Security Heartbeat™ to automatically isolate an endpoint with a missing heartbeat, the dynamic identification of application traffic and the inclusion of an advanced secure web gateway that dramatically improves protection while simplifying policy and enforcement.
Sophos Sandstorm is the next-generation cloud-sandbox technology that gives customers advanced defense against zero-day threats without additional hardware. It provides payload analysis to block evasive threats like ransomware disguised as executables, PDFs and Microsoft Office documents — sending them to its cloud-sandbox to be detonated and observed in a safe environment. This out-of-band cloud sandbox maximizes network performance and throughput providing a transparent user experience while delivering IT admin with a detailed threat report for every incident delivering high levels of visibility into network events.
"Today's sophisticated attacks can't be stopped by merely increasing the number of standalone security products - defenses need to communicate and coordinate in order to be effective," commented Chris Kraft, vice president of product management for the Network Security Group at Sophos. "Sophos Sandstorm leverages real-time threat intelligence and dynamic sample detonation service in the cloud to prevent advanced zero-day threats from impacting networks and endpoints. Integrating sandboxing into our synchronized security platform accelerates the speed at which an IT organization can identify and prevent a threat from spreading without requiring additional hardware or expertise. Our innovation in synchronized security is leading the industry in changing the way organizations protect themselves against today's advanced threats, and the XG Firewall is how we deliver it."
The Security Heartbeat pulses real-time information about suspicious behavior or malicious activity between endpoints and the network firewall or UTM. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach. A new capability in the Sophos XG Firewall is the detection of a missing ‘heartbeat' which usually indicates an endpoint has been tampered with or has become infected. If an endpoint has active network traffic but no Security Heartbeat, the XG Firewall will isolate and restrict access to and from the affected device, while the endpoint protection automatically remediates the attack. In addition, Sophos XG Firewall now includes destination heartbeat protection, which blocks endpoints from trying to communicate to an infected device or server, preventing further infection within a network. Sophos makes this sophisticated technology simple to manage, with traffic light-style indicators that provide instant insights into the health state of network devices. IT organizations can benefit from all of these advanced threat protection capabilities without requiring additional agents, layers of complex management tools, logging and analysis tools or expense.
"Sophos has made the XG Firewall part of an intelligent security system which is very attractive to companies who don't have dedicated teams of IT security experts," said Joshua Mittler, senior research analyst at NSS Labs. "The synchronized security strategy is gaining popularity as the automatic isolation of suspicious or compromised endpoints dramatically increasing protection and the organizations' ability to act effectively following a security incident. Sophos is one of the first to deliver this type of simple, intelligent and coordinated approach to IT security."
Significant new features in Sophos XG Firewall include:
- Sophos Sandstorm - Blocks evasive zero-day threats like ransomware, disguised as executables, PDFs and Microsoft Office documents - sending them to its cloud-sandbox to be detonated and observed in a safe environment
- Synchronized Security - Extends Security Heartbeat by adding missing heartbeat detection and destination Heartbeat protection. Control access to endpoints and servers based on the status of their heartbeat, restricting potentially compromised systems until they are completely safe. In addition, the XG Firewall can determine the application responsible for generating unknown traffic on your network
- Enterprise-Grade Secure Web Gateway (SWG) - New inheritance-based policy building tool enables multiple user and group based web control policies to be built easily. Plug a full web policy into a single firewall rule for enforcement – dramatically reducing rule count
- Microsoft Azure Support - Available as a preconfigured virtual machine within the Azure Marketplace, IT managers can deploy seamlessly using Azure Resource Manager templates or customize deployment according to their needs. Sophos XG Firewall provides detailed, out-of-the-box reports that are generated and stored locally, giving them a view of exactly what their users are doing
- Streamlined User Experience - XG Firewall makes managing network security easier than ever with all-new navigation with a logically organized menu and tabs for click access to anywhere. Streamlined firewall rule screen makes it easier and more intuitive to build sophisticated rules
The Sophos XG Firewall is available on-premise as a hardware appliance or for all the major virtualization platforms as well as through the Microsoft Azure marketplace for securing infrastructure-as-a-service deployments in the cloud.
Available models range from a desktop appliance with integrated Wi-Fi to rack-mount appliances purpose built for the data center. Pricing is available from authorized Sophos partners worldwide.