New lateral movement protection exposes blind spots on network switches or LAN segments with innovative Sophos Synchronized Security technology
OXFORD, U.K. — November 28, 2018 —

by sharing intelligence between the firewall and endpoints and automatically isolating infected systems is critical for every organization today,” said Schiappa. “Unfortunately, many business environments could have blind spots on their network switches or LAN segments, and these can become secret launch pads for attacks. The new features in Sophos XG Firewall prevents threats from spreading, even where the firewall doesn’t have direct control over traffic.”

Lateral Movement Protection is enabled through synchronized security

The Sophos XG Firewall automatically interacts with Sophos’ endpoint products, including its new Intercept X Advanced with Endpoint Detection and Response (EDR), to deliver this new layer of protection. These essential security anchors connect via the Security Heartbeat in Sophos’ Synchronized Security technology. This creates an intelligent solution that can proactively predict and protect against threats, detect and prevent further infection by automatically isolating machines, and remediate the infection. Security Heartbeat technology enables the automatic isolation of high-risk endpoints from other endpoints on the same broadcast domain or network segment.

“Our ingenious and aggressive cybercriminal adversaries are vigilant in developing new threats, leveraging exploits or manually attacking organizations themselves; the breaching of a weak point in a network followed by lateral movement and credential elevation is an increasing common playbook of the day,” said Frank Dickson, research vice president, Security Products, IDC. “By connecting network and endpoint intelligence through Security Heartbeat, Sophos has implemented an innovative and significant feature to identify and mitigate lateral movement-centric cyberattacks within seconds, automating the prevention of a threat spreading by isolating the endpoint. Essentially, Intercept X is strengthened with Sophos XG Firewall network-based enforcement to create a more integrated and synergist approach to cyber defense for businesses, easing the administration burden for cyber security professionals."

“A few years ago, when everyone was talking about the need for best-in-breed point products to create a layered approach, Sophos was pioneering Synchronized Security and revolutionized the cybersecurity market with its Security Heartbeat solution. In today’s world of constant and changing cyberthreats, having endpoint and network products communicating with each other and sharing intelligence is more important than ever,” said Brandon Vancleeve, vice president, Pine Cove Consulting, a Sophos Partner in Bozeman, Montana. “The new lateral movement protection is a huge enhancement to what was already impressive in Sophos’ Synchronized Security. Now, the XG Firewalls and endpoint protection will be able to isolate machines within their own subnet. This is an important development that will only improve our customers’ security posture, allowing them instant visibility into threats beyond the network. Most of our customers have multiple LAN Segments, so the new detection adds to what we consider the best protection available on the market.”

Additional new and enhanced features in Sophos XG Firewall include:

  • Protection Enhancements
  • Deeper, broader IPS coverage with increased granularity in patterns
  • JavaScript cryptojacking protection
  • Sandstorm Sandboxing Enhancements
    • Intercept X integration to identify zero-day threats before they enter the network
    • Deep behavioural, network and memory analysis with machine learning, CryptoGuard, and exploit detection
  • Networking Enhancements
    • New Sophos Connect IPSec VPN client with support for Synchronized Security
  • Education Features
    • Chromebook client authentication support for user-based policy and reporting
    • User/group policy support for SafeSearch and YouTube restrictions

Availability

Sophos XG Firewall is available from registered Sophos partners worldwide. A free trial of XG Firewall is available today. The ability to manage XG Firewall from the cloud management platform Sophos Central will be available Dec. 8 through an Early Access Program. Additional information about the XG Firewall can be found on Sophos.com.

 

Über Sophos

Sophos ist ein weltweit führender Anbieter von modernsten Sicherheitslösungen zur Abwehr von Cyberangriffen, einschließlich Managed Detection and Response (MDR) und Incident Response Services sowie einem breiten Portfolio an Endpoint-, Netzwerk-, E-Mail- und Cloud-Security-Technologien. Als einer der größten ausschließlich auf Cybersicherheit spezialisierten Anbieter schützt Sophos weltweit mehr als 600.000 Unternehmen und Organisationen und mehr als 100 Mio. Benutzer vor aktiven Angreifern, Ransomware, Phishing, Malware und mehr. Die Services und Produkte von Sophos sind über die Management-Konsole Sophos Central miteinander verbunden und werden vom bereichsübergreifenden Threat-Intelligence-Expertenteam Sophos X-Ops unterstützt. Die Sophos X-Ops Intelligence optimiert das gesamte Sophos Adaptive Cybersecurity Ecosystem. Dieses Ökosystem umfasst einen zentralen Data Lake, der eine Vielzahl offener APIs nutzt, die Kunden, Partnern, Entwicklern und anderen Cybersecurity- und Informationstechnologie-Anbietern zur Verfügung stehen. Sophos bietet Cybersecurity-as-a-Service für Unternehmen und Organisationen an, die vollständig verwaltete Sicherheitslösungen benötigen. Kunden können ihre Cybersicherheit auch direkt mit der Sophos Security-Operations-Plattform verwalten oder einen hybriden Ansatz nutzen, bei dem sie ihre internen Teams mit Sophos-Services ergänzen, einschließlich Threat Hunting und Maßnahmen zur Beseitigung von Bedrohungen. Sophos vertreibt seine Produkte und Services über ein weltweites Netzwerk von Vertriebspartnern und Managed Service Providern (MSPs). Sophos hat seinen Hauptsitz im britischen Oxford. Weitere Informationen finden Sie unter www.sophos.de.