Sophos Central, our cloud-based security platform, has a feature that nobody talks about, but everybody loves.
As an administrator, you create your identity once—and that’s it. Suddenly, on all of your Sophos products, you’re good to go. No need to set up and remember separate user details for your endpoint protection, your email security, and your firewall; it just works.
I doubt anybody ever bought a Sophos product for that reason. But it’s there, and it saves every user a little bit of time and effort right off the bat. They might raise an eyebrow at how easy it was, then they go about their day.
Nobody thinks about how we make it happen.
And that’s fine; in the Sophos Central team, we’ve long understood that the better we do our job, the less you’ll notice. Which is a really good illustration of the power and value of a platform.
Improving your security—and unlocking innovation
First, there’s the obvious part. Having all your cybersecurity solutions working together—and being able to see and control them all through a single pane of glass—saves you a ton of time. Lots of our customers say it cuts their workload by 50% or more.
You can apply global policies, spot issues more easily, and generally keep your organization that much safer. And as important as that is, there’s something even more fundamental happening under the hood.
The reason our user setup process works so smoothly is that we have a whole team of Sophos Central engineers focused solely on the platform. We provide the building blocks (like user identity) to our product teams that they can pick up and use.
In this example, it means your login works across our entire portfolio (you’re welcome). And it’s one less thing for each product team to develop. So instead, they can focus on raising the bar for security and innovation—the reasons you likely chose Sophos products in the first place.
If you think of your specialized cybersecurity solutions as rooms in your home—the kitchen, the living room, the bedroom—it’s easy to see Sophos Central like a thermostat that lets you control the temperature across all of them at once. In fact, it’s also the plumbing, the wiring, and the foundations. It’s all the parts that make a house.
A purpose-built meeting place for your cybersecurity data
And that’s not all. By providing a single platform to underpin all our product development, we create a common point where they can all exchange data and interact.
This is where the magic really happens. You toggle a button, and your solutions start talking to each other. Now an alert on your endpoint protection can trigger a response in your firewall—for example, to isolate a device before ransomware can spread. They share data, so what one solution learns can benefit all the others.
Again, that takes a lot of work behind the scenes. First and foremost, it’s a lot of data to manage, and it increases exponentially with each solution you add. If you’re using Sophos XDR, on a daily basis we likely process 6-20 MB for each endpoint, and another 20-80 MB for each server; in a sizeable organization, that can easily add up to gigabytes per day.
Add your Sophos Firewall logs into the XDR solution and that can be tens of gigabytes a day. Maybe your Sophos Email follows, and potentially you hook in data from your Office 365. Very quickly, you’re into very large volumes of data, daily—with Sophos Central connecting it all, making sense of it for you, and proactively letting you know if anything is out of the ordinary.
And here’s the part we’re really proud of: Sophos Central handles all that data impossibly fast. You can ask for all the endpoints showing a particular hash—the kind of search that’s “go-make-a-coffee” territory on most systems—and Central will have it for you in seconds.
The secret ingredient in our technology stack
Sophos Central can do that because of the smart way we built our data platform. Getting the opportunity to create something this ambitious—and work with such an awesome team—is the whole reason I joined Sophos. I’m so glad I did.
There’s nothing unusual about the stack itself. The platform is built entirely in AWS, with popular technologies like Kafka and Presto, alongside other proven services.
The secret ingredient is the way we put those pieces together.
Specifically, we keep our customers’ objectives in mind when we plan how to ingest, parse, and store their data. For example, we know which reports administrators run most often—so we set up the architecture to find those answers faster. In fact, it means we can go beyond finding your answers quickly; we can have them waiting for you when you log in.
Right from the start of the design process, we spend a lot of time streamlining the things that will make the biggest difference to your day-to-day work. Ironically, if we do our job well, it means they’re the parts you notice least.
So, when you next toggle a button to synchronize a new solution in Sophos Central, and you smile at how instantly it works, spare a thought for all of us behind the scenes. We worked hard to make it that easy.
And if you’re not yet using Sophos Central, maybe it’s time to take it for a test drive. Try for yourself, for free, for 30 days to see how it works for you.
Source: Sophos