It feels like the perfect time to announce a new free tool that’s designed to bring to our commercial-grade Sophos security to all of your homes. In a bout of creative genius, we decided to call it … Sophos Home. Clever, right?

We decided to do this because we’ve been hearing from employees, customers, partners, and friends that the existing solutions in the market aren’t working for them. We hear complaints about ineffective/cheap consumer technology and products loaded with nagging adware; security companies that sell your data to third parties; and some that still think homes only have a single PC. It seemed to us that no one has done a very good job of building a product designed for the modern family. We thought we could do better so we kicked off the Sophos Home project.

I’m really proud of what our designers and engineers have come up with. It’s a brilliantly simple online management dashboard that sits on top of enterprise-grade, sophisticated Mac and Windows endpoint protection technology to keep all of your computers and family members safe.

It even includes the ability to set restrictions on what kind of websites each computer has access to (my 12 year old is no longer spending his college savings on the Draft Kings fantasy football site).

I could spend a long time telling you about the cool behavioral detection tech that watches apps for malicious actions, or the instant checking we do to make sure the website you’re visiting hasn’t been compromised. The real point is that Sophos Home is industry-leading security tech, but with a new management system designed from the ground up for the home user … and it’s free!

We protect over 100 million employees today and we feel they need the same protection at home, as do their kids, their parents, and their friends. There are far too many threats out there: infected websites that silently drop malware on your computer just by visiting a webpage; ransomware that locks up all your precious files with encryption, and throws away the key unless you pay; and phishing websites set up by hackers to look just like your bank’s website to steal your passwords and drain your accounts.

It’s time for a better solution designed for today’s connected family.

So, give it a try and let us know what you think. Simply go to sophos.com/home and create your free account. Download and install it. That’s all you need to do!

You can read the original article, here.

Sophos, a global leader in network and endpoint security, today announced the acquisition of SurfRight, an innovator in signature-less next-generation endpoint threat detection and response (ETDR) and advanced threat prevention.

Based in Hengelo, the Netherlands, SurfRight has developed a portfolio of technologies that prevent, detect and remediate zero-day and sophisticated attacks by interrupting malware and advanced persistent threat (APT) vectors. SurfRight’s real time anti-exploit technology focuses on detecting and preventing the memory manipulations and abuses that allow malicious code to run in the first place. Generic prevention of exploits at this early stage in the attack chain is a key enhancement to endpoint security mechanisms and can help thwart malicious code in the processor and memory. The portfolio also includes anti-espionage technology and enhanced protection against ransomware attacks such as CryptoLocker.

Sophos is recognized as a leader in endpoint protection today, with a growing set of next-generation technologies such as behavior-based analytics, Malicious Traffic Detection that monitors attempted outbound connections to known bad URLs, and Application Reputation which leverages a crowd-sourced big data warehouse managed by SophosLabs to determine whether a downloaded file is known to be good or bad and prompts the user to take appropriate action. This acquisition will further strengthen Sophos’ leading endpoint protection technology, by adding complementary new defense tactics, delivered either on premise or in the cloud.

Sophos will immediately work to integrate the SurfRight technology into its line of endpoint security solutions. Once the integration work has been completed, Sophos will make the technology acquired from SurfRight available via its global network of more than 15,000 channel partners.

SurfRight’s technology will also further enhance the effectiveness of Sophos’ synchronized security strategy, in which multiple components of security protection, including network security and endpoint security, actively and continuously communicate with each other. This innovative approach leads to faster threat detection and a dramatic reduction in the time and resources required to investigate and address security incidents.

Sophos will continue development and support for SurfRight’s existing product line including its popular HitmanPro malware scanning and removal tools, used by more than 20 million users worldwide. Sophos acquired SurfRight for a cash consideration of $31.8 million and will retain all SurfRight employees and the company’s office in Hengelo. SurfRight CEO Mark Loman will join the Sophos Enduser Security Group, reporting to Dan Schiappa.

You can read the original article, here.

For the third straight time, Sophos has earned 6 out of 6 points for protection in AV-Test’s independent evaluation of endpoint protection products. Our Sophos Endpoint test results show that we detected 100% of zero-day malware attacks in both September and October.

This is now six straight months of 100% detection in “real-world testing.” The “widespread and prevalent malware” test is now reported with an extra decimal place of precision, so instead of our previous 100% (rounded), we’re now at 99.7% in September and 99.9% in October.

We also received a score of six out of six on the usability portion of the test. We recorded zero false positives in that portion of the test. This follows up on our great performance in this category over the last year – we even won AV-Test’s 2014 Best Usability Award.

On the final portion of the test, measuring performance, we scored 5 out of 6 points, indicating that Sophos Endpoint doesn’t significantly slow a computer’s performance while performing tasks such as downloading software, accessing websites, installing programs and copying data. (Other independent tests have found that Sophos has among the lowest performance impacts in the industry).

The independent tests from AV-Test are a benchmark for how we’re doing, and we’re proud of our consistent results. We think it’s validation of our leadership in the industry.

But we’re not going to rest on our laurels.

We’re continuing to innovate and build new protection technologies into our next-gen endpoint solution such as malicious traffic detection and download reputation. Plus, we’re integrating our endpoint and network security together with our industry-first synchronized security technology.

To see how Sophos Endpoint Protection is simply better than the competition, try it for yourself – sign up today for a free trial.

You can read the original article, here.

For decades, the security industry has been treating network security and endpoint security as completely different entities. It’s just like putting one security guard outside the building and another inside the building, but not allowing them to talk to each other.

What if we started over with a fresh and radical approach that delivered better protection by enabling automated and real-time communication between network and endpoint security solutions. One that was synchronized across the entire threat surface, and highly automated, so it could do all this without adding staff or workload.

To accomplish this, we need a system with the following five attributes.

Ecosystem centric: We must prevent, find and stop breaches across the entire IT ecosystem by operating with full awareness of nearby objects and events.

Comprehensive: The solution would need to be comprehensive and cover multiple platforms and devices, to defend against attackers who attack the whole IT system, not just its parts.

Efficient: The solution must lower the team’s workload while improving protection. It cannot add another layer of technology and workload.

Effective: The solution must effectively prevent, detect, investigate and remediate today’s threats across the entire threat surface.

Simple: It must be simple to buy, simple to understand, simple to deploy and simple to use.

This list seems like a tall order indeed. Today’s IT security products are the opposite: threat centric, complex, non-comprehensive, resource intensive, and in total not as coordinated as the attacks they’re supposed to defend against.

Clearly, innovation is needed to succeed.

When the Sophos Next-Gen Firewall detects an advanced threat or an attempt to leak confidential data, it automatically utilizes the Sophos Security Heartbeat to take a series of actions across both the network and endpoint to mitigate risk and stop data loss instantly.

Similarly, if a protected endpoint is discovered to be compromised, synchronized security allows automated and near instantaneous isolation of this endpoint, preventing it from leaking confidential information or sending data to a command-and-control server.

This type of discovery and incident response, which could take weeks or months, has been reduced to seconds with synchronized security.

Synchronized Security – A new approach

Complex, threat centric, headcount dependent, myopic solutions will not meet the needs of resource constrained IT security teams. To reverse the trend of increasing incidents and breaches, we must take a much different approach than in the past. To do this, we must implement new solutions that are simple, yet effective, automated and coordinated – in short, synchronized via technology innovation such as the Sophos Security Heartbeat.

The good news is that this capability is available today from Sophos. To learn more about how synchronized security from Sophos can reduce your risk in the face of today’s cyberthreats, download our free whitepaper, “Synchronized Security: A Revolution in Protection” (no registration required), and visit sophos.com/heartbeat.

Υou can read the original article, here.

The phrase Internet of Things, or IoT for short, turns up all over the place these days. But what is the thing of which the IoT is made?

Is it a specific sort of technology, like a low-powered computer chipset? A special sort of computer, such as one without a screen and keyboard? Is is an online trend, like Snapchat?

The answer, for better or for worse, is all of these, and a lot more besides. Loosely speaking, the IoT refers to a whole class of day-to-day objects – things, if you like – that are now being offered with built-in network connectivity.

This means you can hook them directly to the internet, all on their own, rather than first plugging them into a computer that is connected to the internet.

Very often, these are things that:

• Were not designed or built specifically to be part of the internet.
• Perform functions that do not require the internet.
• Are widely known and commonly-used.
• Have worked just fine for years without being part of the internet.
• But would possibly be more useful, and definitely be much cooler, if only they were online.

Some examples are: TVs, music players and cameras. For many years you’ve been able to connect devices like this to your computer, for example to upload music, download images, or set recording times for your favourite shows.

So it’s not entirely surprising that many of them can now be connected directly to the internet on their own. Trendier items that have recently joined the IoT include: kettles, light bulbs and home thermostats.

You don’t really need your light bulbs online, but it’s kind of cool to be able to set mood lighting in your whole living area using an app on your mobile phone, without having to rig up any special wiring.

And you can probably imagine how remotely controlling individual appliances over Wi-Fi with a single app might end up saving money, improving reliability, being greener, and so on. So we can expect to see more and more IoT devices of this sort, from washing machines and refrigerators to garage door openers.

Lastly, there are numerous specialised devices that are rapidly becoming IoT “things”, such as: drug infusion pumps, electricity meters and even cars.

PROS OF THE IoT

+ Connecting and controlling household devices will become easier and more efficient. If you have ever done any electrical work on an older-model car, you will know just how confusing an automotive wiring loom can be. Much of that complexity comes from the need to run wires hither and thither to connect the battery to each light bulb or device via its own switch or control knob.

+ Assuming suitable networking and connectivity standards, you won’t need a unique, proprietary control unit for each device.

+ Specialised devices such as drug pumps and electricity meters will be easier to update. This means it will be easier to keep up with changes in regulations, best practices, tariffs, and so on.

CONS OF THE IoT

– Experience so far suggests that we can’t rely on the vendors of these devices to make sure they are secure before they invite us to hook them up to the internet. From baby monitor webcams with well-known default passwords to drug pumps with no network passwords at all, computer security often takes second place in the IoT.

– Early adopters run the risk of being blinded by coolness, or oversold on convenience. This may lead to them deploying IoT devices such as webcams and thermostats without thinking what information might leak out about their private lives.

– The IoT’s “things” are frequently just tiny computers that are built down to a price. With this in mind, shortcuts in security are hardly unexpected.

You can read the original article, here.

Attackers are more frequently using previously-unknown malware to evade traditional protection. While conventional anti-malware protection is still absolutely vital as a first line of defense, organizations need additional tools to combat today’s targeted, unknown malware.

Unfortunately, many next-generation solutions designed to deal with unknown threats are too complex and expensive for many businesses to consider. And under-resourced small and mid-sized businesses definitely don’t want yet another point solution to clutter up their network.

This is why we’re launching Sophos Sandstorm, an advanced malware defense solution that complements Sophos security products to quickly and accurately detect, block and respond to evasive threats using powerful, cloud-based sandbox technology.

Sophos Sandstorm is a new breach detection platform across the Sophos portfolio. The first Sandstorm component is a cloud-delivered next-generation sandbox that provides targeted attack protection, visibility and analysis by detecting, blocking and responding to evasive, unknown threats.

Sophos Sandstorm integrates with the Sophos solutions you’re already using:

• Sophos Web Appliance (SWA) 4.2 is the first product to implement Sophos Sandstorm.
• Sandstorm will be integrated with Sophos Email Appliance 4.0, UTM 9.4, Cloud Web Gateway and XG Firewall in 2016.

How Sophos Sandstorm rises above the competition

It’s simple:

• Easy to try – sign up directly from the product interface
• Easy to deploy – simply activate the policy
• Easy to manage – all from within your “three-clicks-to-anywhere” interface

It’s effective:

• Blocks evasive threats – detects threats designed to evade sandboxes that other solutions miss
• Policy control – simple, efficient policy control
• Visible protection – granular, incident-based reports

It’s cloud-delivered:

• Rapid deployment – instant protection with no hardware to deploy or appliance upgrade needed
• Minimal impact on performance – all processing done in the cloud
• Collective intelligence – analysis of threats detected across the broad Sophos customer base

Why should you be interested?

Many organizations recognize the need to take steps protect their business against unknown threats. What they don’t want is yet another point solution to clutter up their network.

If you want an advanced threat solution that’s easy to try and deploy, simple to manage, and uses the best threat intelligence, Sophos Sandstorm checks all these boxes.

Visit sophos.com/sandstorm to learn more about how Sophos Sandstorm works.

You can read the original article, here.

Miercom, a leading, independent test center, recently conducted a comparative test of UTM/Next-Gen Firewall appliances from leading network security vendors including Sophos. Miercom tested our desktop model, the SG 135w, alongside models from Fortinet, Check Point, DELL SonicWALL and WatchGuard.

Miercom also ran a test comparing the performance of the SG 135w desktop model against the competition’s rackmount 1U appliances, a traditionally more powerful form factor.

All models were tested under equal circumstances and using equal packet sizes for a fair comparison. Also, all vendors involved had the chance to demonstrate their performance in a separate test if they didn’t agree with the results. Only WatchGuard made use of that possibility.

So how did the SG 135w, a popular choice as a small business and branch office UTM, stand up against the desktop and rackmount models of our competitors? Below is an overview of the test results, which you can also see in more detail in the full Miercom reports on the desktop and rackmount tests.

Desktop-to-Desktop Comparison

In the primary comparison, Miercom tested the SG 135w* against comparable desktop models in six separate tests measuring throughputs with different features turned on.

Desktop models tested:

• Sophos SG 135w
• Fortinet FortiGate 90D
• Check Point 2200
• DELL SonicWALL TZ600
• WatchGuard XTM 330

The test results show that the SG 135w had superior performance in five out of the six tests. The base firewall throughput of the SG 135w was over four times faster than the models from Dell, Fortinet and WatchGuard, and almost 1.5 times faster than the nearest rival, Check Point.

The SG 135w outperformed the competition in the UTM test with 40% more throughput than the average. Miercom notes that even when all features on the device were turned on for the UTM test:

“Sophos maintains a respectable rate which is considerably higher than its competitors.”

In only one of the six tests did the competition draw even with the SG 135w – in the Firewall + AppCtrl, where Check Point achieved the same throughput performance.

As you can see in the graphic below, the SG 135w has proved itself to be the most powerful desktop model.

And the strengths of the SG 135w are not limited to performance. Our UTM’s simplicity and ease-of-use was also notable, as Miercom states in its report:

“Overall, the performance of the Sophos SG 135w desktop device was better than most desktop products. Additionally, Sophos has a quick and simple setup. Configuration was straightforward, and the graphical user interface (GUI) was clean and easy to navigate with a minor learning curve.”

Desktop vs. Rackmount

In a separate series of test, Miercom compared the Sophos SG 135w desktop model with the rackmount 1U appliances of the other vendors.

Rackmount models tested:

• Sophos SG 135w (desktop appliance)
• Fortinet FortiGate 100D
• DELL SonicWALL NSA 2600
• WatchGuard XTM 525

Is it really possible to get rackmount performance with a desktop form factor and price?

Well, in the case of the SG 135w, it is possible. The SG 135w’s baseline firewall throughput was 51% higher than the rackmount vendor average. Even in the most difficult test, the SG 135w had fantastic UTM throughput with all features turned on. Our desktop model had almost double the throughput of Dell SonicWALL NSA 2600 and performed only marginally behind the Fortinet FortiGate 100D.

The Bottom Line

What do these tests prove?

The numbers speak for themselves – when measured against the toughest competition in the industry, Sophos SG Series wins with the best performance.

And because the SG 135w desktop model outperforms some of the more costly rackmount models from other vendors, these tests prove that Sophos offers an excellent price-to-performance ratio.

Finally, the tests prove that, with the SG 135w, you can have a UTM appliance that combines ease-of-use and cost effectiveness with performance – without forfeiting features or security.

You can download the full desktop and rackmount comparison reports from Miercom on sophos.com.

* The recently launched XG 135w has an identical hardware specification to SG 135w tested here. In fact all our SG Series and XG Series appliances have identical technical specifications; the XG Series just come preinstalled with different firmware, which is why we’ve given them a new name to differentiate. SG Series = UTM 9, XG Series = XG Firewall. Read more in our blog article about Sophos UTM 9.

Υou can read the original article, here.

People are always looking to save time and money, and hopefully both, with technology. Businesses and consumers love smartphones and computers because they are massively multi-functional, super-fast and efficient. We’ve been doing this for a long time – the spork, that funny looking multi-purpose utensil, dates back to 1874!

More recently, mobile application developers have used cross-platform development tools to increase efficiency in churning out apps that work in all three of the major mobile operating systems – Android, iOS and Windows.

Malware authors are no different. At SophosLabs, we have seen an increase in malicious apps written with cross-platform development tools such as PhoneGap, Titanium, Unity, Xamarin and Cocos2d.

SophosLabs researchers William Lee and Xinran Wu explain in a new research paper – Cross-Platform Mobile Malware: Write Once, Run Everywhere – that security researchers will face greater challenges analyzing and detect these pieces of mobile malware, as cybercriminals increasingly make use of multi-platform tools to hide their malicious code.

Their research demonstrates that malware authors are using cross-platform development tools “to hide their malicious code in HTML files or specific containers loaded by cross-platform frameworks instead of the platform’s native binaries.”

This fascinating research paper (presented earlier this month at the Virus Bulletin International Conference) explores in depth the feasibility of new cross-platform mobile malware and examines the package structures of these malware.

Finally, our researchers suggest a solution for identifying an application’s framework type and writing detection signatures for malware based on those frameworks.

You can check out this paper and other SophosLabs research on our technical papers page.

Υou can read the original article, here.

The release of Sophos XG Firewall with Security Heartbeat has made some headlines this week, and we’re pleased that analysts like John Oltsik of ESG are giving us great reviews. But real success is measured by the responses of our valued partners and customers.

Here’s some of the things we’re hearing from customers and partners about XG Firewall and our synchronized security strategy.

“You hear about large enterprise corporations being breached all the time in the news. What the news doesn’t report is the vast amount of small companies that are being breached and don’t even know it. When I heard that Sophos was planning on having their endpoint talk to their firewalls with the Security Heartbeat, I knew this would revolutionize the security industry and transform the way we help small and medium businesses protect their network. A firewall and an endpoint view threats incredibly differently and now that the two can have a conversation about what they see, security will be elevated to a whole different level. We already know that Sophos is a leader in both endpoint and network security, with proven products deployed worldwide. Synchronized Security and the Security Heartbeat now represent a fundamental shift in managing threats, which will upset not only hackers, but the competition as well.” – Brad Call, Systems Specialist, Internal IT (Sophos partner and customer)

“With the current landscape, threats move at a rapid pace. We’ve seen the security industry continue to come up with new layers of security for IT teams to buy and deploy. It’s refreshing to see that Sophos is taking a different approach to help us simply get more out of what we and our customers already have.” – Roy Busenius, President, Internal IT (Sophos partner and customer)

“What Sophos is doing with synchronized security is impressive. As a company, we are looking forward to how the network will be integrated fully with the endpoint, saving us the amount of time it typically takes to research threats, act on them, and actively manage security for the entire organization.” – Timothy Speakman, System Administrator, Contra Costa Health Services (Sophos customer)

“We are extremely excited about the Sophos product roadmap. The Security Heartbeat is remarkable, particularly when you consider how the firewall will communicate with the endpoint. This new technology is one of the most interesting features on the market and we look forward to where this new technology will take us.” – Kerrigan Addicott-Case, System Administrator, Office Information Systems (Sophos customer)

“There will never be a perfect security solution that stops all the threats. But with Sophos we are getting close to perfect. Sophos’s synchronized security allows everything to talk to one another and is a game changer for the industry.” – Michelle Drolet, CEO, Towerwall (Sophos partner)

Υou can read the original article, here.

By now you have likely heard the big news: Intel Security (formerly known as McAfee) has decided to discontinue selling all of its McAfee SaaS Endpoint offerings, as well as its line of SaaS email protection, SaaS email archiving and SaaS email encryption products (formerly known as MX Logic).

While this is no doubt troubling news for Intel’s partners and customer base, it is much better news for the Sophos partner community. Our partners now have a fantastic opportunity to sell to a broad base of disaffected Intel customers looking for a more stable security vendor.

Whatever Intel’s reasons for discontinuing their SaaS endpoint and email security products, we’re really bullish on the market opportunity for our own cloud-based email protection, archiving and encryption solution – Reflexion.

Email continues to be a major threat vector, allowing malware to get inside the network and sensitive data to get out. We’re investing in the best technology to defend against the latest email threats, and email security is a key product in our growing portfolio of cloud solutions.

Reflexion’s cloud-based email protection is a no-fuss solution to the constant problem of spam and email-borne threats. And we offer cloud-based email encryption as a great solution with minimal performance impact for organizations that need to meet compliance mandates and protect data against accidental loss or theft.

Many organizations in industries with regulations prohibiting the destruction of email communications can also depend on our Reflexion solution for archiving, discovery, and recovery services, with fast search and retrieval capabilities.

Sophos partners can already sell Reflexion products today, and soon all of Reflexion’s cloud email solutions will be integrated into Sophos Cloud.

We continue to believe that integrating Reflexion’s technologies into Sophos Cloud (named Security Product of the Year by PC Pro magazine) is a winning combination – for our customers and Sophos and Reflexion partners.

Sophos Cloud delivers all of your customers’ security needs, in a modular yet comprehensive and integrated fashion. It’s much more than just endpoint protection. Mobile, web, server – and soon, email protection – are available from the same web-based management console, hosted by us or by you as a trusted partner.

We’d like to help our partners take advantage of the enormous opportunity opened up by Intel’s departure from the SaaS endpoint and SaaS email security market, which is why we’re offering free conversions for Intel customers.

Steve Weeks, president of Sophos partner Netcetera, said:

“Migrating to a new solution provider can feel daunting and frustrating. At Netcetera, when one of our vendors was acquired by Google years ago, I initially worried about business disruption and unhappy customers. So it was a big relief when we switched to Sophos’s Reflexion email services. The migration process was smooth and, at the same time, we ended up with a better product and a superior vendor to partner with. I understand how partners working with McAfee must feel right now, but I’ve been telling my peers at other resellers that switching to Sophos is their best bet for a seamless transition. Choosing to work with Sophos has proven to be an excellent decision for Netcetera and our clients.”

We are so confident that you’ll enjoy the benefits of Reflexion that we are offering Sophos partners free migration assistance from Intel’s McAfee SaaS email products, which includes the configuration of customers and users, and the import of the whitelist and blacklist. Additionally, we have waived the ingestion fee of the email archive to Sophos’s RADAR archiving service.

We’ll be reaching out to our partners soon with more information on how you can get the most from this opportunity.

Visit our website to learn more about free migration to Sophos’s Reflexion email services.

You can read the original article, here.

The new SEP sesam 4.4.2. offers a wide range of new, revolutinary backup and restore features, including the support of the latest virtualization platforms, operating systems and applications.

Two highlights of the new release are the industry-leading restore of Microsoft Exchange and SharePoint via Drag and Drop, as well as the block-level based deduplication.

These functions are now also available for Windows-based backup servers and Remote Device Servers (RDS). Furthermore, the bandwidth-sparing replication solution for distributed environments is another great feature which saves time and money.

In SEP sesam 4.4.2 for Windows the software performance has been boosted to complete backups and restores considerably faster. The backup and restore performance is now up to 3 times faster than SEP sesam version 4.4.1 which significantly reduces backup and restore times in windows
environments.

Discover SEP sesam 4.4.2.

Visit the Release Notes for all new features.

A lot of people are talking about our new Sophos XG Firewall with Security Heartbeat and our vision of synchronized security. Our customers and partners, industry analysts, and the security press are talking about it. There’s a buzz in the air.

And with good reason. You hear phrases like “revolutionary,” “game changing” and “the next thing in next-gen.” Synchronized security is very big deal.

It took all of us at Sophos coming together to execute our strategy of synchronized security. But who better to talk about what synchronized security means for us, and the broader security industry, than those who set the vision and strategy that guide our company? The Sophos senior management team, led by our CEO Kris Hagerman, recently sat down to record their thoughts in a short video.

Kris talks about the challenges the security industry is facing –  the increasing attacks, and the growing sophistication and coordination of the attackers. The old security strategies just aren’t enough anymore.

Traditionally the answer has been adding a whole bunch of security products – like security guards protecting a castle – and then adding more when that doesn’t work. Sophos is coordinating those protectors like no one has before.

“What we’re doing at Sophos, really for the first time, is we’re giving those guards radios,” Kris says. “So we’re giving the individual products, the security guards, the chance to communicate with each other.”

“For the first time, we’re taking the next-gen firewall technology and the Sophos endpoint technology, and having them communicate. Putting a heartbeat, putting a pulse between these two formerly isolated islands within security defenses,” says Chief Marketing Officer Matt Fairbanks.

Sophos Chief Technology Officer Joe Levy says the industry has been using the right “ingredients” for security, but not the right “recipe.” Sophos Security Heartbeat allows network and endpoint to exchange contextual information, forming a complete security system.

“Synchronized security is the future of the direction that security is going to have to go. While we as a vendor are the first to deliver this, I consider it inevitable that the rest of the industry follow suit,” Joe says.

Watch the video to hear more from our leadership team about our vision for synchronized security, and what makes it so emblematic of our mission of “security made simple.”

Υou can read the original article, here.

Recently we were honored to accept a big award: the Editor’s Choice Award for Enterprise Security, presented at the Global Enterprise Connect Awards 2015, recognizing the top IT solutions and services vendors, distributors and resellers in the Middle East and Africa.

It’s not unusual for us to earn this kind of recognition in the channel. We’ve taken home several big awards including: best IT vendor in all three security categories in CRN’s Annual Report Card (ARC); security vendor of the year from one of our biggest partners in North America; and vendor of the year in enterprise mobility management at the Integrator ICT Champion Awards 2015.

What makes this award special is how it demonstrates the combined strength of Sophos and Cyberoam in the MEA region.

“Together Sophos and Cyberoam enjoy an entrenched presence across the MEA region, which spans across 45 plus countries. And to augment our expansion, we have a team of over 40 people dedicatedly working for the region, working closely with customers and partners,” says Harish Chib, Vice President, Middle East and Africa, Sophos.

Sophos and Cyberoam are now one, and we’ve combined the best technologies from each company in our revolutionary next-gen firewall.

“What makes us different, is that now we can provide end-to-end solutions for our customers,” Harish told Computer News Middle East. “People want solutions to be simple now, and with this partnership, our customers can get just that.”

Υou can read the original article, here.

The Gameover Zeus and Shylock botnets were destroyed by law enforcement takedowns last year, in two of the most successful actions against financial malware. And yet malware families like Dridex, Dyreza and Vawtrak continue to prey on users of online banking around the world.

Clearly, the fight against cyberthreats isn’t easy, but SophosLabs is developing technologies that improve our ability to understand and respond to threats more efficiently and effectively.

SophosLabs Senior Threat Researcher James Wyke, in a new research paper presented at the Virus Bulletin International Conference, gives us a behind-the-scenes look at an automated system for extracting valuable information from banking malware families.

As James explains in his paper, titled Breaking the Bank(er): Automated Configuration Data Extraction from Banking Malware, data extraction is a time-consuming and repetitive task that is better left to systems, freeing up analysts to concentrate on the hard part of analysis.

Automated data extraction also helps us learn information about malware families and malware authors that we can use to detect future variants and build more robust protection.

The data extracted from malware can be used in multiple ways, which are described in James’s table below.

James describes our automated system, built on a sandboxing program called Cuckoo, and how it extracts and processes data before sending it on to other systems for analysis (see figure below).

James goes on to describe how this sandbox system was developed and how it works, and gives us examples of how it’s used to extract data from samples of Vawtrak – a banking malware family James has studied extensively.

While a lot of valuable security research describes how malware is developed from the attacker’s side, James’s paper provides a lot of insight into how our security researchers do their jobs to better protect us from threats.

It’s well worth a read.

Υou can read the original article, here.

Web gateway vendor Bloxx surprised customers with the announcement that it has been acquired, and the current Bloxx product set will be discontinued (“end-of-lifed”).

If you’re a Bloxx customer looking for a web security alternative, we can help you turn an annoying replacement project into an upgrade opportunity.

We all know that web threats and hackers don’t stand still. Sophos is always one step ahead of the threats with advanced web protection powered by SophosLabs intelligence and our Live Protection technology.

Sophos protects you against the latest exploit kits, drive-by attacks and malicious phishing websites. Plus, you have complete control over your users’ web browsing with custom block and allow lists and security policies that follow them wherever they go, on any device.

Sophos Secure Web Gateway gives you everything you need to replace your Bloxx product:

• Easy ownership: Simple web protection, from deployment to daily management and support.
• Your rack or ours: Choose whatever best suits your needs – an on-premise appliance, virtual appliance, or Cloud Web Gateway.
• Protection everywhere: For every user, on every device, everywhere they go.
• Lightning performance: Transparent protection that won’t slow your users down.
• Instant visibility: Get instant visibility into activity on your network with rich reporting and intelligent dashboards.
• Granular controls: All the policy control you need to keep your users productive and compliant online.

Upgrade to Sophos today!

Υou can read the original article, here.

As you know by now, this week we launched our new Sophos XG Firewall with Security Heartbeat. But you might be wondering: just what does XG Firewall include, and what other innovations does it offer?

So we thought we’d give you an overview of all the exciting new bits and pieces.

To start, it’s important to point out that XG Firewall is more than just a firewall product. It’s an entire network security ecosystem.

XG Firewall Ecosystem

XG Firewall is our new firewall product that is available as a next-gen firewall or a UTM. It can be deployed as a hardware appliance, a software appliance on an Intel compatible server, or as a virtual appliance in your favorite virtual environment.

Sophos Firewall OS (SF-OS) is the new software platform that incorporates a fresh new user interface and a ton of innovative new technology that is the core of the XG Firewall.

XG Series hardware appliances come pre-installed with SF-OS. They are otherwise identical to the SG Series appliances (which come with UTM 9 pre-installed). They offer industry leading performance with the latest technologies like Intel multi-core architecture, solid-state drives and the latest connectivity options.

Sophos Firewall Manager (SFM) is the new centralized management console which provides a great solution for monitoring and managing multiple XG Firewalls.

Sophos iView is a brand new version of iView that provides consolidated reporting across multiple XG Firewalls, as well as Sophos UTM 9 or Cyberoam devices.

Remote Ethernet Devices (RED) provide a very cost-effective and simple way to extend your secure network to remote locations. A Sophos exclusive, they were introduced with Sophos UTM 9 years ago and also work perfectly with XG Firewall today.

Secure Wireless Access Points make extending your secure network wirelessly a breeze with a full range of models to suit any environment with support for the latest wireless 802.11ac technology.

And if that wasn’t enough, as you know…

Sophos Cloud Endpoint works perfectly together with XG Firewall to deliver the revolutionary Security Heartbeat, linking your firewall and endpoints for the first time to share information, improve protection, and provide a whole new level of insight and visibility into the health of your network.

XG Firewall Innovations

I think you’ll agree that XG Firewall provides everything you need to provide a secure network for your business and protect it from today’s modern threats. What’s perhaps more exciting, however, is that it provides unprecedented insights and visibility into what’s happening on your network.

That provides a nice segue into some of the great innovations in XG Firewall:

User-based policies are at the core of XG Firewall and have never been easier to manage. You can easily enforce application control, web filtering, IPS, and traffic shaping (QoS) for individual users or groups, with just a few clicks, and all in one screen.

User visibility also reaches new levels with XG Firewall with features like User Threat Quotient, which monitors every user’s recent browsing behavior and ATP triggers to assign them a risk score from 1 to 100 and surfacing your highest risk users so you can easily deal with them before they get themselves infected.

Application visibility and risk also gets plenty of love in XG Firewall with some unique innovations like an all new app control engine, per-user or network policy app control enforcement, and even an application risk meter which provides an average score of the risk level for applications operating on your network, making it easy for you to know when stricter controls are required.

Business application policy templates also dramatically simplify the task of protecting common web services and applications such as Microsoft Outlook Anywhere, SharePoint or Lync.  Simply select the type of business app you need to protect from a drop-down list, and most of the rest of the policy is automatically filled in for you.

Unified policy management provides a single central screen for managing all your user, network and business application policies in one place, making it super easy to create, find, manage, and optimize your policies.

Performance also gets a boost across several areas of XG Firewall thanks to a dramatically improved proxy architecture, optimized next-gen IPS engine, and FastPath Packet Optimization.

Υou can read the original article, here.

Σήμερα, υπάρχουν πολλές λύσεις ασφαλείας στην αγορά, που μπορούν να σας βοηθήσουν να εξασφαλίσετε ένα παραγωγικό και ασφαλές περιβάλλον εργασίας στην επιχείρηση σας. Λίγες λύσεις ωστόσο στην αγορά προσφέρουν προστασία απέναντι στις προηγμένες απειλές και ελάχιστες δεν επιβαρύνουν την παραγωγικότητα των εργαζομένων. Επίσης, υπάρχει μόνο μία λύση στον κόσμο που προσφέρει Synchronized Security, η λύση της Sophos!

H Sophos έκανε το επόμενο μεγάλο βήμα στην ασφάλεια επόμενης γενιάς. Οι εταιρείες και οι οργανισμοί κάθε μεγέθους γνωρίζουν ότι χρειάζονται εξαιρετική ασφάλεια τελικού σημείου και ασφάλεια δικτύου – αφού είναι οι δύο θεμελιώδεις πυλώνες κάθε στρατηγικής ασφάλειας IT. Αλλά εδώ και πολύ καιρό, αυτές οι δύο προϊοντικές κατηγορίες απλώς δεν επικοινωνούσαν μεταξύ τους, ήταν ανεξάρτητες και απομονωμένες η μία από την άλλη, κάτι που περιόριζε την αποτελεσματικότητα τους.

Μόνο η Sophos κατάφερε να συνδέσει την κορυφαία τεχνολογία ασφάλειας δικτύων με την κορυφαία τεχνολογία στην ασφάλεια endpoint με μία συντονισμένη και “integrated” προσέγγιση. Αυτή είναι η συγχρονισμένη ασφάλεια (Synchronized Security), μία νέα συνδυαστική προσέγγιση στην ασφάλεια, που απλοποιεί την πρόληψη και την ανίχνευση,  και που αντιμετωπίζει τις προηγμένες απειλές και τις στοχευμένες επιθέσεις αποτελεσματικά, προσφέροντας καλύτερη προστασία και καλύτερη διαχείριση, σε οργανισμούς και εταιρείες κάθε μεγέθους.

Το νέο Sophos XG Firewall με Security Heartbeat είναι το “the next-big thing” στην ασφάλεια επόμενης γενιάς, προσφέροντας κορυφαία επιχειρησιακής κλάσης απόδοση, ασφάλεια και απόλυτο έλεγχο.

Κατασκευασμένο πάνω στα θεμελιώδη χαρακτηριστικά των ηγετικών στην αγορά UTM και firewall επόμενης γενιάς της Sophos, το Sophos XG Firewall ενσωματώνει αποδεδειγμένη τεχνολογία από τις Sophos και Cyberoam, προσφέροντας τα παρακάτω νέα χαρακτηριστικά:

• Κέντρο ελέγχου Ασφάλειας Δικτύου. Καινοτόμο περιβάλλον χρήσης που προσφέρει άμεση νοημοσύνη δικτύου και απειλών ώστε οι χρήστες να μπορούν να δράσουν άμεσα
• Ενοποιημένο Μοντέλο Πολιτικών. Απλοποιημένη διαχείριση πολιτικών, με προκαθορισμένα πρότυπα (templates) για επιχειρησιακής κλάσης εφαρμογές που εξορθολογούν και απλοποιούν τις ρυθμίσεις
• Ανάλυση Κινδύνων για Χρήστες και Εφαρμογές. Χαρακτηριστικά Ανάλυσης Κινδύνου για Εφαρμογές και Χρήστες, βοηθούν στην ταυτοποίηση χρηστών και εφαρμογών υψηλού κινδύνου και ενημερώνουν για δυνητικά επικίνδυνα σημεία για την ασφάλεια
• Δείκτης Απειλής Χρήστη. Διαχειριστείτε πολιτικές που έχουν στο επίκεντρο τον χρήστη (user-centric) με βάση την γνωστή συμπεριφορά κάθε ατόμου, καθώς και με βάση την κατάσταση υγείας του υπολογιστή ή της φορητής συσκευής που χρησιμοποιεί
• Sophos Firewall Manager. Πλήρης σε χαρακτηριστικά κεντρική διαχείριση για πολλαπλά firewalls που είναι δωρεάν για τους συνεργάτες της Sophos και τους managed service providers
• Κεντρική διαχείριση cloud. Οι συνεργάτες της Sophos και οι Managed Service Providers μπορούν να διαχειρίζονται πολλαπλές εγκαταστάσεις Sophos XG Firewall από το σύννεφο, χρησιμοποιώντας τον ολοκαίνουριο Sophos Cloud Firewall Manager
• Security Heartbeat. Αυτή η μοναδική δυνατότητα, που είναι η πρώτη φορά που κάνει την εμφάνιση της στην βιομηχανία, συνδέει με νόημα τα firewall και endpoint μαζί, με αποτέλεσμα να τους δίνει την δυνατότητα να μοιράζονται νοημοσύνη και να βελτιστοποιούν την προστασία ενάντια στις προηγμένες απειλές
• Σειρά συσκευών. Προσφέρεται μία ολοκληρωμένη σειρά από συσκευές με επιλογές για κάθε πελάτη, συμπεριλαμβανομένης της εισαγωγικής XG 85(w) και των κορυφαίων μοντέλων XG 750
• Ευελιξία hardware. Το λειτουργικό σύστημα του Sophos XG Firewall μπορεί να τρέξει επίσης στις υπάρχουσες συσκευές της σειράς Sophos SG καθώς και στις συσκευές Cyberoam NG
• Ευελιξία ανάπτυξης. Οι πελάτες μπορούν να επιλέξουν να αναπτύξουν συσκευές hardware, software ή virtual, αφού κάθε χαρακτηριστικό είναι διαθέσιμο σε καθέναν από αυτούς τους form factors

17o Συνέδριο Infocom World 2015

Αν θέλετε να μάθετε περισσότερα για το Synchronized Security της Sophos, και μάλιστα από πρώτο χέρι, δεν έχετε παρά να παρακολουθήσετε το 17o Συνέδριο Infocom World 2015, την Τρίτη 24 Νοεμβρίου 2015, που θα πραγματοποιηθεί στο Divani Caravel Athens, Λ. Bασ. Αλεξάνδρου 2, Αθήνα. Ώρα προσέλευσης 9.00 π.μ.

Παρακαλούμε επιβεβαιώστε τη συμμετοχή σας μέχρι 20/11/2015 στην ηλεκτρονική διεύθυνση http://www.info-com.gr.

Η Joanna Wziatek, Sales Engineer της Sophos θα μιλήσει σχετικά με το Synchronized Security στην Ενότητα 3 του συνεδρίου ενώ θα πραγματοποιηθούν και δύο workshops δωρεάν, με θέμα Securing your workplace using Sophos technologies και Creating Software Defined Networking using Ocedo Technology.

Για την εγγραφή σας στα workshops, πατήστε εδώ.

Σας περιμένουμε!

As you know, Sophos SG Series appliances with UTM 9 firmware are our industry leading and award-winning unified threat management (UTM) platform. Sophos UTM has a long and successful history that extends back many years.

Now, with the introduction of Sophos XG Firewall and our XG Series appliances, people may ask if Sophos UTM and the SG Series are going away. The answer is simple: No!

Existing partners and customers who are familiar and happy with their Sophos UTM can continue to sell it and use it, and we will continue to develop and support Sophos UTM 9, with a couple of new releases already in the planning stages.

Sophos customers who need specific features of Sophos UTM 9 that are not yet available in Sophos XG Firewall can rest assured that we will continue to develop the Sophos UTM 9 platform. When customers are ready to switch to XG Firewall, they can use their existing SG Series hardware and upgrade for free.

Sophos XG Firewall runs perfectly on all Sophos SG Series hardware appliances, as well as the same Intel compatible hardware and virtual environments as UTM 9. While we are confident that most Sophos UTM 9 customers will want to take advantage of many of the great new features and benefits of XG Firewall over time, there is certainly no rush to migrate, and customers don’t have to migrate if they don’t want to.

We plan to release some migration tools early next year to help customers upgrade an SG Series running UTM 9 to XG Firewall, if and when they are ready to do so. You can read more about this in our UTM 9 to XG Firewall migration FAQ.

One important point is that customers using UTM Series hardware appliances will need to refresh hardware in order to migrate to XG Firewall. Please talk to you account manager or Sophos partner for help with this process.

Finally, the new release includes new XG Series hardware appliances. These are entirely based on our award-winning SG Series and as such have identical technical specifications to the SG Series – they just come preinstalled with different firmware, which is why we’ve given them a new name to differentiate.

• SG Series = UTM 9.x preinstalled
• XG Series = XG Firewall with new SF-OS 15 preinstalled

Keep an eye on this blog for more information on Sophos UTM releases and for news and updates related to all Sophos products. Sign up for the Sophos Blog newsletter by entering your email address in the sign-up field in the upper right corner of the blog homepage. You can also sign up for our RSS feed.

Sophos UTM is very much alive and kicking. With Sophos UTM or Sophos XG Firewall you can rest assured your business and network security is in good hands with Sophos.

Read the UTM 9 to XG Firewall migration FAQ.

Υou can read the original article, here.

The next thing in next-gen: Ultimate enterprise firewall performance, security, and control with ΧG Firewall with Security Heartbeat. With Fastpath packet optimization technology with up to 140Gbps throughput, revolutionary Security Heartbeat for improved Advanced Threat Protection (ATP) and response, patented Layer-8 user identity control and visibility, unified App, Web, QoS, and IPS Policy simplifies management, app risk factor and user threat quotient monitors risk levels and more!

New Features of Sophos XG Firewall:

Built on the foundation of Sophos’ market-leading UTM and next generation firewalls, the Sophos XG Firewall includes proven technology from Sophos and Cyberoam, and delivers the following new features:

• Network Security Control Center. Innovative interface that delivers instant network and threat intelligence so users can take action fast.
• Unified Policy Model. Simplified policy management with pre-configured templates for business apps to dramatically streamline configuration.
• User and App Risk Analysis. App Risk Score features help identify high-risk users and applications and highlight potential security hotspots.
• User Threat Quotient. Manage user-centric policies based on an individual’s known behavior as well as the health status of the computer or mobile device they are using.
• Sophos Firewall Manager. Full-featured centralized management of multiple firewalls that’s free for Sophos partners and managed service providers.
• Centralized cloud management. Sophos partners and MSPs can manage multiple Sophos XG Firewall installations from the cloud, using the new Sophos Cloud Firewall Manager.
• Security Heartbeat. This unique capability, an industry first, meaningfully links the firewall and endpoint together, enabling them to share intelligence and enhance protection against advanced threats.
• Series of appliances. A comprehensive range of appliances with options for every customer, including the new entry-level XG 85(w) and high-end XG 750 models.
• Hardware flexibility. The Sophos XG Firewall operating system will also run on existing Sophos SG appliances and Cyberoam NG appliances.
• Deployment flexibility. Customers can choose to deploy as hardware, software or virtual appliances, and every feature is available on every form factor.

Available models range from a desktop appliance with integrated Wi-Fi to rack-mount appliances for the data center. Pricing is available from authorized Sophos partners worldwide.

Υou can read the original article, here and here.

Sophos, a global leader in network and endpoint security, has introduced the first synchronized security protection against today’s sophisticated threats with the Sophos Security Heartbeat capability of the Sophos XG series of next-generation firewalls and UTMs.

This new technology directly links next-generation firewalls and UTMs with next-generation endpoint security to share threat intelligence that enables faster detection of threats, automatic isolation of infected devices, and more immediate and targeted response and resolution.

With Security Heartbeat, organizations of any size can advance their defenses against increasingly coordinated and stealthy attacks and drive a dramatic reduction in the time and resources required to investigate and address security incidents.

The Security Heartbeat pulses continuous, real-time information about suspicious behavior or malicious activity between endpoints and the network firewall or UTM. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach. The Sophos XG Firewall uses data provided by Sophos endpoint protection to isolate and restrict access to and from the affected device, and in parallel, the endpoint protection can remediate the attack.

IT organizations can benefit from advanced threat protection capabilities without requiring additional agents, layers of complex management tools, logging and analysis tools, or expense. The Security Heartbeat is fully enabled and included as part of the Sophos XG Firewall and Sophos Cloud-managed endpoint protection.

“Today Sophos has taken the next big step in next-generation security. Organizations of every size know they need endpoint security and network security – they are two foundational pillars of any IT security strategy. But for too long, these two product segments simply didn’t communicate with each other – they were independent and isolated silos, which limited their effectiveness and their manageability,” commented Kris Hagerman, CEO at Sophos. “Only Sophos links leading network security technology with leading endpoint security technology together in a coordinated and integrated approach. This is synchronized security that delivers both better protection – and better manageability – for organizations of any size.”

Christian Christiansen, vice president of security products at IDC comments, “No other company is close to delivering this type of synchronized and integrated communication between endpoint and network security products. For the midmarket, the time and resource savings will be very compelling as their ability to stay ahead of increasingly sophisticated threats with today’s products will only become more challenging.”

How does the Security Heartbeat work?

• When a new Sophos protected endpoint is added to the network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and the endpoint immediately starts sharing health status.
• If suspicious traffic is identified by the firewall, or malware is detected on the endpoint, security and threat information is instantly shared securely via the Security Heartbeat.
• The endpoint reports context-rich information such as the computer name, username and process information associated with the threat.
• The firewall can automatically take action to isolate the endpoint from any routed or remote networks and trigger additional action on the endpoint to mitigate risk and prevent data loss.
• After the threat has been removed, the endpoint uses the Security Heartbeat to communicate updated health status back to the network, which then re-establishes normal service to the endpoint.

Jon Oltsik, senior analyst at ESG comments, “This is a good step toward synchronized security solutions. Having viewed tests of the Sophos XG Firewall with a Sophos protected endpoint, I have seen how the information passed in the security Heartbeat can reduce the risk to a business by increasing the speed of detection and response. It is not just management interface integration; the two products share valuable information making each one more effective and efficient. For companies who do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations.”

Υou can read the original article, here.