SlideShare a Scribd company logo

Securing with Sophos - Sophos Day Belux 2014

Download as PPTX, PDF
Sophos Benelux, profile picture
Sophos Benelux

The document discusses the features and enhancements of Sophos security systems, particularly focusing on Safeguard Enterprise 7.0 and Sophos Cloud. Key updates include support for new Windows and OS X platforms, improved file encryption, and the addition of automatic password protections. The document also highlights the advantages of Sophos Cloud for users looking for easy cloud-managed security solutions with competitive pricing and automatic updates.

Education
1 of 64
Downloaded 61 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
1 Securing with Sophos Sophos Security Day – 25/11/2014 Vincent Vanbiervliet Senior Sales Engineer
2 SafeGuard Enterprise 7.0 What’s New
3 What’s New in SafeGuard Enterprise 7.0 • Enhancements on Windows  Windows 8.1 August Update (f.k.a 8.1-2014) supported  BL management improvements  File Tracking for Cloud Storage targets  LSH user enrollment enforcement  Backend performance improvements in large DB environments  Support of new tokens/smartcards (KBA will be updated for release) • Enhancements on OS X • File encryption enhancements – original mount points hidden • File encryption performance improvements
4 BL - Support for Password Protector • Passwords as an additional authentication mechanism 4
5 BL - Support for Password Protector • "Auto-Unlock" as a way to automatically protect and unlock NON-boot volumes without requiring a user interaction at all. • Implements support for the BitLocker hardware test, which is initiated before encryption of the boot volume starts. This improves the user experience, as scenarios where the user gets locked out from the system are avoided. • Allow the user to explicitly postpone BitLocker encryption when, e.g., a new password is requested. 5
6 LSH user enrollment enforcement • User are now "remembered" to answer their questions in 3 stages • Stage 1: Baloon tooltip in tray icon every hour, change to stage 2 on next calendar day • Stage 2: Additionally to stage 1 behavior LSH will be started every logon and unlock and users can postpone, change to stage 3 after 2 days • Stage 3: Additionally to stage 2 behavior (except the tooltip) the LSH dialog will be started every 60 min (users can postpone it) 6
7 Mac – File Encryption enhancements • „Real“ enforcement of file encryption (original folders are hidden to users and replaced by SGN secured folders) • No changes in workflows anymore  Users can work with the secured folder as usual  Secured folders are stored on the same place where the original folders were)  Real pathes (e.g. documents) can be used in Terminal now • Support of additional AV engines 7
8 Mac - SGN 6.1 File Encryption 8 SGN 6.1!!!
9 Mac - File Encryption enhancements 9
10 Sophos Cloud
11 Sophos Security. Cloud Simplicity. The same trusted endpoint protection, now available in the cloud. Instant deployment, instant security, instant satisfaction.
12 Sophos Cloud - Cloud-managed Security Updates, upgrades and reporting Sophos Cloud Admin (Anywhere) HQ office worker Roaming worker Remote office worker Home worker
13 Business Key Needs Sophos Cloud Easy to Implement As a small business owner I typically have to “do it all” and don’t have time to become a security expert. It’s critical that this solution is quick to implement. From Need to Solution in Minutes • Sign up online and deploy endpoints right from the cloud • No server to implement Easy to Manage, Maintenance free Once we’re running, make it simple for me to stay protected and, when I need to take action, make it easy. Manage Anywhere with Auto Updates • Per user policy and reporting • Automatic upgrades Ideal for Businesses Cost Effective My budget is tight so the price has to be competitive. Economical • Per user license – add users as you grow • Licensing flexibility • Annual, Multi-year • No equipment procurement or maintenance costs Effective Protection Everywhere I need to ensure remote and roaming users are protected the same way as office users Best in Class Protection Everywhere • Automatic threat and policy updates • Built-in best practices; fewer clicks to better protection
14 Sophos Cloud v3 – Key Capabilities -Releases November 18 2014-  Windows server protection (standard)  Automatic exclusions, enhanced exclusion capabilities, device based policy  Existing EP customer automatically extended a 25% server allocation (license)  Evaluation license support  Customer of EP or Server can always try the other regardless of whether customer is licensed for it
15 Cloud Server Protection (Standard) Easy to configure and manage • Automatically identifies and adapts to your server environment • Automatic exclusions Fast Performance • Low performance impact that won’t slow down your servers Great Protection • Anti-malware, HIPS, Live Protection, Web Security
16 Cloud Server Protection (Standard) How is it different from Endpoint Protection?  Server policy is set per machine (server) and not per user  The server policy allows you to control all the features (endpoint limits control over certain features)  Server has its own dashboard widget and report  Server has improved exclusions support and automatic exclusions  Server doesn’t have device control or web control  You can only install Server on server OS and you can only install Endpoint on desktop OS
17 Cloud Server Protection (Standard) - Exclusions What variables are supported? Variable Windows 2008 Windows 2003 Example Expansion Uses Environment Variables Expansion Uses Environment Variables %allusersprofile% C:ProgramData %allusersprofile% C:Documents and SettingsAll Users %allusersprofile% %appdata% C:Users*AppDataRoaming %systemdrive% C:Documents and Settings*Application Data %systemdrive% %commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles% %commonprogramfiles(x86)% C:Program Files (x86)Common Files %commonprogramfiles(x86)% C:Program Files (x86)Common Files %commonprogramfiles(x86)% %localappdata% C:Users*AppDataLocal %userprofile% C:Documents and Settings*Local SettingsApplication Data %userprofile% %programdata% C:ProgramData %programdata% C:Documents and SettingsAll UsersApplication Data %programdata% %programfiles% C:Program Files %programfiles% C:Program Files %programfiles% %programfiles(x86)% C:Program Files (x86) %programfiles(x86)% C:Program Files (x86) %programfiles(x86)% %systemdrive% C: %systemdrive% C: %systemdrive% %systemroot% C:Windows %systemroot% C:Windows %systemroot% %temp% or %tmp% C:Users*AppDataLocalTemp %systemdrive% C:Documents and Settings*Local SettingsTemp %systemdrive% %userprofile% C:Users* %systemdrive% C:Documents and Settings* %systemdrive% %windir% C:Windows %windir% C:Windows %windir% %homedrive% NOT SUPPORTED %homedrive% (per-user) NOT SUPPORTED %homedrive% (per-user) %homepath% NOT SUPPORTED %homepath% (per-user) NOT SUPPORTED %homepath% (per-user)
18 Cloud Server Protection (Standard) : Exclusions Automatic Exclusions –  We will automatically apply exclusions based on the applications detected on the server  The feature is controlled from the policy  Detection will be handled via the registry and custom detection scripts  Sophos will provide a data feed with the exclusion rules, which will be updated regularly  We are starting with the Microsoft ones: Exchange, SQL and Active Directory domain controllers  We are the only ones doing this
19
20 Cloud Server Protection (Standard) – List View
21 Cloud Server Protection Standard: Detail View Basic Server Info Visibility to event history
22 Cloud Server Protection (Standard): Exclusions Automatic exclusions!
24 Features and Packaging Sophos Cloud Endpoint Protection Standard (CES) Sophos Cloud Endpoint Protection Advanced (CEA) Sophos Cloud Mobile Control (CMC) Sophos Cloud Enduser Protection (CUP) Sophos Cloud Server Protection Standard (CSP) Introduced v2 v2 v2 v2 v3 Anti-malware     Web Security     HIPS     Live protection     Device Control   Web Control   AD Sync    MDM   Policy type User-based User-based User-based User-based Server-based Platform Windows, Mac Windows, Mac iOS, Android Windows, Mac, iOS, Android Windows Server
25 Product Interface
26 26
27 27
28 28
29 User / Group Based Policy
30 30
31 Easy Reporting
32 SMC 4.0 – Benefit Overview
33 What is SMC? • For IT professionals that want to enable mobility, Sophos Mobile Control manages and secures mobile devices, content, and applications with a user-centric approach that delivers the simplest experience for users and administrators.
34 Core Benefits of SMC 4.0 • Data Protection that Doesn’t End at the Office Door • Integrated Security (Anti-malware, Web Filtering, UTM integration) • User Centric (user based pricing and simple UI) !
35 Mobile Content Management Data Protection that Doesn’t End at the Office Door • Mobile Encryption built into the SMC Console • Ensures Secure Content Collaboration • Only EMM vendor to offer individual File Encryption  protected even “beyond the Cloud” with gated entry to each file • Ensures that each document that is connected to the server remains secure
36 A glimpse into Secure Content Collaboration
37 Integrated Security Integrated AV (malware protection)
38
39 Integrated Security Web Filtering X
40 Integrated Security
41 Integrated Security Network Access Control !
42 Integrated Security
43 Integrated Security
44 UTM Advantage (9.3)
45 Top complaints about current firewalls IT Manager Survey on SpiceWorks Profit Insufficient reporting & visibility Insufficient security & control Not easy to manage Poor value Poor performance
46 UTM Advantage 9.3 Enhancing Protection – New Features: Stronger Protection Simply Securing Content • Time quotas, tagging, and selective SSL scanning bolsters web protection • SPX encryption user portal simplifies data protection • WAF features improve our TMG replacement advanage Better Everywhere Extending deployment flexibility • Microsoft Hyper-V 2012 support • Remote assistance in a click with customer-controlled secure access • Multiple Bridge Support Smarter WiFi Taking Secure WiFi to the next level • Automated wireless optimization • New HTTPS and multi-tenancy hotspots • Support for new APs and wireless appliances • Availabilty of SMS authentication*
47 Top 3 New Features in Web Protection Enterprise level SWG features – poweful, flexible, simple • Time quota policy - users can browse specified categories for a set period per day • Site tagging – enables sites to be tagged and tags to be used in policies (e.g. “customer sites” or “research sites”) • Selective HTTPS Scanning – automatically determines which encrypted connections to scan Other Notable Features: • Updated App Control engine – broader app coverage (1300 Apps) and enhanced ATP • Performance Improvements – proxy optimizations resulting in 20% performance improvement and 75% memory reduction • True File Type Detection – can block archives based on the files they contain
48 Time Quota Policy Policy: Select the categories and the time quota… User Experience Helpdesk (Reset if needed)
49 Site Tagging Tag sites to create unlimited custom categories Use tags in policy just like other categories
50 Selective HTTPS Scanning Optimize performance and privacy by scanning only sites that pose a risk
51 Top 3 New Features in Email Protection Simpler SPX Email Encryption and Better Email AV • SPX Self-Registration – provides a portal so users can register, recover, and reset their own SPX passwords • SPX Reply Portal Support for Attachments – SPX replys can now support email attachments. • Live Anti-Virus – implemented Sophos AV engine for email with added protection from malware in emails by doing cloud lookups on suspicious content and true-file-type detection
52 SPX Self-Registration Portal
53 SPX Secure Reply with Attachments
54 Top 3 New Features in Web Server Protection Improving our Advantage as a TMG Replacement… • Flexible Setup – allow/deny lists for IP ranges, wildcards for server farms, username prefix/suffix settings, support for custom WAF rules • WAF Performance– Scan size limits and for customers only using a UTM for WAF, they can dial up the capacity of the WAF • Persistent SSO – (coming a bit later) better user experience that doesn’t require them to re-enter credentials when accessing different MS applications
55 Top 3 New Features in Wireless Protection Taking Wireless Protection to the next level • Automated WiFi Optimization – extends automatic channel selection beyond startup to work ongoing in the background • Hotspot Multi-tenancy and HTTPS – Allows one UTM to be used to service different hotspots and encrypt the portal page. • SMS Authentication – (available as needed) allow users to request access to a hotspot on their phone and receive voucher via SMS
56 Top 3 Better Everywhere Features Extending deployment flexibility • Hyper-V 3.5 – adds support for Microsoft Hyper-V Server 2012 R2 including MS Integration Tools v3.5 which will add HA/LB to Hyper-V • Remote Assistance In-a-Click – enables webadmin access to the UTM by Sophos Support with the click of a single button • Multi-Bridge Support – improves deployment options
57 iView
58 Sophos iView Extending Reporting – Key Features and Benefits: Added Visbility Increased depth and breadth of reporting • Over 1000 built-in reports and views • Compliance reporting: HIPAA, PCI DSS, GLBA, SOX • Fully customizable reports & views with extensive drill-down capabilities Security Intelligence Identify issues before they become problems • Rich dashboard and detailed traffic reports offer intelligent insights • Easily monitor suspect users or traffic anomalies • Quickly identify attacks on your network Consolidated Reporting Centralized reporting across multiple UTMs • Works out-of-the-box with all Sophos UTMs • Single centralized view of all network activity • Great for larger organizations and MSPs Log Management Backup and long-term log storage • Automated backups of all UTM logs for long-term storage • Eliminates reporting gaps if replacing/upgrading a UTM • Quick access and retrieval of historical data for audits and forensics
59 Easy setup - iView
60 Easy setup - UTM
61 Added Visibility
62 Compliance Reporting Helping customers meet key compliance reporting requirements
63 Consolidated Reporting Reporting across multiple UTMs
64 Security and Intelligence Traffic and threat trend reporting
65 © Sophos Ltd. All rights reserved.

More Related Content

PPTX
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
PPTX
Sophos Cloud - breaking the stereotypes
Sophos Benelux
 
PPTX
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 
PPTX
Consider Sophos - Security Made Simple
David Fuchs
 
PPTX
Discover Synchronized Security - Sophos Day Netherlands
Sophos Benelux
 
PPT
4 Steps to Optimal Endpoint Settings
Sophos
 
PPTX
Sophos Next-Generation Enduser Protection
Giovanni Giovannelli
 
PPTX
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Benelux
 
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
Sophos Cloud - breaking the stereotypes
Sophos Benelux
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 
Consider Sophos - Security Made Simple
David Fuchs
 
Discover Synchronized Security - Sophos Day Netherlands
Sophos Benelux
 
4 Steps to Optimal Endpoint Settings
Sophos
 
Sophos Next-Generation Enduser Protection
Giovanni Giovannelli
 
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Benelux
 

What's hot (20)

PPTX
Sophos EndUser Protection
Sophos
 
PPTX
The next generation of IT security
Sophos Benelux
 
PPTX
2013 Security Threat Report Presentation
Sophos
 
PPTX
XG Firewall
DeServ - Tecnologia e Servços
 
PDF
Sophos XG Firewall
DeServ - Tecnologia e Servços
 
PPTX
What's cooking at Sophos - an introduction to Synchronized Security
Sophos Benelux
 
PPTX
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
 
PPTX
Taking the battle to Ransomware with Sophos Intercept X
Sophos Benelux
 
PPTX
Sophos utm-roadshow-south africa-2012
dvanwyk30
 
PPTX
Sandboxing
Lan & Wan Solutions
 
PPTX
Intercept X - Sophos Endpoint
DeServ - Tecnologia e Servços
 
PPTX
F secure Radar vulnerability scanning and management
F-Secure Corporation
 
PDF
Dell sonicwall connected security
Motty Ben Atia
 
PPTX
Kaspersky endpoint security business presentation
Data Unit
 
PDF
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
PPTX
Evento 15 aprile
Lan & Wan Solutions
 
PPT
Panda Security2008
tswong
 
PPTX
160415 lan and-wan-ctap
Lan & Wan Solutions
 
PPTX
Sophos synchronized security in action @Netpluz CS Event Nov 2017
Netpluz Asia Pte Ltd
 
PDF
F-Secure Policy Manager - onsite security management with superior control
F-Secure Corporation
 
Sophos EndUser Protection
Sophos
 
The next generation of IT security
Sophos Benelux
 
2013 Security Threat Report Presentation
Sophos
 
XG Firewall
DeServ - Tecnologia e Servços
 
Sophos XG Firewall
DeServ - Tecnologia e Servços
 
What's cooking at Sophos - an introduction to Synchronized Security
Sophos Benelux
 
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
 
Taking the battle to Ransomware with Sophos Intercept X
Sophos Benelux
 
Sophos utm-roadshow-south africa-2012
dvanwyk30
 
Sandboxing
Lan & Wan Solutions
 
Intercept X - Sophos Endpoint
DeServ - Tecnologia e Servços
 
F secure Radar vulnerability scanning and management
F-Secure Corporation
 
Dell sonicwall connected security
Motty Ben Atia
 
Kaspersky endpoint security business presentation
Data Unit
 
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
Evento 15 aprile
Lan & Wan Solutions
 
Panda Security2008
tswong
 
160415 lan and-wan-ctap
Lan & Wan Solutions
 
Sophos synchronized security in action @Netpluz CS Event Nov 2017
Netpluz Asia Pte Ltd
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Corporation
 
Ad

Similar to Securing with Sophos - Sophos Day Belux 2014 (20)

PPTX
LSI Spring Agent Open House 2014
Ashlie Steele
 
PPTX
technical overview - endpoint protection 10.3.3
Muhammad Denis Iqbal
 
PPTX
Anatomy of an Attack - Sophos Day Belux 2014
Sophos Benelux
 
PDF
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
PPT
Prueba de Presentacion
rubychavez
 
PPT
dataProtection_p3.ppt
ssusera76ea9
 
PPTX
Endpoint Protection
Sophos
 
PDF
MT50 Data is the new currency: Protect it!
Dell EMC World
 
PPTX
Microsoft Windows 7 Enhanced Security And Control
Microsoft TechNet
 
PDF
Revolutionary Security. Ultimate Performance. Minimal Management.
Webroot
 
PPT
Information Security
Mohit8780
 
PDF
Complete Endpoint protection
xband
 
PDF
Cybersecurity Concerns You Should be Thinking About
Advanced Technology Consulting (ATC)
 
PDF
7-Cloudy with a chance of digitalization.pdf
Eng. Ala' Zayadeen- MBA,CEH,ISO Lead Implementer, MCP
 
PPTX
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
PPT
Panda Cloud Protection - protectie maxima, costuri reduse
IDG Romania
 
PDF
Client Security Strategies To Defeat Advanced Threats
Dell World
 
PDF
Business Continuity 2009
OS-Cubed, Inc.
 
PDF
SolPartner_InterceptX.pdf
ssusera76ea9
 
PDF
Security - sophos-nist-compliance-card.pdf
JohanGunawan13
 
LSI Spring Agent Open House 2014
Ashlie Steele
 
technical overview - endpoint protection 10.3.3
Muhammad Denis Iqbal
 
Anatomy of an Attack - Sophos Day Belux 2014
Sophos Benelux
 
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
Prueba de Presentacion
rubychavez
 
dataProtection_p3.ppt
ssusera76ea9
 
Endpoint Protection
Sophos
 
MT50 Data is the new currency: Protect it!
Dell EMC World
 
Microsoft Windows 7 Enhanced Security And Control
Microsoft TechNet
 
Revolutionary Security. Ultimate Performance. Minimal Management.
Webroot
 
Information Security
Mohit8780
 
Complete Endpoint protection
xband
 
Cybersecurity Concerns You Should be Thinking About
Advanced Technology Consulting (ATC)
 
7-Cloudy with a chance of digitalization.pdf
Eng. Ala' Zayadeen- MBA,CEH,ISO Lead Implementer, MCP
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
Panda Cloud Protection - protectie maxima, costuri reduse
IDG Romania
 
Client Security Strategies To Defeat Advanced Threats
Dell World
 
Business Continuity 2009
OS-Cubed, Inc.
 
SolPartner_InterceptX.pdf
ssusera76ea9
 
Security - sophos-nist-compliance-card.pdf
JohanGunawan13
 
Ad

More from Sophos Benelux (13)

PPTX
Sophos introduces the Threat Landscape
Sophos Benelux
 
PDF
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Benelux
 
PPTX
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Benelux
 
PDF
IT Security landscape and the latest threats and trends
Sophos Benelux
 
PPTX
How to stay protected against ransomware
Sophos Benelux
 
PPTX
Hacking Mobile Apps
Sophos Benelux
 
PPTX
SDN - a new security paradigm?
Sophos Benelux
 
PPTX
Balabit - Shell Control Box
Sophos Benelux
 
PPTX
The EU Data Protection Regulation and what it means for your organization
Sophos Benelux
 
PPTX
Prevent million dollar fines - preparing for the EU General Data Regulation
Sophos Benelux
 
PPTX
Case Study Diagnostiek voor U
Sophos Benelux
 
PPTX
Introduction Sophos Day Netherlands
Sophos Benelux
 
PPTX
The EU Data Protection Regulation - what you need to know
Sophos Benelux
 
Sophos introduces the Threat Landscape
Sophos Benelux
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Benelux
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Benelux
 
IT Security landscape and the latest threats and trends
Sophos Benelux
 
How to stay protected against ransomware
Sophos Benelux
 
Hacking Mobile Apps
Sophos Benelux
 
SDN - a new security paradigm?
Sophos Benelux
 
Balabit - Shell Control Box
Sophos Benelux
 
The EU Data Protection Regulation and what it means for your organization
Sophos Benelux
 
Prevent million dollar fines - preparing for the EU General Data Regulation
Sophos Benelux
 
Case Study Diagnostiek voor U
Sophos Benelux
 
Introduction Sophos Day Netherlands
Sophos Benelux
 
The EU Data Protection Regulation - what you need to know
Sophos Benelux
 

Recently uploaded (20)

PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PPTX
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PPTX
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 

Securing with Sophos - Sophos Day Belux 2014

  • 1. 1 Securing with Sophos Sophos Security Day – 25/11/2014 Vincent Vanbiervliet Senior Sales Engineer
  • 2. 2 SafeGuard Enterprise 7.0 What’s New
  • 3. 3 What’s New in SafeGuard Enterprise 7.0 • Enhancements on Windows  Windows 8.1 August Update (f.k.a 8.1-2014) supported  BL management improvements  File Tracking for Cloud Storage targets  LSH user enrollment enforcement  Backend performance improvements in large DB environments  Support of new tokens/smartcards (KBA will be updated for release) • Enhancements on OS X • File encryption enhancements – original mount points hidden • File encryption performance improvements
  • 4. 4 BL - Support for Password Protector • Passwords as an additional authentication mechanism 4
  • 5. 5 BL - Support for Password Protector • "Auto-Unlock" as a way to automatically protect and unlock NON-boot volumes without requiring a user interaction at all. • Implements support for the BitLocker hardware test, which is initiated before encryption of the boot volume starts. This improves the user experience, as scenarios where the user gets locked out from the system are avoided. • Allow the user to explicitly postpone BitLocker encryption when, e.g., a new password is requested. 5
  • 6. 6 LSH user enrollment enforcement • User are now "remembered" to answer their questions in 3 stages • Stage 1: Baloon tooltip in tray icon every hour, change to stage 2 on next calendar day • Stage 2: Additionally to stage 1 behavior LSH will be started every logon and unlock and users can postpone, change to stage 3 after 2 days • Stage 3: Additionally to stage 2 behavior (except the tooltip) the LSH dialog will be started every 60 min (users can postpone it) 6
  • 7. 7 Mac – File Encryption enhancements • „Real“ enforcement of file encryption (original folders are hidden to users and replaced by SGN secured folders) • No changes in workflows anymore  Users can work with the secured folder as usual  Secured folders are stored on the same place where the original folders were)  Real pathes (e.g. documents) can be used in Terminal now • Support of additional AV engines 7
  • 8. 8 Mac - SGN 6.1 File Encryption 8 SGN 6.1!!!
  • 9. 9 Mac - File Encryption enhancements 9
  • 11. 11 Sophos Security. Cloud Simplicity. The same trusted endpoint protection, now available in the cloud. Instant deployment, instant security, instant satisfaction.
  • 12. 12 Sophos Cloud - Cloud-managed Security Updates, upgrades and reporting Sophos Cloud Admin (Anywhere) HQ office worker Roaming worker Remote office worker Home worker
  • 13. 13 Business Key Needs Sophos Cloud Easy to Implement As a small business owner I typically have to “do it all” and don’t have time to become a security expert. It’s critical that this solution is quick to implement. From Need to Solution in Minutes • Sign up online and deploy endpoints right from the cloud • No server to implement Easy to Manage, Maintenance free Once we’re running, make it simple for me to stay protected and, when I need to take action, make it easy. Manage Anywhere with Auto Updates • Per user policy and reporting • Automatic upgrades Ideal for Businesses Cost Effective My budget is tight so the price has to be competitive. Economical • Per user license – add users as you grow • Licensing flexibility • Annual, Multi-year • No equipment procurement or maintenance costs Effective Protection Everywhere I need to ensure remote and roaming users are protected the same way as office users Best in Class Protection Everywhere • Automatic threat and policy updates • Built-in best practices; fewer clicks to better protection
  • 14. 14 Sophos Cloud v3 – Key Capabilities -Releases November 18 2014-  Windows server protection (standard)  Automatic exclusions, enhanced exclusion capabilities, device based policy  Existing EP customer automatically extended a 25% server allocation (license)  Evaluation license support  Customer of EP or Server can always try the other regardless of whether customer is licensed for it
  • 15. 15 Cloud Server Protection (Standard) Easy to configure and manage • Automatically identifies and adapts to your server environment • Automatic exclusions Fast Performance • Low performance impact that won’t slow down your servers Great Protection • Anti-malware, HIPS, Live Protection, Web Security
  • 16. 16 Cloud Server Protection (Standard) How is it different from Endpoint Protection?  Server policy is set per machine (server) and not per user  The server policy allows you to control all the features (endpoint limits control over certain features)  Server has its own dashboard widget and report  Server has improved exclusions support and automatic exclusions  Server doesn’t have device control or web control  You can only install Server on server OS and you can only install Endpoint on desktop OS
  • 17. 17 Cloud Server Protection (Standard) - Exclusions What variables are supported? Variable Windows 2008 Windows 2003 Example Expansion Uses Environment Variables Expansion Uses Environment Variables %allusersprofile% C:ProgramData %allusersprofile% C:Documents and SettingsAll Users %allusersprofile% %appdata% C:Users*AppDataRoaming %systemdrive% C:Documents and Settings*Application Data %systemdrive% %commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles% %commonprogramfiles(x86)% C:Program Files (x86)Common Files %commonprogramfiles(x86)% C:Program Files (x86)Common Files %commonprogramfiles(x86)% %localappdata% C:Users*AppDataLocal %userprofile% C:Documents and Settings*Local SettingsApplication Data %userprofile% %programdata% C:ProgramData %programdata% C:Documents and SettingsAll UsersApplication Data %programdata% %programfiles% C:Program Files %programfiles% C:Program Files %programfiles% %programfiles(x86)% C:Program Files (x86) %programfiles(x86)% C:Program Files (x86) %programfiles(x86)% %systemdrive% C: %systemdrive% C: %systemdrive% %systemroot% C:Windows %systemroot% C:Windows %systemroot% %temp% or %tmp% C:Users*AppDataLocalTemp %systemdrive% C:Documents and Settings*Local SettingsTemp %systemdrive% %userprofile% C:Users* %systemdrive% C:Documents and Settings* %systemdrive% %windir% C:Windows %windir% C:Windows %windir% %homedrive% NOT SUPPORTED %homedrive% (per-user) NOT SUPPORTED %homedrive% (per-user) %homepath% NOT SUPPORTED %homepath% (per-user) NOT SUPPORTED %homepath% (per-user)
  • 18. 18 Cloud Server Protection (Standard) : Exclusions Automatic Exclusions –  We will automatically apply exclusions based on the applications detected on the server  The feature is controlled from the policy  Detection will be handled via the registry and custom detection scripts  Sophos will provide a data feed with the exclusion rules, which will be updated regularly  We are starting with the Microsoft ones: Exchange, SQL and Active Directory domain controllers  We are the only ones doing this
  • 19. 19
  • 20. 20 Cloud Server Protection (Standard) – List View
  • 21. 21 Cloud Server Protection Standard: Detail View Basic Server Info Visibility to event history
  • 22. 22 Cloud Server Protection (Standard): Exclusions Automatic exclusions!
  • 23. 24 Features and Packaging Sophos Cloud Endpoint Protection Standard (CES) Sophos Cloud Endpoint Protection Advanced (CEA) Sophos Cloud Mobile Control (CMC) Sophos Cloud Enduser Protection (CUP) Sophos Cloud Server Protection Standard (CSP) Introduced v2 v2 v2 v2 v3 Anti-malware     Web Security     HIPS     Live protection     Device Control   Web Control   AD Sync    MDM   Policy type User-based User-based User-based User-based Server-based Platform Windows, Mac Windows, Mac iOS, Android Windows, Mac, iOS, Android Windows Server
  • 25. 26 26
  • 26. 27 27
  • 27. 28 28
  • 28. 29 User / Group Based Policy
  • 29. 30 30
  • 31. 32 SMC 4.0 – Benefit Overview
  • 32. 33 What is SMC? • For IT professionals that want to enable mobility, Sophos Mobile Control manages and secures mobile devices, content, and applications with a user-centric approach that delivers the simplest experience for users and administrators.
  • 33. 34 Core Benefits of SMC 4.0 • Data Protection that Doesn’t End at the Office Door • Integrated Security (Anti-malware, Web Filtering, UTM integration) • User Centric (user based pricing and simple UI) !
  • 34. 35 Mobile Content Management Data Protection that Doesn’t End at the Office Door • Mobile Encryption built into the SMC Console • Ensures Secure Content Collaboration • Only EMM vendor to offer individual File Encryption  protected even “beyond the Cloud” with gated entry to each file • Ensures that each document that is connected to the server remains secure
  • 35. 36 A glimpse into Secure Content Collaboration
  • 36. 37 Integrated Security Integrated AV (malware protection)
  • 37. 38
  • 38. 39 Integrated Security Web Filtering X
  • 40. 41 Integrated Security Network Access Control !
  • 44. 45 Top complaints about current firewalls IT Manager Survey on SpiceWorks Profit Insufficient reporting & visibility Insufficient security & control Not easy to manage Poor value Poor performance
  • 45. 46 UTM Advantage 9.3 Enhancing Protection – New Features: Stronger Protection Simply Securing Content • Time quotas, tagging, and selective SSL scanning bolsters web protection • SPX encryption user portal simplifies data protection • WAF features improve our TMG replacement advanage Better Everywhere Extending deployment flexibility • Microsoft Hyper-V 2012 support • Remote assistance in a click with customer-controlled secure access • Multiple Bridge Support Smarter WiFi Taking Secure WiFi to the next level • Automated wireless optimization • New HTTPS and multi-tenancy hotspots • Support for new APs and wireless appliances • Availabilty of SMS authentication*
  • 46. 47 Top 3 New Features in Web Protection Enterprise level SWG features – poweful, flexible, simple • Time quota policy - users can browse specified categories for a set period per day • Site tagging – enables sites to be tagged and tags to be used in policies (e.g. “customer sites” or “research sites”) • Selective HTTPS Scanning – automatically determines which encrypted connections to scan Other Notable Features: • Updated App Control engine – broader app coverage (1300 Apps) and enhanced ATP • Performance Improvements – proxy optimizations resulting in 20% performance improvement and 75% memory reduction • True File Type Detection – can block archives based on the files they contain
  • 47. 48 Time Quota Policy Policy: Select the categories and the time quota… User Experience Helpdesk (Reset if needed)
  • 48. 49 Site Tagging Tag sites to create unlimited custom categories Use tags in policy just like other categories
  • 49. 50 Selective HTTPS Scanning Optimize performance and privacy by scanning only sites that pose a risk
  • 50. 51 Top 3 New Features in Email Protection Simpler SPX Email Encryption and Better Email AV • SPX Self-Registration – provides a portal so users can register, recover, and reset their own SPX passwords • SPX Reply Portal Support for Attachments – SPX replys can now support email attachments. • Live Anti-Virus – implemented Sophos AV engine for email with added protection from malware in emails by doing cloud lookups on suspicious content and true-file-type detection
  • 52. 53 SPX Secure Reply with Attachments
  • 53. 54 Top 3 New Features in Web Server Protection Improving our Advantage as a TMG Replacement… • Flexible Setup – allow/deny lists for IP ranges, wildcards for server farms, username prefix/suffix settings, support for custom WAF rules • WAF Performance– Scan size limits and for customers only using a UTM for WAF, they can dial up the capacity of the WAF • Persistent SSO – (coming a bit later) better user experience that doesn’t require them to re-enter credentials when accessing different MS applications
  • 54. 55 Top 3 New Features in Wireless Protection Taking Wireless Protection to the next level • Automated WiFi Optimization – extends automatic channel selection beyond startup to work ongoing in the background • Hotspot Multi-tenancy and HTTPS – Allows one UTM to be used to service different hotspots and encrypt the portal page. • SMS Authentication – (available as needed) allow users to request access to a hotspot on their phone and receive voucher via SMS
  • 55. 56 Top 3 Better Everywhere Features Extending deployment flexibility • Hyper-V 3.5 – adds support for Microsoft Hyper-V Server 2012 R2 including MS Integration Tools v3.5 which will add HA/LB to Hyper-V • Remote Assistance In-a-Click – enables webadmin access to the UTM by Sophos Support with the click of a single button • Multi-Bridge Support – improves deployment options
  • 57. 58 Sophos iView Extending Reporting – Key Features and Benefits: Added Visbility Increased depth and breadth of reporting • Over 1000 built-in reports and views • Compliance reporting: HIPAA, PCI DSS, GLBA, SOX • Fully customizable reports & views with extensive drill-down capabilities Security Intelligence Identify issues before they become problems • Rich dashboard and detailed traffic reports offer intelligent insights • Easily monitor suspect users or traffic anomalies • Quickly identify attacks on your network Consolidated Reporting Centralized reporting across multiple UTMs • Works out-of-the-box with all Sophos UTMs • Single centralized view of all network activity • Great for larger organizations and MSPs Log Management Backup and long-term log storage • Automated backups of all UTM logs for long-term storage • Eliminates reporting gaps if replacing/upgrading a UTM • Quick access and retrieval of historical data for audits and forensics
  • 58. 59 Easy setup - iView
  • 59. 60 Easy setup - UTM
  • 61. 62 Compliance Reporting Helping customers meet key compliance reporting requirements
  • 62. 63 Consolidated Reporting Reporting across multiple UTMs
  • 63. 64 Security and Intelligence Traffic and threat trend reporting
  • 64. 65 © Sophos Ltd. All rights reserved.

Editor's Notes

  • #12: Our Design principle for Sophos Cloud is to provide Sophos security with Cloud Simplicity The same trusted endpoint protection now available as a cloud-based/ cloud managed service with instant deployment.
  • #13: What is Sophos cloud? Sophos Cloud is a Cloud Managed security service. The initial version of Sophos Cloud delivers cloud-managed endpoint security as a service. The management console is hosted by Sophos which means there is no server to set up and security can be deployed instantly. A small client anti-malware software (or agent) is installed on the protected computers. Users - regardless of where they are – either in the office, working remotely working or traveling - will get complete coverage everywhere with real time policy refresh, and the latest threats and software updates. And because the management is hosted by Sophos in the cloud, users will get automatic updates and upgrades through the management console.
  • #14: Smaller and growing businesses like yours may not have a lot of resources but are still concerned about cybercrime having a negative impact on your business. Your IT resource is far too precious to focus a lot of time on security. You need security that is easy to deploy. Sophos Cloud doesn’t require a server. And you can start with a trial account that take minutes from sign up on line to deployment. <Click> The second need is effective protection everywhere. Growing business like yours typically have remote and roaming workers. You want to ensure they are protected the same way as office users. Sophos Cloud provides automatic threat updates and real time policy refresh so your roaming workers are always protected against the latest threats. In addition, we know that 90% of threats are coming from web. Sophos Cloud automatically blocks web threats before they reach your computers. What’s more, Sophos Cloud uses security best practice to automatically resolve issues for you. Whenever we can, we make dealing with issues easier and quicker than ever. <click> We know that security is not your only job, so a solution must be easy to manage and maintenance free. Sophos cloud’s management console is accessible from anywhere. And because the server is hosted by Sophos, we provide automatic software updates and upgrades, which means it is maintenance free for you. <click> Lastly, you want a solution the is economical. We offer per user licensing. Your user may have a desktop and a macbook air for travel, but that stil counts as one user. Sophos Cloud is subscription-based, so you can add users as you grow. And we have flexible licensing terms with available annual or multi-year subscriptions, and monthly subscriptions are coming soon. Again, Sophos cloud means no equipment procurement or maintenance costs, automatic updates and upgrades, and per user licensing.
  • #16: Improved exclusion capabilities (2008/r2, 2012/r2) Automatic exclusions (2008/r2, 2012/r2) Competitive intelligence – against competitor’s server product  focus on set up/ configuration. No plan to put server AV on 3rd party test. Performance test - > 3rd party accolade (general Sophos, not product specific) download reputation – first in cloud. (server?)  APT/ network-aware threat detection. Guidance on what collateral -
  • #25: The original Cloud Endpoint license (EP-Cloud) introduced with v1 was retired when v2 was released. All customers with this license were automatically upgraded to CEA.
  • #27: Set up is extremely easy. If you start with the trial, complete a simple form and Sophos Cloud will send you an activation email. That leads you to set up your account log in.
  • #28: We know that setting up an account without deploying endpoint client doesn’t really help anybody. So the first experience after you sign in is this “lightbox” that urges you to deploy the software.
  • #29: Simply deployment via email
  • #30: Policy can be set by the user or by the group, and will automatically apply to all the computers under that user or group.
  • #31: A dashboard that shows actions required, if any, is also included to give you tremendous visibility into your deployment.
  • #32: The reports give you at a glance views of all the devices, computers and users protected. You can also view reports by users, by computers or by devices
  • #35: - Data Protection that doesn’t end at the office door: With Mobile Content Management for iOS devices, SMC is the only EMM vendor to offer individual File Encryption, ensuring each document that is connected to the server remains secure, allowing users to remain productive by collaborating safely. Gated entry to each file allows organizations to rest assured that their documents and data remain safe – not just in the office, but anywhere & everywhere their users go.   - Integrated Security: Mobile devices are essentially computers that travel everywhere with users; hence, mobile devices need the same level of AV protection, to ensure users can remain productive and safe. Sophos Mobile Control is the only vendor to provide integrated AV and Web Filtering for Android devices – Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC 4.0, users get integrated anti-malware, which protects users from malicious websites and other threats; this can be integrated into the SMC console and centrally managed through SMC. Additional web filtering protection helps ensure that Android devices remain secure, and organizations have reduced risk data breaches with our UTM integration which blocks network access based on compliance status of device (SMC also integrates with Checkpoint & Cisco for Network Access Control).     -User-Centric: the only EMM vendor to offer user-based pricing, Sophos makes it easier for organizations to calculate the costs of implementing BYOD in their environment  
  • #36: With this new and exciting feature, we are extending our promise of “Encryption Everywhere” by offering built in Mobile Encryption into SMC. Cloud storage makes it easy for your customers’ users to access files from any location. But after news of data breaches, can they be sure that their data is really safe? Data protection shouldn’t end at your office door. SMC now makes it easier for you to collaborate with colleagues and business partners. And it enables persistent encryption because each document that is connected to the server remains secure. What makes us different? We are the only EMM vendor to offer individual file encryption: with AirWatch/Mobile Iron, if someone gets access to your dropbox account, they automatically get access to a users’ content. With SMC, each document is gated and therefore even if they get into the dropbox account, they cannot access individual files without a key. Gated entry to each file allows organizations to rest assured that their documents and data remain safe – not just in the office, but anywhere & everywhere their users go. Currently, iOS first  Android to follow. Encryption Everywhere Gartner called out the importance of this in their 2014 MQ report - “Sophos' mobile content management transparently encrypts files leaving a PC or mobile device to prevent data leakage. This integrates with third-party file storage providers and enables companies to securely use low-cost third-party storage.”
  • #37: Screen shot of Mobile Encryption app, automatically built into SMC. We support DropBox, Egnyte, Google Drive, etc Available only on iOS If device is not compliant, the access to the SME app will be blocked
  • #38: Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. -SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.  -SMSec is integrated into the SMC console and centrally managed through SMC -Admins have full control over the app settings and can block infected or outdated devices. Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability. Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #39: Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. -SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.  -SMSec is integrated into the SMC console and centrally managed through SMC -Admins have full control over the app settings and can block infected or outdated devices. Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability. Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #40: Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #41: Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #42: Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. -SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.  -SMSec is integrated into the SMC console and centrally managed through SMC -Admins have full control over the app settings and can block infected or outdated devices. Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability. Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #43: Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. -SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.  -SMSec is integrated into the SMC console and centrally managed through SMC -Admins have full control over the app settings and can block infected or outdated devices. Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability. Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #44: Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. -SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.  -SMSec is integrated into the SMC console and centrally managed through SMC -Admins have full control over the app settings and can block infected or outdated devices. Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability. Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages. Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access. - SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
  • #46: So we’ve covered how we’re extending our reporting with iView and addressing customers top complaints about their current firewall, but what about these other major complaints. Of course, the UTM does a great job in providing protection and controls, that are easy to manage, and with everything in a single box, customers get outstanding value, but let’s have a look at how we’re extending this advantage in UTM 9.3
  • #47: What’s new in UTM 9.3? Well there are a bunch of new features that fall nicely into four areas… Stronger protection with new features for web, email, and WAF… in particular… one of our most requested features… time quotas for web surfing policies so you can limit users to say 1 hour per day for categories such as social media, shopping or sports. Site tagging and selective SSL scanning are also being introduced. We’re also making WiFi smarter with enhancements to the WiFi channel optimization to maximize performance, hotspot authentication via mobile devices and of course support for the new Access points. New deployment options extend the UTMs ability to work better in even more places… with Hyper-V 2012 R2 support (with HA options), support for HA on AWS, and a new option for one-click secure support access to SSH or Webadmin. And of course, the new iView reporting appliance extends and enhances our UTM reporting, so let’s look at that in more detail…
  • #59: For those of you that may not know… Sophos iView is our first product collaboration with Cyberoam. This is a product that we’ve worked with them on bringing to the sophos UTM product line as an add-on that extends and enhances our on-box reporting. It works out of the box with Sophos UTMs and offers a number of great features that will appeal to many organizations such as… Added visibility, adding a bunch of additional reports and views, including reporting that meets compliance requirements for standards like HIPAA, PCI, and a few others. It also offers a lot of additional views and customization options that will appeal to the nerdy IT admin. Another key benefit it provides is consolidated reporting across multiple UTMs which will be huge for MSPs and larger organizations with more than one UTM. It also provides some good insights into traffic trends that may allow admins to identify problem users or attacks on their network And it provides great log management for backup and long-term storage so if a UTM needs to be replaced all the historical reporting is not lost and makes retrieval easy for audits or forensics It’s a great new addition to the UTM line up, particularly for customers wanting more breadth and depth of reporting, those who need to meet compliance requirements, or those managing networks with multiple UTMs. It’s coming at the end of Sept.
  • #60: Since Sophos iView uses the same OS and installer as Sophos UTM, that part of deploying iView will be very familiar to SEs and partners.
  • #61: After iView is installed, On the UTMs you’re monitoring, all you need to do is go into “Log Settings” and setup iView as a syslog server – iView will automatically recoginze the UTM and start accepting log data
  • #62: iView offers a huge number of reports and dashboards that are easily customized with attractive animated 3D graphs. Here’s a snap shot of of the Web Usage Dashboard showing top domains, users, categories, and content in a single view with extensive drill down capability
  • #63: A key feature of iView is the ability to help customers achieve compliance reporting requirements for standards such as PCI, HIPAA and others. The compliance reporting section offers all the reports customers needs… here’s an example of the admin audit trail report that’s required for PCI compliance.
  • #64: Consolidated reporting is another key feature of iView as it can collect logs from multiple UTMs and provide both a consolidated view of the entire network as well as the ability to organize UTMs into groups or drill down into individual UTMs There’s an option to “Select Device” on the top of every report Which allows you to select the specific UTM or group of UTMs you want to report on.
  • #65: iView also offers important trend reporting which can be helpful in identifying attacks, such as a sudden increase in ICMP traffic that might be indicating a Denial of Service type attack as you can see here on this chart. It also offers a ton of custom report options, scheduled reports, and literally any feature you might expect in a dedicated reporting appliance. We’re going to put together a screen shot library of many of the reports as soon as we can as a sales tool.