By now you have likely heard the big news: Intel Security (formerly known as McAfee) has decided to discontinue selling all of its McAfee SaaS Endpoint offerings, as well as its line of SaaS email protection, SaaS email archiving and SaaS email encryption products (formerly known as MX Logic).

While this is no doubt troubling news for Intel’s partners and customer base, it is much better news for the Sophos partner community. Our partners now have a fantastic opportunity to sell to a broad base of disaffected Intel customers looking for a more stable security vendor.

Whatever Intel’s reasons for discontinuing their SaaS endpoint and email security products, we’re really bullish on the market opportunity for our own cloud-based email protection, archiving and encryption solution – Reflexion.

Email continues to be a major threat vector, allowing malware to get inside the network and sensitive data to get out. We’re investing in the best technology to defend against the latest email threats, and email security is a key product in our growing portfolio of cloud solutions.

Reflexion’s cloud-based email protection is a no-fuss solution to the constant problem of spam and email-borne threats. And we offer cloud-based email encryption as a great solution with minimal performance impact for organizations that need to meet compliance mandates and protect data against accidental loss or theft.

Many organizations in industries with regulations prohibiting the destruction of email communications can also depend on our Reflexion solution for archiving, discovery, and recovery services, with fast search and retrieval capabilities.

Sophos partners can already sell Reflexion products today, and soon all of Reflexion’s cloud email solutions will be integrated into Sophos Cloud.

We continue to believe that integrating Reflexion’s technologies into Sophos Cloud (named Security Product of the Year by PC Pro magazine) is a winning combination – for our customers and Sophos and Reflexion partners.

Sophos Cloud delivers all of your customers’ security needs, in a modular yet comprehensive and integrated fashion. It’s much more than just endpoint protection. Mobile, web, server – and soon, email protection – are available from the same web-based management console, hosted by us or by you as a trusted partner.

We’d like to help our partners take advantage of the enormous opportunity opened up by Intel’s departure from the SaaS endpoint and SaaS email security market, which is why we’re offering free conversions for Intel customers.

Steve Weeks, president of Sophos partner Netcetera, said:

“Migrating to a new solution provider can feel daunting and frustrating. At Netcetera, when one of our vendors was acquired by Google years ago, I initially worried about business disruption and unhappy customers. So it was a big relief when we switched to Sophos’s Reflexion email services. The migration process was smooth and, at the same time, we ended up with a better product and a superior vendor to partner with. I understand how partners working with McAfee must feel right now, but I’ve been telling my peers at other resellers that switching to Sophos is their best bet for a seamless transition. Choosing to work with Sophos has proven to be an excellent decision for Netcetera and our clients.”

We are so confident that you’ll enjoy the benefits of Reflexion that we are offering Sophos partners free migration assistance from Intel’s McAfee SaaS email products, which includes the configuration of customers and users, and the import of the whitelist and blacklist. Additionally, we have waived the ingestion fee of the email archive to Sophos’s RADAR archiving service.

We’ll be reaching out to our partners soon with more information on how you can get the most from this opportunity.

Visit our website to learn more about free migration to Sophos’s Reflexion email services.

You can read the original article, here.

The new SEP sesam 4.4.2. offers a wide range of new, revolutinary backup and restore features, including the support of the latest virtualization platforms, operating systems and applications.

Two highlights of the new release are the industry-leading restore of Microsoft Exchange and SharePoint via Drag and Drop, as well as the block-level based deduplication.

These functions are now also available for Windows-based backup servers and Remote Device Servers (RDS). Furthermore, the bandwidth-sparing replication solution for distributed environments is another great feature which saves time and money.

In SEP sesam 4.4.2 for Windows the software performance has been boosted to complete backups and restores considerably faster. The backup and restore performance is now up to 3 times faster than SEP sesam version 4.4.1 which significantly reduces backup and restore times in windows
environments.

Discover SEP sesam 4.4.2.

Visit the Release Notes for all new features.

A lot of people are talking about our new Sophos XG Firewall with Security Heartbeat and our vision of synchronized security. Our customers and partners, industry analysts, and the security press are talking about it. There’s a buzz in the air.

And with good reason. You hear phrases like “revolutionary,” “game changing” and “the next thing in next-gen.” Synchronized security is very big deal.

It took all of us at Sophos coming together to execute our strategy of synchronized security. But who better to talk about what synchronized security means for us, and the broader security industry, than those who set the vision and strategy that guide our company? The Sophos senior management team, led by our CEO Kris Hagerman, recently sat down to record their thoughts in a short video.

Kris talks about the challenges the security industry is facing –  the increasing attacks, and the growing sophistication and coordination of the attackers. The old security strategies just aren’t enough anymore.

Traditionally the answer has been adding a whole bunch of security products – like security guards protecting a castle – and then adding more when that doesn’t work. Sophos is coordinating those protectors like no one has before.

“What we’re doing at Sophos, really for the first time, is we’re giving those guards radios,” Kris says. “So we’re giving the individual products, the security guards, the chance to communicate with each other.”

“For the first time, we’re taking the next-gen firewall technology and the Sophos endpoint technology, and having them communicate. Putting a heartbeat, putting a pulse between these two formerly isolated islands within security defenses,” says Chief Marketing Officer Matt Fairbanks.

Sophos Chief Technology Officer Joe Levy says the industry has been using the right “ingredients” for security, but not the right “recipe.” Sophos Security Heartbeat allows network and endpoint to exchange contextual information, forming a complete security system.

“Synchronized security is the future of the direction that security is going to have to go. While we as a vendor are the first to deliver this, I consider it inevitable that the rest of the industry follow suit,” Joe says.

Watch the video to hear more from our leadership team about our vision for synchronized security, and what makes it so emblematic of our mission of “security made simple.”

Υou can read the original article, here.

Recently we were honored to accept a big award: the Editor’s Choice Award for Enterprise Security, presented at the Global Enterprise Connect Awards 2015, recognizing the top IT solutions and services vendors, distributors and resellers in the Middle East and Africa.

It’s not unusual for us to earn this kind of recognition in the channel. We’ve taken home several big awards including: best IT vendor in all three security categories in CRN’s Annual Report Card (ARC); security vendor of the year from one of our biggest partners in North America; and vendor of the year in enterprise mobility management at the Integrator ICT Champion Awards 2015.

What makes this award special is how it demonstrates the combined strength of Sophos and Cyberoam in the MEA region.

“Together Sophos and Cyberoam enjoy an entrenched presence across the MEA region, which spans across 45 plus countries. And to augment our expansion, we have a team of over 40 people dedicatedly working for the region, working closely with customers and partners,” says Harish Chib, Vice President, Middle East and Africa, Sophos.

Sophos and Cyberoam are now one, and we’ve combined the best technologies from each company in our revolutionary next-gen firewall.

“What makes us different, is that now we can provide end-to-end solutions for our customers,” Harish told Computer News Middle East. “People want solutions to be simple now, and with this partnership, our customers can get just that.”

Υou can read the original article, here.

The Gameover Zeus and Shylock botnets were destroyed by law enforcement takedowns last year, in two of the most successful actions against financial malware. And yet malware families like Dridex, Dyreza and Vawtrak continue to prey on users of online banking around the world.

Clearly, the fight against cyberthreats isn’t easy, but SophosLabs is developing technologies that improve our ability to understand and respond to threats more efficiently and effectively.

SophosLabs Senior Threat Researcher James Wyke, in a new research paper presented at the Virus Bulletin International Conference, gives us a behind-the-scenes look at an automated system for extracting valuable information from banking malware families.

As James explains in his paper, titled Breaking the Bank(er): Automated Configuration Data Extraction from Banking Malware, data extraction is a time-consuming and repetitive task that is better left to systems, freeing up analysts to concentrate on the hard part of analysis.

Automated data extraction also helps us learn information about malware families and malware authors that we can use to detect future variants and build more robust protection.

The data extracted from malware can be used in multiple ways, which are described in James’s table below.

James describes our automated system, built on a sandboxing program called Cuckoo, and how it extracts and processes data before sending it on to other systems for analysis (see figure below).

James goes on to describe how this sandbox system was developed and how it works, and gives us examples of how it’s used to extract data from samples of Vawtrak – a banking malware family James has studied extensively.

While a lot of valuable security research describes how malware is developed from the attacker’s side, James’s paper provides a lot of insight into how our security researchers do their jobs to better protect us from threats.

It’s well worth a read.

Υou can read the original article, here.

Web gateway vendor Bloxx surprised customers with the announcement that it has been acquired, and the current Bloxx product set will be discontinued (“end-of-lifed”).

If you’re a Bloxx customer looking for a web security alternative, we can help you turn an annoying replacement project into an upgrade opportunity.

We all know that web threats and hackers don’t stand still. Sophos is always one step ahead of the threats with advanced web protection powered by SophosLabs intelligence and our Live Protection technology.

Sophos protects you against the latest exploit kits, drive-by attacks and malicious phishing websites. Plus, you have complete control over your users’ web browsing with custom block and allow lists and security policies that follow them wherever they go, on any device.

Sophos Secure Web Gateway gives you everything you need to replace your Bloxx product:

• Easy ownership: Simple web protection, from deployment to daily management and support.
• Your rack or ours: Choose whatever best suits your needs – an on-premise appliance, virtual appliance, or Cloud Web Gateway.
• Protection everywhere: For every user, on every device, everywhere they go.
• Lightning performance: Transparent protection that won’t slow your users down.
• Instant visibility: Get instant visibility into activity on your network with rich reporting and intelligent dashboards.
• Granular controls: All the policy control you need to keep your users productive and compliant online.

Upgrade to Sophos today!

Υou can read the original article, here.

As you know by now, this week we launched our new Sophos XG Firewall with Security Heartbeat. But you might be wondering: just what does XG Firewall include, and what other innovations does it offer?

So we thought we’d give you an overview of all the exciting new bits and pieces.

To start, it’s important to point out that XG Firewall is more than just a firewall product. It’s an entire network security ecosystem.

XG Firewall Ecosystem

XG Firewall is our new firewall product that is available as a next-gen firewall or a UTM. It can be deployed as a hardware appliance, a software appliance on an Intel compatible server, or as a virtual appliance in your favorite virtual environment.

Sophos Firewall OS (SF-OS) is the new software platform that incorporates a fresh new user interface and a ton of innovative new technology that is the core of the XG Firewall.

XG Series hardware appliances come pre-installed with SF-OS. They are otherwise identical to the SG Series appliances (which come with UTM 9 pre-installed). They offer industry leading performance with the latest technologies like Intel multi-core architecture, solid-state drives and the latest connectivity options.

Sophos Firewall Manager (SFM) is the new centralized management console which provides a great solution for monitoring and managing multiple XG Firewalls.

Sophos iView is a brand new version of iView that provides consolidated reporting across multiple XG Firewalls, as well as Sophos UTM 9 or Cyberoam devices.

Remote Ethernet Devices (RED) provide a very cost-effective and simple way to extend your secure network to remote locations. A Sophos exclusive, they were introduced with Sophos UTM 9 years ago and also work perfectly with XG Firewall today.

Secure Wireless Access Points make extending your secure network wirelessly a breeze with a full range of models to suit any environment with support for the latest wireless 802.11ac technology.

And if that wasn’t enough, as you know…

Sophos Cloud Endpoint works perfectly together with XG Firewall to deliver the revolutionary Security Heartbeat, linking your firewall and endpoints for the first time to share information, improve protection, and provide a whole new level of insight and visibility into the health of your network.

XG Firewall Innovations

I think you’ll agree that XG Firewall provides everything you need to provide a secure network for your business and protect it from today’s modern threats. What’s perhaps more exciting, however, is that it provides unprecedented insights and visibility into what’s happening on your network.

That provides a nice segue into some of the great innovations in XG Firewall:

User-based policies are at the core of XG Firewall and have never been easier to manage. You can easily enforce application control, web filtering, IPS, and traffic shaping (QoS) for individual users or groups, with just a few clicks, and all in one screen.

User visibility also reaches new levels with XG Firewall with features like User Threat Quotient, which monitors every user’s recent browsing behavior and ATP triggers to assign them a risk score from 1 to 100 and surfacing your highest risk users so you can easily deal with them before they get themselves infected.

Application visibility and risk also gets plenty of love in XG Firewall with some unique innovations like an all new app control engine, per-user or network policy app control enforcement, and even an application risk meter which provides an average score of the risk level for applications operating on your network, making it easy for you to know when stricter controls are required.

Business application policy templates also dramatically simplify the task of protecting common web services and applications such as Microsoft Outlook Anywhere, SharePoint or Lync.  Simply select the type of business app you need to protect from a drop-down list, and most of the rest of the policy is automatically filled in for you.

Unified policy management provides a single central screen for managing all your user, network and business application policies in one place, making it super easy to create, find, manage, and optimize your policies.

Performance also gets a boost across several areas of XG Firewall thanks to a dramatically improved proxy architecture, optimized next-gen IPS engine, and FastPath Packet Optimization.

Υou can read the original article, here.

Σήμερα, υπάρχουν πολλές λύσεις ασφαλείας στην αγορά, που μπορούν να σας βοηθήσουν να εξασφαλίσετε ένα παραγωγικό και ασφαλές περιβάλλον εργασίας στην επιχείρηση σας. Λίγες λύσεις ωστόσο στην αγορά προσφέρουν προστασία απέναντι στις προηγμένες απειλές και ελάχιστες δεν επιβαρύνουν την παραγωγικότητα των εργαζομένων. Επίσης, υπάρχει μόνο μία λύση στον κόσμο που προσφέρει Synchronized Security, η λύση της Sophos!

H Sophos έκανε το επόμενο μεγάλο βήμα στην ασφάλεια επόμενης γενιάς. Οι εταιρείες και οι οργανισμοί κάθε μεγέθους γνωρίζουν ότι χρειάζονται εξαιρετική ασφάλεια τελικού σημείου και ασφάλεια δικτύου – αφού είναι οι δύο θεμελιώδεις πυλώνες κάθε στρατηγικής ασφάλειας IT. Αλλά εδώ και πολύ καιρό, αυτές οι δύο προϊοντικές κατηγορίες απλώς δεν επικοινωνούσαν μεταξύ τους, ήταν ανεξάρτητες και απομονωμένες η μία από την άλλη, κάτι που περιόριζε την αποτελεσματικότητα τους.

Μόνο η Sophos κατάφερε να συνδέσει την κορυφαία τεχνολογία ασφάλειας δικτύων με την κορυφαία τεχνολογία στην ασφάλεια endpoint με μία συντονισμένη και “integrated” προσέγγιση. Αυτή είναι η συγχρονισμένη ασφάλεια (Synchronized Security), μία νέα συνδυαστική προσέγγιση στην ασφάλεια, που απλοποιεί την πρόληψη και την ανίχνευση,  και που αντιμετωπίζει τις προηγμένες απειλές και τις στοχευμένες επιθέσεις αποτελεσματικά, προσφέροντας καλύτερη προστασία και καλύτερη διαχείριση, σε οργανισμούς και εταιρείες κάθε μεγέθους.

Το νέο Sophos XG Firewall με Security Heartbeat είναι το “the next-big thing” στην ασφάλεια επόμενης γενιάς, προσφέροντας κορυφαία επιχειρησιακής κλάσης απόδοση, ασφάλεια και απόλυτο έλεγχο.

Κατασκευασμένο πάνω στα θεμελιώδη χαρακτηριστικά των ηγετικών στην αγορά UTM και firewall επόμενης γενιάς της Sophos, το Sophos XG Firewall ενσωματώνει αποδεδειγμένη τεχνολογία από τις Sophos και Cyberoam, προσφέροντας τα παρακάτω νέα χαρακτηριστικά:

• Κέντρο ελέγχου Ασφάλειας Δικτύου. Καινοτόμο περιβάλλον χρήσης που προσφέρει άμεση νοημοσύνη δικτύου και απειλών ώστε οι χρήστες να μπορούν να δράσουν άμεσα
• Ενοποιημένο Μοντέλο Πολιτικών. Απλοποιημένη διαχείριση πολιτικών, με προκαθορισμένα πρότυπα (templates) για επιχειρησιακής κλάσης εφαρμογές που εξορθολογούν και απλοποιούν τις ρυθμίσεις
• Ανάλυση Κινδύνων για Χρήστες και Εφαρμογές. Χαρακτηριστικά Ανάλυσης Κινδύνου για Εφαρμογές και Χρήστες, βοηθούν στην ταυτοποίηση χρηστών και εφαρμογών υψηλού κινδύνου και ενημερώνουν για δυνητικά επικίνδυνα σημεία για την ασφάλεια
• Δείκτης Απειλής Χρήστη. Διαχειριστείτε πολιτικές που έχουν στο επίκεντρο τον χρήστη (user-centric) με βάση την γνωστή συμπεριφορά κάθε ατόμου, καθώς και με βάση την κατάσταση υγείας του υπολογιστή ή της φορητής συσκευής που χρησιμοποιεί
• Sophos Firewall Manager. Πλήρης σε χαρακτηριστικά κεντρική διαχείριση για πολλαπλά firewalls που είναι δωρεάν για τους συνεργάτες της Sophos και τους managed service providers
• Κεντρική διαχείριση cloud. Οι συνεργάτες της Sophos και οι Managed Service Providers μπορούν να διαχειρίζονται πολλαπλές εγκαταστάσεις Sophos XG Firewall από το σύννεφο, χρησιμοποιώντας τον ολοκαίνουριο Sophos Cloud Firewall Manager
• Security Heartbeat. Αυτή η μοναδική δυνατότητα, που είναι η πρώτη φορά που κάνει την εμφάνιση της στην βιομηχανία, συνδέει με νόημα τα firewall και endpoint μαζί, με αποτέλεσμα να τους δίνει την δυνατότητα να μοιράζονται νοημοσύνη και να βελτιστοποιούν την προστασία ενάντια στις προηγμένες απειλές
• Σειρά συσκευών. Προσφέρεται μία ολοκληρωμένη σειρά από συσκευές με επιλογές για κάθε πελάτη, συμπεριλαμβανομένης της εισαγωγικής XG 85(w) και των κορυφαίων μοντέλων XG 750
• Ευελιξία hardware. Το λειτουργικό σύστημα του Sophos XG Firewall μπορεί να τρέξει επίσης στις υπάρχουσες συσκευές της σειράς Sophos SG καθώς και στις συσκευές Cyberoam NG
• Ευελιξία ανάπτυξης. Οι πελάτες μπορούν να επιλέξουν να αναπτύξουν συσκευές hardware, software ή virtual, αφού κάθε χαρακτηριστικό είναι διαθέσιμο σε καθέναν από αυτούς τους form factors

17o Συνέδριο Infocom World 2015

Αν θέλετε να μάθετε περισσότερα για το Synchronized Security της Sophos, και μάλιστα από πρώτο χέρι, δεν έχετε παρά να παρακολουθήσετε το 17o Συνέδριο Infocom World 2015, την Τρίτη 24 Νοεμβρίου 2015, που θα πραγματοποιηθεί στο Divani Caravel Athens, Λ. Bασ. Αλεξάνδρου 2, Αθήνα. Ώρα προσέλευσης 9.00 π.μ.

Παρακαλούμε επιβεβαιώστε τη συμμετοχή σας μέχρι 20/11/2015 στην ηλεκτρονική διεύθυνση http://www.info-com.gr.

Η Joanna Wziatek, Sales Engineer της Sophos θα μιλήσει σχετικά με το Synchronized Security στην Ενότητα 3 του συνεδρίου ενώ θα πραγματοποιηθούν και δύο workshops δωρεάν, με θέμα Securing your workplace using Sophos technologies και Creating Software Defined Networking using Ocedo Technology.

Για την εγγραφή σας στα workshops, πατήστε εδώ.

Σας περιμένουμε!

As you know, Sophos SG Series appliances with UTM 9 firmware are our industry leading and award-winning unified threat management (UTM) platform. Sophos UTM has a long and successful history that extends back many years.

Now, with the introduction of Sophos XG Firewall and our XG Series appliances, people may ask if Sophos UTM and the SG Series are going away. The answer is simple: No!

Existing partners and customers who are familiar and happy with their Sophos UTM can continue to sell it and use it, and we will continue to develop and support Sophos UTM 9, with a couple of new releases already in the planning stages.

Sophos customers who need specific features of Sophos UTM 9 that are not yet available in Sophos XG Firewall can rest assured that we will continue to develop the Sophos UTM 9 platform. When customers are ready to switch to XG Firewall, they can use their existing SG Series hardware and upgrade for free.

Sophos XG Firewall runs perfectly on all Sophos SG Series hardware appliances, as well as the same Intel compatible hardware and virtual environments as UTM 9. While we are confident that most Sophos UTM 9 customers will want to take advantage of many of the great new features and benefits of XG Firewall over time, there is certainly no rush to migrate, and customers don’t have to migrate if they don’t want to.

We plan to release some migration tools early next year to help customers upgrade an SG Series running UTM 9 to XG Firewall, if and when they are ready to do so. You can read more about this in our UTM 9 to XG Firewall migration FAQ.

One important point is that customers using UTM Series hardware appliances will need to refresh hardware in order to migrate to XG Firewall. Please talk to you account manager or Sophos partner for help with this process.

Finally, the new release includes new XG Series hardware appliances. These are entirely based on our award-winning SG Series and as such have identical technical specifications to the SG Series – they just come preinstalled with different firmware, which is why we’ve given them a new name to differentiate.

• SG Series = UTM 9.x preinstalled
• XG Series = XG Firewall with new SF-OS 15 preinstalled

Keep an eye on this blog for more information on Sophos UTM releases and for news and updates related to all Sophos products. Sign up for the Sophos Blog newsletter by entering your email address in the sign-up field in the upper right corner of the blog homepage. You can also sign up for our RSS feed.

Sophos UTM is very much alive and kicking. With Sophos UTM or Sophos XG Firewall you can rest assured your business and network security is in good hands with Sophos.

Read the UTM 9 to XG Firewall migration FAQ.

Υou can read the original article, here.

The next thing in next-gen: Ultimate enterprise firewall performance, security, and control with ΧG Firewall with Security Heartbeat. With Fastpath packet optimization technology with up to 140Gbps throughput, revolutionary Security Heartbeat for improved Advanced Threat Protection (ATP) and response, patented Layer-8 user identity control and visibility, unified App, Web, QoS, and IPS Policy simplifies management, app risk factor and user threat quotient monitors risk levels and more!

New Features of Sophos XG Firewall:

Built on the foundation of Sophos’ market-leading UTM and next generation firewalls, the Sophos XG Firewall includes proven technology from Sophos and Cyberoam, and delivers the following new features:

• Network Security Control Center. Innovative interface that delivers instant network and threat intelligence so users can take action fast.
• Unified Policy Model. Simplified policy management with pre-configured templates for business apps to dramatically streamline configuration.
• User and App Risk Analysis. App Risk Score features help identify high-risk users and applications and highlight potential security hotspots.
• User Threat Quotient. Manage user-centric policies based on an individual’s known behavior as well as the health status of the computer or mobile device they are using.
• Sophos Firewall Manager. Full-featured centralized management of multiple firewalls that’s free for Sophos partners and managed service providers.
• Centralized cloud management. Sophos partners and MSPs can manage multiple Sophos XG Firewall installations from the cloud, using the new Sophos Cloud Firewall Manager.
• Security Heartbeat. This unique capability, an industry first, meaningfully links the firewall and endpoint together, enabling them to share intelligence and enhance protection against advanced threats.
• Series of appliances. A comprehensive range of appliances with options for every customer, including the new entry-level XG 85(w) and high-end XG 750 models.
• Hardware flexibility. The Sophos XG Firewall operating system will also run on existing Sophos SG appliances and Cyberoam NG appliances.
• Deployment flexibility. Customers can choose to deploy as hardware, software or virtual appliances, and every feature is available on every form factor.

Available models range from a desktop appliance with integrated Wi-Fi to rack-mount appliances for the data center. Pricing is available from authorized Sophos partners worldwide.

Υou can read the original article, here and here.

Sophos, a global leader in network and endpoint security, has introduced the first synchronized security protection against today’s sophisticated threats with the Sophos Security Heartbeat capability of the Sophos XG series of next-generation firewalls and UTMs.

This new technology directly links next-generation firewalls and UTMs with next-generation endpoint security to share threat intelligence that enables faster detection of threats, automatic isolation of infected devices, and more immediate and targeted response and resolution.

With Security Heartbeat, organizations of any size can advance their defenses against increasingly coordinated and stealthy attacks and drive a dramatic reduction in the time and resources required to investigate and address security incidents.

The Security Heartbeat pulses continuous, real-time information about suspicious behavior or malicious activity between endpoints and the network firewall or UTM. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach. The Sophos XG Firewall uses data provided by Sophos endpoint protection to isolate and restrict access to and from the affected device, and in parallel, the endpoint protection can remediate the attack.

IT organizations can benefit from advanced threat protection capabilities without requiring additional agents, layers of complex management tools, logging and analysis tools, or expense. The Security Heartbeat is fully enabled and included as part of the Sophos XG Firewall and Sophos Cloud-managed endpoint protection.

“Today Sophos has taken the next big step in next-generation security. Organizations of every size know they need endpoint security and network security – they are two foundational pillars of any IT security strategy. But for too long, these two product segments simply didn’t communicate with each other – they were independent and isolated silos, which limited their effectiveness and their manageability,” commented Kris Hagerman, CEO at Sophos. “Only Sophos links leading network security technology with leading endpoint security technology together in a coordinated and integrated approach. This is synchronized security that delivers both better protection – and better manageability – for organizations of any size.”

Christian Christiansen, vice president of security products at IDC comments, “No other company is close to delivering this type of synchronized and integrated communication between endpoint and network security products. For the midmarket, the time and resource savings will be very compelling as their ability to stay ahead of increasingly sophisticated threats with today’s products will only become more challenging.”

How does the Security Heartbeat work?

• When a new Sophos protected endpoint is added to the network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and the endpoint immediately starts sharing health status.
• If suspicious traffic is identified by the firewall, or malware is detected on the endpoint, security and threat information is instantly shared securely via the Security Heartbeat.
• The endpoint reports context-rich information such as the computer name, username and process information associated with the threat.
• The firewall can automatically take action to isolate the endpoint from any routed or remote networks and trigger additional action on the endpoint to mitigate risk and prevent data loss.
• After the threat has been removed, the endpoint uses the Security Heartbeat to communicate updated health status back to the network, which then re-establishes normal service to the endpoint.

Jon Oltsik, senior analyst at ESG comments, “This is a good step toward synchronized security solutions. Having viewed tests of the Sophos XG Firewall with a Sophos protected endpoint, I have seen how the information passed in the security Heartbeat can reduce the risk to a business by increasing the speed of detection and response. It is not just management interface integration; the two products share valuable information making each one more effective and efficient. For companies who do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations.”

Υou can read the original article, here.

Sophos Cloud is the newest member of the Sophos product family, but it’s also the fastest-growing. And as more people learn about our vision for comprehensive security managed simply in the cloud, we’re starting to get positive recognition from analysts and reviewers.

We are happy to say that we’ve just received a big award from PC Pro, the UK’s number one monthly IT magazine, which has named Sophos Cloud as its Security Product of the Year.

PC Pro contributing editor Dave Mitchell said in his review that Sophos Cloud “combines an intuitive and lightning-fast web portal with slick user-based security policies and a quality feature set.”

He continued: “Add in support for both servers and desktops, plus the best mobile device controls in town, and it’s a compelling package.”

When we first released Sophos Cloud two years ago, Charles Kolodgy, Research Vice President for IDC, said it was a “welcome addition” to the endpoint market, helping small and mid-sized businesses to improve security “without taxing their resources.”

Sophos Cloud has come a long way since then, adding cloud-managed web gateway, mobile management and security, and server protection.

And we’re not going to stop now.

We’re creating comprehensive protection in Sophos Cloud by focusing on end users. Security policies follow the user across devices, platforms and locations.

Whatever level of protection you choose (endpoint plus web and mobile or other combinations), all of these security solutions work automatically together for holistic and advanced end user protection.

To learn more about how Sophos Cloud protects your users everywhere, visit sophos.com/cloud. Or sign up for a free 30-day trial right now.

Υou can read the original article, here.

Android has developed a bit of a reputation for poor security, especially compared to Apple iOS, thanks to numerous vulnerabilities like the recent Stagefright and the explosion of Android malware in recent years.

Google has certainly taken steps to address some of the inherent weaknesses in the Android platform, with Android 5.0 (Lollipop) adding features that merit closer inspection – as SophosLabs researchers Rowland Yu and William Lee have done in an excellent paper they presented at the recent Virus Bulletin International Conference.

Their paper – titled “Will Android Trojan, Worm or Rootkit Survive in SEAndroid and Containerization?” – examines these new security features in Android 5.0, and what they mean for data security in corporate devices.

As the paper explains, SEAndroid stands for Security Enhancements for Android, which enforces system-wide security policies to: prevent privilege escalation by applications; keep applications separate from each other and the system; and prevent the bypass of security features.

Containerization refers to the separation of an encrypted zone on the device, and the ability to manage access to the zone. “In other words, (containerization) not only secures data on device, but also controls how applications can access, share and use the data,” the SophosLabs researchers say.

However, SEAndroid and containerization have their limits, and can still be exploited by Android malware. Additionally, both fail to address the core problem of the Android permissions model, because it is difficult to distinguish between clean and malicious apps based only on permissions requested, the researchers say.

In their overview of the Android threat landscape, Rowland and William provide succinct explanations of the major categories of malware and potentially unwanted applications, including SMS senders, Trojan backdoors, spyware, ransomware, banking Trojans and rootkits.

The technical analysis of how existing malware will survive despite the security enhancements in Android 5.0 can’t be fully explained in a short blog post – but this SophosLabs paper is definitely worth a read for anyone interested in the evolution of Android malware and efforts to confront the continued insecurity in the Android OS.

Υou can read the original article, here.

On your own network, you get to set the security rules. You can make sure your router has a decent password; you can keep everything patched; you can run security software on all your devices; and so on. But once you’re on the road, whether it’s free Wi-Fi at the coffee shop or the business network in the airport lounge, you don’t have the same control.

For all you know, the network you’re using might not merely have been hacked by crooks, it might have been set up by crooks in the first place. One solution is to be careful, and stick to secure websites for sensitive work such as uploading documents or online banking.

But you are probably giving away plenty of information anyway:

• Some secure websites include links to insecure sites, which leave a visible trail.
• Some applications use secure connections, but don’t bother to check if they’re talking to an imposter server.
• Some applications use insecure connections, but don’t tell you.
• When a program connects to, say, https://bank.example/, it first asks the network, “I need bank.example. Where do I find it?”

In other words, your computer’s internet connection is a bit like a conversation two rows behind you on the bus: even if most of it is inaudible, you can nevertheless be pretty sure what it’s about.

That’s where a VPN, short for Virtual Private Network, comes in.

The idea is surprisingly simple.

You get your computer to encrypt all your network data (even if it’s already encrypted!) before it leaves your laptop or phone, and send the scrambled stream of data back to your own network.

When the scrambled data is safely back on home turf, it is decrypted.

Only then is it sent onto the internet in its unscrambled form, just as if you were at home.

The encrypted internet link, known in the trade as a tunnel, acts like an long, secure, extension cable plugged into your own network.

Unless the crooks can crack into the encrypted tunnel itself, they’re no better off at hacking you than if you were back at home or in the office.

So, you have neutralised any advantage the crooks were hoping for because you were on the road.

And that, very briefly, is a VPN.

PROS OF A VPN

+  Your internet connection appears to originate from your own network. If that coffee shop Wi-Fi turns out to be a rogue network, you won’t get blocklisted because you used it.

+  All your data is encrypted automatically as it passes through the untrusted network. You won’t leak or overlook anything by mistake.

+  You are protected in the same way that you would be at home or work. Any email filtering, web filtering and threat blocking tools work just as you’d expect.

CONS OF A VPN

–  Your network traffic takes two extra hops, out and back through the encrypted tunnel. When you’re far from home, this can slow your connection down.

–  Your computer has to set up the encrypted tunnel before you can get online. This typically takes only a few seconds, but can feel a lot longer if you are in a hurry.

LEARN MORE

FURTHER READING. Serious Security: Understanding the ‘P’ in ‘VPN’

HOW TO DO IT. Use a VPN to secure your branch offices with Sophos RED

GET A FREE TRIAL. Try the Sophos UTM in your business, with built-in VPN.

RUN YOUR OWN VPN AT HOME. The Sophos UTM is 100% free for home use.

Υou can read the original article, here.

If you’re an avid Android user like me (and over a billion other people on the planet), you’re probably at least a little bit aware that Google’s crazy-popular mobile OS comes with some security drawbacks.

For one, the ability to install apps from third-party app markets makes Android more vulnerable to malware than iOS – Apple devices can only get approved and vetted apps from the App Store.

Unlike your iPhone-toting friends, however, you can use an antivirus to protect your Android (Apple won’t allow iOS antivirus apps in its Store). Even better, you can get the best Android security app from Sophos, and it’s completely free.

Here are 10 reasons you should get Sophos Mobile Security for Android, our free security and privacy app, to protect all your Android smartphones and tablets.

1. You’re always protected from malware and potentially unwanted applications.

Android malware is relatively rare compared to Windows malware, but it’s growing fast –  in just the first six months of 2015, SophosLabs has discovered 610,389 new Android malware samples, bringing the total to approximately 1.9 million.

But there are another 1 million apps we’ve categorized as potentially unwanted apps (PUAs), because they may threaten your privacy or security with adware, collect your data unnecessarily, or deceive you with phony malware pop-ups and other scammy behavior. The good news is that Sophos Mobile Security has a great track record of blocking malware and PUAs, acing third-party tests with 100% malware detection six times in a row.

2. It won’t drain your battery or slow performance.

Sophos Mobile Security has a lightning fast antivirus engine for quick scanning, which means lower CPU consumption and less impact on your battery. You can schedule your scans at intervals depending on your preference, from every six or 12 hours, to once daily, once every two days, or once every three days.

3. Privacy and security advisors show you which apps and settings pose the greatest risks.

There are a lot of apps that request permissions for no (good) reason. Does a flashlight app need to know your exact location? Our privacy advisor will show you which apps are asking for too much data or could cost you money. And the security advisor lets you know if your device settings are leaving you vulnerable.

4. Blocks unwanted calls and SMS text messages.

Spam filters for your email save you from unwanted and potentially dangerous messages. You should be able to block those annoying and scam phone calls and text messages too. Sophos Mobile Security lets you choose which numbers to always allow, and always block sketchy numbers, such as those with hidden caller ID. It also scans for malicious URLs in text messages.

5. Web filtering keeps you safe from malicious websites.

You use your phone for surfing the web, maybe even more than you do on a regular PC. Now you can get protection on your Android from phishing sites and websites flagged by SophosLabs for harboring malware. Web filtering also allows you to block categories of websites like adult content.

6. Remote lock and wipe your device in case of loss or theft.

With a simple text message, you can locate, lock or wipe your device. Also send a message to the lockscreen of your phone to let someone know how to return your lost phone; reset the passcode; or set off the device’s alarm so you can find it between the cushions of your couch.

7. Add another layer of protection to sensitive apps.

Keep your privacy with password protection for sensitive apps like email or social media. This feature can also prevent someone from changing the settings on your phone or racking up charges in Google Play.

8. Automatic updates keep you up-to-date with every new version.

But you control whether the updates happen over the phone network, when roaming or on Wi-Fi.

9. Managed mode.

If the app is managed through Sophos Mobile Control (SMC) or Sophos Cloud, it will report the health status of your device to the management console, allowing your IT department to guarantee full protection throughout the company at all times. The app will report found malware and potentially unwanted apps, and apply your company’s security policies.

10. It’s free on Google Play!

Υou can read the original article, here.

If you’ve been following Project Copernicus, you know that it’s our revolutionary new firewall platform that’s been in beta for the last couple of months. Today, we’re pleased to announce that our brand new centralized management platform for Copernicus firewalls is now available for beta.

Sophos Firewall Manager (or SFM for short) provides powerful centralized management for all your Copernicus firewalls, with time-saving features that make it easy to ensure consistent protection across multiple locations.

SFM includes:

• Flexible grouping of firewall devices based on a variety of criteria
• Full-device configuration interface that’s consistent with on-box management
• Pushing policies across multiple firewalls for consistent protection
• Configuration templates to streamline setup across devices
• Immediate visibility across your entire network
• Role-based admininstration with change control and audit logging

To get started, simply visit sophos.com/copernicusbeta to download the new Sophos Firewall Manager, available as a software appliance to run on your Intel compatible hardware platform, or the virtual environment of choice.

Then head to the Sophos Community Forums to find documentation and tips, and share your feedback.

Υou can read the original article, here.

The malware ecosystem is a complex environment. Criminals must acquire victims, develop scams and figure out the most effective way to turn that activity into cash. Most Internet crimes are opportunistic, meaning that online attacks are best operated as a high-volume business.

The keys to profitability are the ability to exploit a high percentage of potential victims, being able to cast a wide net to gather said victims, and some sort of payload that can steal information or extort money from a victim.

In research conducted in February 2015 at SophosLabs in Vancouver, Canada, we found that Linux machines represented approximately 80% of the 178,635 newly malicious websites discovered by Sophos during that week. This compares to approximately 73% of all websites being served by non-Windows servers.

Why should this be the case? What leads Linux to be such an integral part of malware distribution?

There appear to be three primary factors leading Linux to being favored by online criminals.

• Linux servers are preferred by budget cloud hosting providers for their low cost (free) and flexibility. These providers do not provide security services and largely cater to amateur web enthusiasts.
• Linux servers are undefended. Linux administrators and server operators have the perception that Linux is immune to malware and usually do not install nor configure antivirus, firewalls, intrusion prevention systems (IPS) or other defensive technologies.
• Linux exists primarily in the data center. This provides high availability and access to large amounts of bandwidth without triggering suspicious use of network resources.

The unprotected nature of Linux in the enterprise allows for long term exploitation, as detection isn’t typically possible if you aren’t looking for problems to begin with.

Based on the data we collected, it appears that most of the innocent websites that are commandeered to host and direct victims to malware, phishing scams and exploits are operated by amateur webmasters. Most servers were not up to date with operating system patches nor running patched and updated applications like WordPress, Drupal or cPanel.

What can IT professionals do to help prevent this abuse of Linux infrastructure? Here are our recommendations:

• Schedule updates for Linux servers the same as you do for Windows. Have a bi-weekly calendar invitation to remind you to apply the latest fixes.
• Recommend amateurs to use cloud services for hosting blogs and websites rather than operate and be responsible for maintaining entire servers.
• Run antivirus, firewalls, and IPS to protect all assets, regardless of operating system.
• Secure publication systems with two-factor authentication to prevent the abuse of stolen FTP and SSH credentials and keys.

Υou can read the original article, here.

If 2014 was the year of the data breach, then 2015 must be the 2.0 version. And after every new breach, (a few of the bigger ones this year: the “human resources department” of the US government, and the adultery site Ashley Madison) there’s a lot of hand-wringing and teeth gnashing about the state of cybersecurity.

Fortunately, more and more organizations are coming to realize that there is a solution – a way to keep data secure even when a security breach does occur. Encryption is, simply put, the best defense against data-hungry hackers, and the best prevention for the consequences of data loss for businesses and their customers.

Now there’s more good news for those looking for a top-flight encryption solution: Sophos has once again been positioned in the Leaders Quadrant in the 2015 Gartner Magic Quadrant for Mobile Data Protection – as we have been every year since 2005.

There are a lot of things to consider when launching an encryption strategy and choosing a vendor. But looking at what independent industry analysts say about the encryption market is a good place to start.

We’re proud to be the only company placed in both the Magic Quadrant for Mobile Data Protection and the Magic Quadrant for Enterprise Mobility Management, which we think is a testament to the value we place on protecting data across all devices and environments.

In addition, Sophos is the only IT security company to be positioned as a Leader by Gartner in three critical security Magic Quadrant reports: Dec. 2014 Magic Quadrant for Endpoint Protection Platforms (EPP), the Sept. 2015 Magic Quadrant for Unified Threat Management (UTM) and once again, the Oct. 2015 Magic Quadrant for Mobile Data Protection (MDP).

In June 2015, Sophos was placed in the Visionary Quadrant of the Magic Quadrant for Enterprise Mobility Management (EMM).

We were additionally recognized by Forrester, Inc. as the “breakout star” in its Forrester Wave: Endpoint Encryption report for Q1 of 2015, and we have been recognized by IT managers in the TechTarget Readers’ Choice Award for the best encryption solution.

We believe that we’re consistently rated as leaders in the encryption market because our philosophy of “security made simple” means you get the best data protection in a solution that’s easy to manage and won’t slow down your people as they go about their jobs.

“Our encryption everywhere philosophy, combined with our vision that security can be simple, drives us to develop next generation data protection that makes encryption a part of a complete security system,” says Dan Schiappa, senior vice president and general manager, enduser protection group at Sophos. “We’re helping businesses of all sizes to implement enterprise-grade endpoint security solutions that just work – for their users and their business”.

To learn more about our encryption solutions, the overall encryption market, and the capabilities you need, download a complimentary copy of the Gartner Magic Quadrant for Mobile Data Protection.

Υou can read the original article, here.

Balancing the dissimilar needs of network security and employee productivity has long been a conundrum for IT professionals. Network threats, from malware to malicious attackers to data leakage, continue to grow unabated as criminals mine for sensitive business data that can be converted to cold hard cash. Meanwhile, employees are becoming ever more mobile, with the traditional workplace being reimagined as anywhere, any time the employee needs to work.

A recent study commissioned by Dell highlights the ‘great divide’ between network security and remote or mobile worker productivity. In a poll of medium to large enterprises, 91% of business users reported that their companies’ respective security measures had a negative impact on their productivity. Perhaps a key contributor to this discontent arises from another finding in the study: 85% of respondents needed to keep track of two or more login and password combinations to access files and applications required for their daily work.

Anyone who has worked in a corporate setting can probably attest to the difficulty of managing multiple passwords to access business applications like Exchange, Oracle, SharePoint, Citrix, VMware View and many others. If multifactor authentication is a part of the network security equation, it adds an additional layer of peace of mind for the IT staff but further compounds the difficulty for employees striving to get their work done.

Fortunately there’s a better way.

Array’s AG Series secure access gateways (SSL VPNs) have the unique ability to act as a ‘central gateway’ for both office-based and remote/mobile workers to access business applications and data. This method presents a single, unified and customizable login portal that serves to accept, authenticate, and pass network credentials to network resources behind the access gateway.

In effect, employees now have just one central point of login for all applications they are authorized to access, regardless of their location. They no longer need to remember multiple login points (local, remote, etc.) for their authorized network resources.

This method even works for Web-based assets such as application portals (SalesForce.com for example). Using SSL Post, the user’s network credentials are pulled from the AG Series’ cache and presented to the Web page that is requesting them.

It’s important to note that the AG Series allows role-based control of access via Active Directory groupings. This control can be extremely granular – right down to specific device ports, if needed. In addition, a range of access methods is supported, including clientless Web access; a pre-installed or Web-delivered client; or via the MotionPro native app for iOS and Android devices.

By using Array’s AG Series SSL VPN appliance as a single, unified, captive login portal for your company, you can have one user experience to rule them all while maintaining strong network security and boosting employee productivity – and remove a point of frustration as well.

You can read the original article, here.

Corporate end users (including you and me) are super productive when we use multiple devices – laptops, tablets, smartphones – so we can keep working wherever, whenever. These devices are convenient and portable, allowing us to connect from coffee shops, airports, hotels and at home.

Unfortunately, cybercriminals are taking advantage of the fact that it can be difficult to secure highly mobile, always connected end users.

IT professionals know that they have to secure all these devices, and offer secure web access from anywhere. The solutions are out there, such as enterprise mobility management (EMM), mobile security, endpoint security, and secure web gateways.

Unfortunately, these so called best-of-breed solutions add complexity at best; in the worst cases, a mix of different products from different vendors can lead to inconsistent protection and security blind spots. And that’s exactly what the cybercriminal is hoping for.

Integration is the new best of breed

At Sophos, we’re creating comprehensive protection in Sophos Cloud by focusing on the end users, not their devices. With this user-centric approach, our customers can protect users on any device, with next-gen endpoint security, web gateway, mobile device management and mobile security. And Sophos Cloud is simple to deploy and manage from a single, unified web-based console.

You can manage Joe or Jane’s security via consistent, user-centric policies that follow them across any device, on and off network. And you can get reports on a per-user level as well so you know whenever a device is out of compliance. Security policies will be consistent and tamper-proof.

Comprehensive yet modular

While the solution is fully integrated, you can still deploy Sophos Cloud in a modular way. For example, if you currently have Sophos Cloud Enduser Protection, you can add on a trial license of Sophos Cloud Web Gateway, directly from your management console. It’s completely free for 30 days.

Whatever level of protection you choose (endpoint plus web and mobile or other combinations), all of these security solutions work automatically together for holistic and advanced end user protection.

To learn more about how Sophos Cloud protects your users everywhere, watch the video below and visit sophos.com/cloud. Or sign up for a free 30-day trial right now.

Υou can read the original article, here.