Sophos today announced the latest version of its next-generation Sophos XG Firewall that delivers a breakthrough in network traffic visibility. Using Synchronized Security to obtain information from the endpoint, XG Firewall can identify, classify and allow the control of all previously unknown applications active on the network, such as those which don’t have signatures or are using generic HTTP or HTTPS connections. Synchronized App Control on XG Firewall is an industry first and can reduce the security risks associated with unidentified traffic by allowing administrators to see exactly what is on their network.
“The latest version of the Sophos XG Firewall represents a significant improvement in network application visibility, especially in regards to unknown applications. It’s an innovative solution to an industry-wide problem that has been getting increasingly challenging over time.” Rob Ayoub, research director, IDC Security Products said.
Synchronized App Control will automatically associate discovered applications with appropriate categories where possible and administrators can assign unknown apps to categories that will block or prioritize them as desired. Interactive application reporting provides deep insight into daily traffic activity.
“In a recent study, IT professionals admitted that about 60 percent of network traffic is unknown, and the security risks associated with this tops their list of concerns,” added Dan Schiappa, senior vice president and general manager of Enduser and Network Security Groups at Sophos. “Sophos can identify this traffic because the endpoint knows exactly what applications are running and it can share this data with the firewall through the Sophos Security Heartbeat. Synchronized App Control has improved visibility and increased the IT administrators’ ability to proactively manage network traffic. This new technology is a game changer for the IT professional who is no longer prepared to accept the gaps and blind spots that stand alone firewall and endpoint solutions have created in their environments.”
Sophos XG Firewall is available for on-premise and cloud deployment, on all the major virtualization platforms as well as through the Microsoft Azure marketplace. Both Sophos Endpoint Protection and the next-generation anti-ransomware solution Intercept X will provide the XG Firewall with the Synchronized Security data required for this new level of traffic identification.
In addition, Sophos has introduced new XG Series hardware appliances that provide a modular system for connectivity with a wide variety of integrated connectivity and FleXi Port modules. The addition of two fail-safe bypass port pairs on-board every 1U appliance and an optional bypass FleXi Port module for all 1U and 2U XG Series models, plus optional Power over Ethernet (PoE) modules make it easy to enable Synchronized Security in any environment.
“Our clients appreciate the streamlined management and simplified user interface of the XG Firewall. Deployment flexibility has made it easy to improve security without the complication of replacing current infrastructure,” said Dan Russell, CIO at Pine Cove Consulting, a certified Sophos Partner “The XG Firewall can be installed inline or in ‘discover mode’ with an existing firewall. Additionally, Sophos Intercept X can be installed on the endpoint next to any existing endpoint protection, adding next-generation threat protection into any traditional environment. The new levels of visibility means that we no longer have to wait for an application signature to become available to see actual network traffic running through the firewall. Visibility into every network application and the ability to categorize them and take immediate action is going to help our customers and us tremendously.”