Sophos SG 1 Session: Sophos UTM 1
2
3
can be achieved complicated Router Firewall IPS SSL VPN Gateway E-Mail/Spam Filter GW Antiviren-Filter Web-Filter WAN Link Balancer Load Balancer 4
or simple 5
Our All-In-One Approach Endpoint Desktops, Server, Notebooks High availability and load balancing functionality Integration of Web, Mail and Network protection features Deployment options Accessories for VPN & WIFI Software Appliance Virtual Appliance Central, browser based management Hardware Appliance 6
Full featured gateway security Endpoint Device Control AntiVirus Web Control Wireless Wireless Controller for Sophos Access Points Multi-SSID Support Captive Portal & Ticketingsystem optional Essential Firewall Stateful Firewall Network Address Translation PPTP/L2TP Remote Access Network IPS mit MAPP & LiveLabs IPSec/SSL/RED VPN WAN Link Balancing SSL Portal (HTML5) Adv. Threat (ATP) Web Server Reverse Proxy Web Application Firewall Dual Virus Mail optional Anti-Spam & Phishing Dual Virus E-Mail Encryption Data Loss Prevention (DLP) Web URL-Filter Dual Virus Anti-Spyware Application Control 7
Why Sophos? Simplify gateway security management and lower TCO Protect your entire organization with a single solution Comprehensive security for your IT environment Security that frees you to focus on your business A new threat can be analysed and blocked in milliseconds The best technology to keep you safe from emerging online threats Complete protection for less investment Award-winning technology - easy to install A recognized leader you can rely on Provide essential protection with minimal hassle Reduce the administrative burden of protecting endpoints against known and unknown threats 8
Simplify gateway security management and lower TCO Protect your entire organization with a single solution Comprehensive security for your IT environment Security that frees you to focus on your business A new threat can be analysed and blocked in milliseconds The best technology to keep you safe from emerging online threats Complete protection for less investment Award-winning technology - easy to install A recognized leader you can rely on Provide essential protection with minimal hassle Reduce the administrative burden of protecting endpoints against known and unknown threats 9
and there s also always a cheaper solution around 10
11
Sophos has a long history line Founded in Abingdon (Oxford), UK Supplied security software to UK forces in 1st Gulf War TA Associates minority investment Acquired Utimaco Safeware AG Acquired Astaro Divested noncore Cyber business Peter Lammer c1985 Jan Hruska c1985 1985 1988 1989 1991 1996 2002 2003 2008 2010 2011 2012 2013 2014 First checksumbased antivirus software Voted best small/medium sized company in UK First signaturebased antivirus software US presence established in Boston Acquired ActiveState Awarded 3 Queen s Awards for Enterprise, Innovation and International Trade Majority interest sold to Apax Partners Acquired DIALOGS Acquired Cyberoam Acquired Mojave Networks 12
aquired a lot of technology during time... Founded in Abingdon (Oxford), UK Supplied security software to UK forces in 1st Gulf War TA Associates minority investment Acquired Utimaco Safeware AG Acquired Astaro Divested noncore Cyber business Peter Lammer c1985 Jan Hruska c1985 1985 1988 1989 1991 1996 2002 2003 2008 2010 2011 2012 2013 2014 First checksumbased antivirus software Voted best small/medium sized company in UK First signaturebased antivirus software US presence established in Boston Acquired ActiveState Awarded 3 Queen s Awards for Enterprise, Innovation and International Trade Majority interest sold to Apax Partners Acquired DIALOGS Acquired Cyberoam Acquired Mojave Networks 13
with a simple philosophy in mind... Security must be comprehensive The capabilities required to fully satisfy customer needs Security can be made simple Platform, deployment, licensing, user experience Security is more effective as a system New possibilities through technology cooperation 14
and a vision for the future Technology integration that enables complete, simple-to-manage security that works effectively as a system. 15
which leads us finally to those guys here Nikolaus Kopernikus Galileo Galilei Johannes Kepler Project Copernicus Next Generation Network Security Project Galileo Integrated, context-aware security where Enduser and Network technology share meaningful information to deliver better protection. Project Kepler Next Generation Data / Encryption 16
Threat-centric view of security Simple Systematic Working in concert Relationship to nearby objects Based on multiple points of information Advances in technology Complex Myopic Independent of nearby objects Assumptions based on limited knowledge Best available technology at the time 17
System-centric view of security Simple Systematic Working in concert Relationship to nearby objects Based on multiple points of information Advances in technology Complex Myopic Independent of nearby objects Assumptions based on limited knowledge Best available technology at the time 18
The technology base is here - Network 19
The technology base is here - Endpoint 20
The technology base is here - Cloud 21
But all these are still standalone solutions? So far so true, but Gallileo and Copernicus are moving forward: Lot of functionality already got implemented in a user friendly and simple way in Sophos Cloud as MDM, Endpoint, Server AV and Server Lockdown Next generation security Copernicus V1 is expected between Q4 2015 Q1/2016 Security Heartbeat is expected between Q4 2015 Q1/2016 And lot more ongoing. But that s stuff for a future session 22
Next Gen Network a connected system Unified Management Compromise Detection and Response Heartbeat Next Gen Endpoint Next Gen Network Layer 8 User-Centric Policy Model Cloud console management /reporting Deep Application control, coverage and visibility Intelligent scanning to accelerate performance Runs on SG Series Hardware Unrivalled User Experience Architecture Platform Modular Open Source Flexible migration with tools Hardware, Virtual and Cloud Deployment 23
Next Generation Threat Detection Sophos Cloud Application Control Application Tracking Reputation Web IoC Collector Routing Email Security Web Filtering Intrusion Prevention System Firewall Threat Engine SOPHOS SYSTEM PROTECTOR Galileo Heartbeat heartbeat Galileo Heartbeat SOPHOS FIREWALL OPERATING SYSTEM Threat Engine Live Emulator HIPS/ Runtime Device Control Malicious Traffic Detection Proxy Selective Sandbox Application Control Data Loss Prevention ATP Detection Compromise User System File Lockdown local network access Remove file encryption keys Terminate/remove malware Identify & clean other infected systems 24
Next Generation Threat Detection Sophos Cloud Application Control Application Tracking Reputation Web IoC Collector Routing Email Security Web Filtering Intrusion Prevention System Firewall Threat Engine SOPHOS SYSTEM PROTECTOR Galileo Heartbeat heartbeat Galileo Heartbeat SOPHOS FIREWALL OPERATING SYSTEM Threat Engine Live Emulator HIPS/ Runtime Device Control Malicious Traffic Detection Proxy Selective Sandbox Application Control Data Loss Prevention ATP Detection Compromise User System File Isolate subnet and WAN access Block/remove malware Identify & clean other infected systems 25
Network Visibility & Control Application Control Application Tracking Reputation Web IoC Collector Routing Email Security Web Filtering Intrusion Prevention System Firewall Threat Engine Live Sophos System Protector Emulator HIPS/Runti me Device Control Galileo Heartbeat Malicious Traffic Detection Galileo Heartbeat Proxy Selective Sandbox Sophos Firewall Operating System? Application Control Data Loss Prevention Threat Engine ATP Detection i App Info User System File Query if Top 10 bandwidth user Query endpoint for App info Identify other systems with same app Update all NGFW with app characteristics 26
Galileo in action Copernicus preview Please note, this is a early Copernicus preview look and feel still may change until final release 30
31