Upload
informatikafortuno
View
1.568
Download
2
Embed Size (px)
Citation preview
Vinkovci, Croatia4. March 2016
Sophos UTM
Nebojša StankićChannel Account Executive South Eastern EuropeSophos Ltd.
Sophos UTM
2
Remember the ’90s?Think back to the time before the mobile revolution
You didn’t have to worry about all of these:
3
The history of firewallsFirst generation to next generation
1st generation: Packet filters2nd generation: “Stateful”
filters3rd generation: Application level
4
IPv6
What’s changed: Technology
5
BYOD
Private cloud
Wireless
VPN
What’s changed: Threats
SQL injectionPhishingSpamMalware
6
Security implications: Data loss
7
What’s changed: The way we work
Road warriors Remote offices Consumer devices
8
Security implications:Protecting data everywhere
9
What’s changed: Tools
10
Point Products vs. Unified Threat Management (UTM)
Back in the ’90s:
Sophos today:
Best of breed individual solutionsorCompromise on protection for convenience
Best of breed individual solutionsorBest of breed unified solution
vs.
UTM: Firewall
11
Application Awareness
User Awareness
Visibility
UTM: Wireless protection
12
Guests
BYOD
Remote Offices
UTM: Endpoint protection
13
Global Visibility
Latest Protection
Removable media control
UTM: Network protection
14
Intrusion Prevention
VPN
Remote Offices
UTM: Web protection
15
Web security
Content filtering
Application control
UTM: Email protection
16
Anti-virus
Encryption
POP3/IMAP filtering
Anti-spam/anti-phishing
UTM: Web server protection
17
SQLi/XSS protection
Anti-virus
Form hardening
Cookie protection
optional
UTM Endpoint Protection
• Antivirus• HIPS• Device Control
Sophos UTM
optional
UTM Webserver Protection
• Reverse proxy• Web application firewall• Antivirus
UTM Network Protection
• Intrusion prevention• IPSec/SSL VPN• Branch office security
UTM Wireless Protection
•Wireless controller for Sophos access points
•Multi-zone (SSID) support
UTM Web Protection
• URL Filter• Antivirus & antispyware• Application controlUTM Email Protection
• Anti-spam & -phishing• Dual virus protection• Email encryption
Essential Network Firewall
• Stateful firewall• Network address translation• PPTP/L2TP remote access
optional
optionaloptional
optional
Protection for today’s needs
19
Complete security
Email Data Endpoint Mobile Web Network
WiFi security
Access control
Data Control
Content control
Firewall
Email encryption
Virtualization
Endpoint Web Protection
Mobile Control Secure branch offices
HTTPS Scanning
Encryption for cloud
Mobile app security
Web ApplicationFirewall
Malicious URL Filtering
Anti-spam
Patch Manager
ApplicationControlDevice Control
Encryption
Everything you need to stay protected
Anti-malware Anti-malwareDisk Encryption
Device Control
Data Control
Anti-malwareAnti-malware
Intrusion prevention
ProducttivityFiltering
Anonymising Proxy blocking
Email archiving
Unified Threat Management
File encryption
Key management
Data Control
Overview
• Other devices and software…
RED (Remote Ethernet Device) Access Points
Sophos UTM Manager VPN Clients
Management made easy
Individual UserPortal Comprehensive ReportingIntuitive Dashboard
23
Hint: Microsoft Forefront Threat Management Gateway replacement
Reporting needs
• Reporting is key to demonstrating value:
• How did those endpoints become infected?
• Which departments are using up all our internet bandwidth?
• Someone reported a colleague for accessing websites which are against company policy, is it true?
• Can I demonstrate to my boss that our security strategy is effective?
What is Sophos iView?
• Logging and reporting appliance add-on for UTM• Offers single view of an entire network activity• Provides logs and reports related to:
• Intrusions• Attacks• Viruses• Traffic• Spam • Blocked web attempts
• Provides visibility into networks for multiple devices• Out-of-the-box deployment without the need for technical
expertise
Sophos iView features
1. Added visibility
2. Consolidated Reporting
3. Security Intelligence
4. Log Management
Added visibility
Added visibilitycompliance achievment example
Sophos XG Firewall
Leading Threat Protection
RED for Distributed Networks
Accelerated Packet Filtering
User Threat Quoient
Secure Wi-Fi & Access Points
Web Protection Technologies
Layer 8 User Identity Policies
Leading Application Control
+ New innovations• Security Heartbeat™• Interactive Control Center• Simplified Policy Authoring• Expanded reporting
SOPHOS LABS
Heartbeat
Accelerated Threat Discovery
Active Source Identification
Automated Incident Response
Sophos Cloud
Next Gen Network Security
Next Gen Enduser Security
Sophos Security Heartbeat™
Comprehensive Next-Gen Network
SOPHOS FIREWALLOPERATING SYSTEM
Web Filtering
IntrusionPrevention
SystemRouting
EmailSecurit
y
SecurityHeartbeat
SelectiveSandbox
ApplicationControl
Data LossPrevention
ATPDetectionProxy
ThreatEngine
Firewall
Runs on today’sSG Series
Pre-installed on new
XG Series
New Sophos Firewall OS
Highly requested features IN XG Firewall (NOT in UTM 9)
- User and Zone based polices
- IPS and QoS settings per rule
- Firmware roll-back- Improved reporting- TAP mode deployments- Improved user
authentication- Packet capture in UI- IMAP Proxy
Great Cyberoam Technology Added- User-Identity based Firewall- FastPath packet optimization- Authentication- IPS- App Control- iView Reporting- Centralized Management & Reporting
Great Sophos UTM 9 Technology- Wireless- RED- WAF- ATP- SPX- Object Model- Web Proxy Engine- Sophos AV Engine- Clientless Access
Great Sophos Cloud Technology- Endpoint management
(with Security Heartbeat)
UTM features coming in future releases
- 3+ node clustering- Some web security features
(override, category quotas)- SMC Integration
UTM features Coming in XG Firewall v16
- Clustering with dynamic addresses
- Clustering/HA for “w” models
- Site-to-Site RED Tunnels- Warn web filtering action- Email MTA store & forward- Email SMTP Profiles- Email SPX Secure Reply
& Cover Page- OTP/2FA Support- Clone Rules
Innovations (NOT in UTM 9)
- Security Heartbeat- Unified policy model- WAF Policy Templates- UTQ and App Risk
Reports
XG Firewall v16 vs UTM 9 Feature Overlap
XG AdvantageSophos XG
FirewallFortinet
20-90Dell
SonicWallTZ Series
WatchGuard XTM
Network Firewall Protection ✔ ✔ ✔ ✔Advanced Threat Protection ✔ ✔ ✔ ✔Security Heartbeat™ ✔Unified Policies ✔User Risk Visibility (UTQ) ✔FastPath Packet Optimization ✔ ✔Site to Site Remote user VPN ✔ ✔ ✔ ✔Secure Web Gateway ✔ ✔ ✔ ✔Complete Email: AV, AS, Encrypt, DLP
✔ $ $ $Dual antivirus engines ✔Secure Wi-Fi ✔ ✔ ✔ ✔Reverse Proxy ✔Web Application Firewall (WAF) ✔ $ $User Portal ✔ ✔Full Reporting ✔ $ $ $Best TMG Feature Parity ✔Discover Mode Deployment (TAP) ✔ ✔ ✔ ✔
• Competitive differentiators
• Security Heartbeat
• Unified policy• User Threat
Quotient
• Comparative differentiators
• FastPath• User-based
Firewall Policies• Discover Mode
(TAP)
Thank You - Questions?
44
© Sophos Ltd. All rights reserved.