Sophos recently unveiled the latest version of its next-generation Sophos XG Firewall that delivers a breakthrough in network traffic visibility. Using Synchronized Security to obtain information from the endpoint, XG Firewall can identify, classify and allow the control of all previously unknown applications active on the network, such as those which don’t have signatures or are using generic HTTP or HTTPS connections. Synchronized App Control on XG Firewall is an industry first and can reduce the security risks associated with unidentified traffic by allowing administrators to see exactly what is on their network.
Synchronized App Control will automatically associate discovered applications with appropriate categories where possible and administrators can assign unknown apps to categories that will block or prioritize them as desired. Interactive application reporting provides deep insight into daily traffic activity.
“In a recent study, IT professionals admitted that about 60 percent of network traffic is unknown, and the security risks associated with this tops their list of concerns,” commented Dan Schiappa, senior vice president and general manager of Enduser and Network Security Groups at Sophos. “Sophos can identify this traffic because the endpoint knows exactly what applications are running and it can share this data with the firewall through the Sophos Security Heartbeat. Synchronized App Control has improved visibility and increased the IT administrators’ ability to proactively manage network traffic. This new technology is a game changer for the IT professional who is no longer prepared to accept the gaps and blind spots that stand alone firewall and endpoint solutions have created in their environments.”
Sophos XG Firewall is available for on-premise and cloud deployment, on all the major virtualization platforms as well as through the Microsoft Azure marketplace. Both Sophos Endpoint Protection and the next-generation anti-ransomware solution Intercept X will provide the XG Firewall with the Synchronized Security data required for this new level of traffic identification.
The company also introduced the new XG Series hardware appliances that provide a modular system for connectivity with a wide variety of integrated connectivity and FleXi Port modules. The addition of two fail-safe bypass port pairs on-board every 1U appliance and an optional bypass FleXi Port module for all 1U and 2U XG Series models, plus optional Power over Ethernet (PoE) modules make it easy to enable Synchronized Security in any environment.