Vinkovci, Croatia4. March 2016

Sophos UTM

Nebojša StankićChannel Account Executive South Eastern EuropeSophos Ltd.

Sophos UTM

2

Remember the ’90s?Think back to the time before the mobile revolution

You didn’t have to worry about all of these:

3

The history of firewallsFirst generation to next generation

1st generation: Packet filters2nd generation: “Stateful”

filters3rd generation: Application level

4

IPv6

What’s changed: Technology

5

BYOD

Private cloud

Wireless

VPN

What’s changed: Threats

SQL injectionPhishingSpamMalware

6

Security implications: Data loss

7

What’s changed: The way we work

Road warriors Remote offices Consumer devices

8

Security implications:Protecting data everywhere

9

What’s changed: Tools

10

Point Products vs. Unified Threat Management (UTM)

Back in the ’90s:

Sophos today:

Best of breed individual solutionsorCompromise on protection for convenience

Best of breed individual solutionsorBest of breed unified solution

vs.

UTM: Firewall

11

Application Awareness

User Awareness

Visibility

UTM: Wireless protection

12

Guests

BYOD

Remote Offices

UTM: Endpoint protection

13

Global Visibility

Latest Protection

Removable media control

UTM: Network protection

14

Intrusion Prevention

VPN

Remote Offices

UTM: Web protection

15

Web security

Content filtering

Application control

UTM: Email protection

16

Anti-virus

Encryption

POP3/IMAP filtering

Anti-spam/anti-phishing

UTM: Web server protection

17

SQLi/XSS protection

Anti-virus

Form hardening

Cookie protection

optional

UTM Endpoint Protection

• Antivirus• HIPS• Device Control

Sophos UTM

optional

UTM Webserver Protection

• Reverse proxy• Web application firewall• Antivirus

UTM Network Protection

• Intrusion prevention• IPSec/SSL VPN• Branch office security

UTM Wireless Protection

•Wireless controller for Sophos access points

•Multi-zone (SSID) support

UTM Web Protection

• URL Filter• Antivirus & antispyware• Application controlUTM Email Protection

• Anti-spam & -phishing• Dual virus protection• Email encryption

Essential Network Firewall

• Stateful firewall• Network address translation• PPTP/L2TP remote access

optional

optionaloptional

optional

Protection for today’s needs

19

Complete security

Email Data Endpoint Mobile Web Network

WiFi security

Access control

Data Control

Content control

Firewall

Email encryption

Virtualization

Endpoint Web Protection

Mobile Control Secure branch offices

HTTPS Scanning

Encryption for cloud

Mobile app security

Web ApplicationFirewall

Malicious URL Filtering

Anti-spam

Patch Manager

ApplicationControlDevice Control

Encryption

Everything you need to stay protected

Anti-malware Anti-malwareDisk Encryption

Device Control

Data Control

Anti-malwareAnti-malware

Intrusion prevention

ProducttivityFiltering

Anonymising Proxy blocking

Email archiving

Unified Threat Management

File encryption

Key management

Data Control

Overview

• Other devices and software…

RED (Remote Ethernet Device) Access Points

Sophos UTM Manager VPN Clients

Management made easy

Individual UserPortal Comprehensive ReportingIntuitive Dashboard

23

Hint: Microsoft Forefront Threat Management Gateway replacement

Reporting needs

• Reporting is key to demonstrating value:

• How did those endpoints become infected?

• Which departments are using up all our internet bandwidth?

• Someone reported a colleague for accessing websites which are against company policy, is it true?

• Can I demonstrate to my boss that our security strategy is effective?

What is Sophos iView?

• Logging and reporting appliance add-on for UTM• Offers single view of an entire network activity• Provides logs and reports related to:

• Intrusions• Attacks• Viruses• Traffic• Spam • Blocked web attempts

• Provides visibility into networks for multiple devices• Out-of-the-box deployment without the need for technical

expertise

Sophos iView features

1. Added visibility

2. Consolidated Reporting

3. Security Intelligence

4. Log Management

Added visibility

Added visibilitycompliance achievment example

Sophos XG Firewall

Leading Threat Protection

RED for Distributed Networks

Accelerated Packet Filtering

User Threat Quoient

Secure Wi-Fi & Access Points

Web Protection Technologies

Layer 8 User Identity Policies

Leading Application Control

+ New innovations• Security Heartbeat™• Interactive Control Center• Simplified Policy Authoring• Expanded reporting

SOPHOS LABS

Heartbeat

Accelerated Threat Discovery

Active Source Identification

Automated Incident Response

Sophos Cloud

Next Gen Network Security

Next Gen Enduser Security

Sophos Security Heartbeat™

Comprehensive Next-Gen Network

SOPHOS FIREWALLOPERATING SYSTEM

Web Filtering

IntrusionPrevention

SystemRouting

EmailSecurit

y

SecurityHeartbeat

SelectiveSandbox

ApplicationControl

Data LossPrevention

ATPDetectionProxy

ThreatEngine

Firewall

Runs on today’sSG Series

Pre-installed on new

XG Series

New Sophos Firewall OS

Highly requested features IN XG Firewall (NOT in UTM 9)

- User and Zone based polices

- IPS and QoS settings per rule

- Firmware roll-back- Improved reporting- TAP mode deployments- Improved user

authentication- Packet capture in UI- IMAP Proxy

Great Cyberoam Technology Added- User-Identity based Firewall- FastPath packet optimization- Authentication- IPS- App Control- iView Reporting- Centralized Management & Reporting

Great Sophos UTM 9 Technology- Wireless- RED- WAF- ATP- SPX- Object Model- Web Proxy Engine- Sophos AV Engine- Clientless Access

Great Sophos Cloud Technology- Endpoint management

(with Security Heartbeat)

UTM features coming in future releases

- 3+ node clustering- Some web security features

(override, category quotas)- SMC Integration

UTM features Coming in XG Firewall v16

- Clustering with dynamic addresses

- Clustering/HA for “w” models

- Site-to-Site RED Tunnels- Warn web filtering action- Email MTA store & forward- Email SMTP Profiles- Email SPX Secure Reply

& Cover Page- OTP/2FA Support- Clone Rules

Innovations (NOT in UTM 9)

- Security Heartbeat- Unified policy model- WAF Policy Templates- UTQ and App Risk

Reports

XG Firewall v16 vs UTM 9 Feature Overlap

XG AdvantageSophos XG

FirewallFortinet

20-90Dell

SonicWallTZ Series

WatchGuard XTM

Network Firewall Protection ✔ ✔ ✔ ✔Advanced Threat Protection ✔ ✔ ✔ ✔Security Heartbeat™ ✔Unified Policies ✔User Risk Visibility (UTQ) ✔FastPath Packet Optimization ✔ ✔Site to Site Remote user VPN ✔ ✔ ✔ ✔Secure Web Gateway ✔ ✔ ✔ ✔Complete Email: AV, AS, Encrypt, DLP

✔ $ $ $Dual antivirus engines ✔Secure Wi-Fi ✔ ✔ ✔ ✔Reverse Proxy ✔Web Application Firewall (WAF) ✔ $ $User Portal ✔ ✔Full Reporting ✔ $ $ $Best TMG Feature Parity ✔Discover Mode Deployment (TAP) ✔ ✔ ✔ ✔

• Competitive differentiators

• Security Heartbeat

• Unified policy• User Threat

Quotient

• Comparative differentiators

• FastPath• User-based

Firewall Policies• Discover Mode

(TAP)

Thank You - Questions?

44

© Sophos Ltd. All rights reserved.