The network perimeter barely exists in 2021, and that means extending network security beyond the traditional edge. Aaron Chen and Shane Davis with Sophos join us to discuss the networking needs of businesses in 2021, including remote access security and visibility, performance in the face of increasing security demands, and more. How can they address those needs? We talk about the latest technologies introduced by Sophos, including XDR (extended detection & response), the XGS firewall series, and Xstream protection (including the special second Xstream processor included in XGS firewalls).
In headlines, we discuss some cybersecurity actions by the U.S. government, both against Russia and on the homefront. Then, we hear about a survey that shows business owners are ready to pony up for ransomware attacks. And finally, we talk about a nuclear cyber attack blamed on a North Korean group.
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
Learn even more about network security through our blog, which features new content every week, and our knowledge hub.
New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!
Sophos has long been known for creating holistic network security solutions that work across devices to provide broad views of network security posture. We have talked about the boons of Synchronized Security with Sophos Security Heartbeat for years on this blog! Now that cross-device monitoring and high-powered AI security goes a step further with the introduction of XDR.
What is XDR?
XDR stands for Extended Detection and Response. This sounds similar to another industry technology: EDR, or Endpoint Detection and Response. But XDR takes the concept of Endpoint Detection & Response and extends it across multiple security layers. It brings together real-time network data and automated decision-making to provide advanced threat responses that stop attacks before they become a breach.
How is Sophos XDR different from other solutions?
Sophos Intercept X Advanced with XDR (formerly Intercept X Advanced with EDR) integrates email, cloud, mobile, and endpoint data across your network, pulling data from multiple sources across security layers and products to provide broad, high-level security determinations orchestrated by deep learning AI. XDR leverages data from endpoints, servers, firewalls, switches, and other security devices spread across your network and centralizes that intelligence in a single ecosystem.
This pitch may sound familiar to you if you’ve used SOAR (Security Orchestration, Automation, & Response) or SIEM (Security Information & Event Management) solutions. What SOAR and SIEM do is quite similar in function: collect large volumes of data from multiple sources, analyze events, and provide guided response recommendations. Where XDR shines and soars above preceding solutions lies in its ability to take action. Sophos XDR not only creates a roadmap of how admins should respond to an event but takes the initiative to apply those steps before a security incident can grow.
All in all, XDR goes beyond data gathering and helpful suggestions. Sophos XDR orchestrates responses and applies them across devices on a network.
How to get Sophos XDR
XDR found a home with Sophos as part of its Intercept X product suite, an advanced endpoint protection suite built to stop malware, ransomware, exploits, viruses, and zero-day threats. In previous years, Intercept X Advanced could be paired with EDR to automatically detect and prioritize threats. While Intercept X’s EDR capabilities suggest where and how network admins focus their attention, XDR is now fully closing the monitor-detect-respond decision-making loop.
Sophos Intercept X Advanced uses the latest machine learning technology to make security verdicts on unknown threats by comparing the behavior of potentially dangerous files or apps to the known behavior of currently understood threats.
Episode 36: What to Expect When You’re Expecting Cyber Threats in 2021
Start 2021 off with a bang – or a Ping in our case – as we podcast our way through some cyber threats to look out for in the new year. Andrew & Kevin go through predictions from top security experts at Fortinet’s FortiGuard Labs, Sophos, Barracuda, and WatchGuard. What did they find? Plenty of network security hazards face us in 2021, from evolving ransomware and phishing campaigns, to continued remote work vulnerabilities.
When you’re done listening, take a read through some of these predictions for yourself, from Fortinet, WatchGuard, Sophos, andBarracuda.
And for a more in depth look at WatchGuard’s predictions, check out Episode 34.
In headlines, the news about the FireEye/SolarWinds/federal government/Russia cyber breach keeps coming. And then, learn why fear may not be the right factor in cybersecurity training. Finally, hear about a new type of swatting that uses smart doorbells and home security cameras.
Oh, and Happy New Year!!
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
Learn even more about network security through our blog, which features new content every week.
New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!
The best email security solution ends up pulling a lot more weight than most network security services in 2020. Unless you live under a rock, you are increasingly aware of the ransomware scourge plaguing small businesses and enterprises alike. Email security targets advanced threats where they’re most likely to attack: your inbox. Thanks to social engineering schemes, your small business email service is a big, flashing target for hackers looking to infiltrate the network. Business emails are exceedingly vulnerable to advanced threats, like:
Phishing & spearphishing
Domain squatting
Cloud-based malware droppers
Business Email Compromise & account takeover
Impersonation & fraud
What makes email-borne attacks so efficient and how can you stop them in their tracks? We’ll break down the four best email security solutions of 2020, explain how they rebuff the bad guys, and help you find the email security solution that best fits your network needs.
How does email security keep you safe?
Email security solutions are often multi-faceted platforms that integrate several moving pieces to form a cohesive, defense-in-depth strategy. Email security monitors both inbound and outbound email traffic, allowing networks to scan the contents of messages and attachments to determine their intentions. Pair this with other fail-safes such as a cloud-based sandbox, anti-spam, and anti-malware services, and you’ve got a robust system that can keep an eye out not just for viruses, but also for sensitive data exfiltration and impersonation attempts.
Modern email security appliances and services offer multi-layered security by scanning all email contents, URLs, attachments, and headers with advanced analysis techniques. These techniques recognize threats based on their behavior, NOT by relying on known threat signatures. Just as the bad guys train to imitate the way you write messages, the best email security solutions are experts at spotting subtle clues in messages that betray malicious intentions.
What to look for in an email security solution
Email security solutions need to be more than just effective; they also must be user-friendly. Simplifying the challenges of network security is crucial to a network security infrastructure that meets your business goals. The best email security solution for small businesses is one that’s easy to setup and manage.
Other factors to look for in the best email security solution for your needs include:
Email spooling that allows for business continuity even during Internet loss or power outages
Message archiving to make regulatory compliance audits easier
Users protected from clicking on malicious links across any device or location with time-of-click URL protection
Granular Data Loss Prevention & compliance policies protect data
What makes SonicWall TotalSecure one of the Best Email Security Services in 2020?
SonicWall Email Security appliances and software provide multi-layered protection from inbound and outbound email threats and compliance violations by scanning all inbound and outbound email content, URLs and attachments for sensitive data. What’s more, they deliver real-time protection against ransomware, targeted phishing attacks, spoofing, viruses, malicious URLs, zombies, directory harvest, denial-of-service and other attacks.
TotalSecure Email leverages multiple, patented SonicWall threat detection techniques and a unique, worldwide attack identification network.
Sophos Phish Threat gives you tools to test & train employees on cybersecurity awareness
What Qualifies Sophos Advanced Email Protection as one of the Best Email Security Services in 2020?
Sophos Email integrates in real-time with Sophos Central, an intuitive console for managing all your Sophos products. By extending Sophos Synchronized Security to your inbox, you ensure email security integrates into your entire network security posture.
Only Sophos Central lets you build and manage multiple lines of defense from email-borne threats, allowing you to respond to threats faster. This includes secure email, cybersecurity awareness training, and next gen endpoint protection, all from a single mobile-optimized portal.
Real-time detection of dynamic threats constantly updates with 24×7 threat intelligence
Outlook plug-ins & mobile apps for easy user access
Barracuda Cloud Email Archiving integrates with Exchange & other cloud-based email services to create an indexed archive
What Qualifies Barracuda Essentials as one of the Best Email Security Services in 2020?
Barracuda Essentials filters and sanitizes all messages before delivery to your mail server. This protects your network from email-borne threats and social engineering before users even have a chance to click a link. Barracuda Essentials combines virus scanning, reputation checks, URL protection, spam scoring, real-time intent analysis, and other techniques to monitor threats across all potential attack vectors.
Fortinet FortiMail Appliances
Key Features:
Outbreak protection, content disarm & reconstruction, sandbox analysis, & impersonation detection combined into a single hardened appliance
Prevent data loss with powerful, identity-based email encryption
Integrate with full suite of Fortinet products as well as third-party Fortinet Fabric Partners by sharing Indicators of Compromise across Fortinet Security Fabric
What Qualifies Fortinet FortiMail as one of the Best Email Security Services in 2020?
FortiMail secure email gateways stop volumetric and targeted cyber threats to secure dynamic attack surfaces. FortiMail also prevents the loss of sensitive information and simplifies regulatory compliance. Offered as high-performance physical and virtual appliances, FortiMail is flexible enough to deploy on-site or in the public cloud to meet a wide range of business goals and security needs.
Looking for the best email protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
3 Best Ransomware Protection Solutions for Business 2020
Once your network is infected, ransomware encrypts files on afflicted endpoints, making it impossible to read or open them. The best ransomware protection for small businesses proactively hunts down and eliminates even never-seen-before ransomware long before an employee ever gets a chance to fall for it. Here are a few key features you should seek when comparing the best ransomware protection services available in 2020:
Advanced email security
Cloud-based sandboxing
Behavior-based scanning
Regular threat intelligence updates
Want to avoid shelling out big bitcoin to get your small business’s data back under control? Get a ransomware security solution that does more than just look out for known ransomware signatures.
What is Ransomware Protection?
The best ransomware protection for businesses scans inbound and outbound traffic across your entire network,using artificial intelligence to monitor the behavior of files as they traverse and interact with other network resources. Ransomware protection solutions spot behavior that looks similar to malicious activity and further investigate it in nanoseconds. Faster than you can say mind palace, these solutions either allow or block file access based on that verdict.
What to Look for in a Ransomware Protection Service
The best ransomware protection systems include a cloud-based sandbox where suspicious files can be sent for disarmament or detonation. In other words, if your ransomware tool is even the least bit suspicious of a file, the system safely opens and inspects it without threatening your network health.
Additionally, the best ransomware services rely on artificial intelligence and machine learning to reach threat verdicts via behavior monitoring. This means that even if a strain of ransomware has never been seen by any other endpoint in the entire world, if it walks like ransomware, talks like ransomware, or displays any other tell-tale ransomware behavior, your ransomware protection should yank it aside for closer inspection. Traditional ransomware protection services fall back on known signatures that need to be constantly refreshed and can do nothing to stop zero-day threats.
What Qualifies Capture ATP as one of the Best Ransomware Protection Services in 2020?
SonicWallCapture Advanced Threat Protection (available as an add-on for all SonicWall TZ or NSa firewalls) is a powerful cloud-based sandbox with malware-analysis that can detect evasive threats. Capture ATP blocks suspicious files at the gateway until a verdict is rendered.
SonicWall combines multi-layer sandboxing, Real-Time Deep Memory Inspection, full system emulation, virtualization techniques, and more to detect more threats than any single-engine sandbox available in 2020. On top of that, the low false-positive rate means it won’t block the legitimate files you need to do business.
Sophos Intercept X Advanced with EDR
Key Features:
Highly-acclaimed malware detection engine driven by deep learning
Exploit prevention stops attackers from taking advantage of vulnerable software & apps
Root cause analysis visualizes where threats originate & how they move on the network
What Qualifies Sophos Intercept X Advanced with EDR as one of the Best Ransomware Protection Services in 2020?
Sophos Intercept X Advanced with Endpoint Detection & Response is a mouthful. But it’s also a comprehensive, defense-in-depth tool that combines advanced techniques to squash malware, ransomware, and zero days. Intercept X also uses behavioral analysis to stop boot-record attacks.
Plus, even if a system is already infected, CryptoGuard stops the encryption process and reverts (or rolls back) files back to their pre-infection state.
Provides actionable intelligence via automation to detect & respond to advanced threats
HUGE accolades from third-party testers such as NSS Labs, BPS, & ICSA Labs
What Qualifies FortiEDR with FortiSandbox as one of the Best Ransomware Protection Services in 2020?
Fortinet’s EDR & FortiSandbox establish a two-step sandboxing approach centered around artificial intelligence. These services first compare at-risk files against known and emerging malware with static analysis. Then, second stage analysis uncovers the full attack lifecycle by detonating the cyber payload in a virtual, quarantined environment.
Detail analysis maps any uncovered malware to Mitre ATT&CK framework with powerful investigation tools to help admins better visualize security events.
Look for the best ransomware protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
It seems like every week in 2020, we hear about another major ransomware attack. While volume continues to grow in recent years, more troubling is the fact that ransomware is getting more targeted. Why is this more troubling? Because of its more targeted nature, it’s also getting more effective. Many ransomware cells now study their targets to pinpoint weaknesses, then customize attacks to exploit them. Not only that, they select targets and set ransom amounts based on knowledge of what those victims can pay.
And one more troubling fact to keep you up at night: soft targets are particularly vulnerable. That is, bad actors are placing local governments, school systems, nonprofit organizations, and even healthcare providers in the crosshairs. So even if your business avoids attack, a successful breach of one of these targets has major effects on day to day life. Enough preamble though. If you made it this far, you know the situation is serious. Here are three ways to prepare to clapback, so an attack won’t stop you in your tracks.
Train Your Staff
Your employees can be either the point of entry or the first line of defense for a ransomware attack. The choice is yours. Among the most common ways for ransomware to infect your network is once again through phishing emails. If your network users don’t know what to look for, they may unsuspectingly click on an attachment that delivers the malicious payload. Simple training makes all the difference, sharing tips like:
Double-check the domain name that sent the email
Look for spelling errors as well as numbers replacing letters
Review the signature & legitimacy of the request
Hover over links – without clicking – to check where they lead
Don’t click on attachments unless you’re sure of the source
There are applications available to let you test your employees & reinforce training without the consequence being an actual breach. Check out Sophos Phish Threat and Barracuda PhishLine for a couple worthy examples. Oh and one other key piece of training? Teach your employees to report any suspicious contacts asking for a way into your network.
Layer Your Security
The best approach to network security in 2020 is a layered one. As we just noted, well-trained employees are one layer, but there are many others to consider. If you haven’t heard by now, it all starts with the firewall. Your firewall – operating the latest and greatest security services – should be the cornerstone of a protected network setup. A current generation firewall plus those security services protects against just about any threat that comes your way. Companies now commonly incorporate threat intelligence – both human and the artificial variety – plus machine learning into their security offerings. That means they’re on the cutting edge to recognize and stop ever evolving ransomware and malware varieties.
But with the workforce extended beyond the perimeter now more than ever, your security must do the same. That means endpoint protection and secure access to your network for remote employees are also musts. Endpoint protection not only gives you visibility into these remote devices, it also extends many of the same security services to them individually. Ensuring secure access via VPN then brings your teleworkers back under the security of your firewall and network setup. And the layering shouldn’t stop there. Ensure you have email security in place to filter out suspicious messages before they even reach the eyes of an employee. And segment your network so a breach of one device doesn’t extend throughout. This may sound like a lot, but bundling services is surprisingly reasonable, and security costs much less than a successful ransomware attack ever will.
Backup So You Can Rollback
This could easily fall under the layers above, but when it comes to a ransomware attack, backup deserves a spotlight all its own. If you are successfully breached and your files encrypted, the smart money isn’t on paying the ransom, it’s on rolling back. Regular backups of your data allow you to get right back to work with minimal interruption, even if a ransomware attack occurs. A Sophos survey of 5,000 IT managers found more than half of firms whose data was encrypted by ransomware restored it through backups. Why is that? There are no guarantees when you pay the ransom. Plus, you don’t really want to support a criminal enterprise. And on a more practical note, Sophos also found that paying the ransom resulted in twice the remediation costs of restoring data from backups. Even if the ransomware cell you’re working with gives you the encryption key when you pay up, you still have to dedicate time and effort to restoration. So why not just have the restoration already available in house. Learn about Barracuda Backup and Sophos Intercept X with CryptoGuard for a couple of options to ensure you’re not caught flat-footed when a ransomware attack comes.
Best Endpoint Security of 2020 for Your Small Business
Finding the best endpoint security for your network needs can be a challenge. There are dozens of options, all supporting a myriad of advanced security features and integrations that may be impossible to navigate unless you’re an expert. Each vendor offers a unique set of services with strengths and weaknesses that will ultimately determine whether your users stay safe or not. The best endpoint security may vary from organization to organization, but here are our top picks for the best endpoint security options available in 2020.
What is Endpoint Security?
Endpoint security, end user security, endpoint protection—while the name can be flexible, its necessity for a secure network is not. Endpoint security software protects small businesses & enterprises by guarding connected devices against malware and other advanced cyberattacks. Modern endpoint security integrates with appliances and applications you already use to provide edge protection as employees and guests access your network.
Encrypted malware, ransomware, and business email compromise can spell disaster for small businesses. That’s why the ability to monitor end user activity in real time – as well as make decisions to quarantine and isolate individual machines – can mean the difference between a small, contained incident and a catastrophic breach.
In 2020, endpoint security platforms now incorporate Endpoint Detection & Response capabilities powered by AI. Guided response, rich reporting, and root cause analysis are all top-shelf features that organizations should seek in a quality endpoint security service.
What does Endpoint Security include?
The best endpoint security goes beyond the basics. Traditionally, end user protection included passive endpoint scans combined with basic antivirus capabilities. However, in 2020, the best endpoint security blow the basics out of the water with multiple advanced security features:
Continuous monitoring of files, applications, & connected devices
Automated incident detection and isolation of infected machines
Web content filtering to safeguard productivity and network usage
Auto-provisioning based on user group, OS, location, or time of day
Real-time threat intelligence updates from a pedigreed threat research team
The threat landscape is always evolving. That means your end user protection must stand up to threats never-before-seen by the network security ecosystem. The ability to recognize zero day exploits based on machine learning and behavioral analysis is essential for organizations to stay secure in 2020.
What is the Best Endpoint Protection of 2020?
Here are our top picks for the best Endpoint Protection for small businesses in 2020:
SonicWall teams up with SentinelOne to deliver a heuristic endpoint protection suite with the unique capability to mirror Microsoft shadow copies for post-infection rollbacks. This eliminates the need for manual restoration after a ransomware attack and lets admins rest easy knowing they can always restore endpoints to their pre-infection state. In addition, round-the-clock behavioral monitoring eliminates the need for scheduled system scans. In short, this minimizes network resource hogging and safeguards user productivity.
Detects elusive memory techniques used in exploits like buffer overflows
What makes Fortinet FortiClient unique?
Fortinet FortiClient end user protection services simplify remote user experience with built-in user provisioning, auto-connect, and an “always-up” VPN. FortiClient works perfectly in tandem with all Fortinet devices and services on your network through the Fortinet Security Fabric. According to NSS Labs 2019 Advanced Endpoint test, FortiClient blocked 100% of malware including extremely elusive threats.
Automatically detects, prioritizes, & investigates potential threats using AI
Leverages deep learning analysis to analyze malware in extreme detail
Out-of-the-box SQL queries categorized by use case
Live Response provides users command line access to endpoints & servers
Quickly search up to 90 days of current & historical on-disk data
What makes Sophos Intercept X Advanced with EDR unique?
Sophos made a huge splash with the upgrade to its original Intercept X service. It sports big changes that included Endpoint Detection & Response (EDR) capabilities in addition to its already robust real-time, integrated endpoint platform. Intercept X Advanced combines powerful endpoint protection with endpoint detection driven by machine learning. This means most threats are squashed long before they can damage your network. Artificial intelligence assists with guided response. To save your small business even more, an important note: the objective of Sophos endpoint protection is to reduce the need for added IT employees by consolidating their roles into a single automated system.
Auto-provisioning of VPN settings based on Client VPN
Zero-touch deployment through a self-service web portal
Deploy policies & changes from the cloud across the entire network
What makes Cisco Meraki Systems Manager unique?
Cisco Meraki’s endpoint management solution supports a variety of platforms and operating systems, making Systems Manager a flexible option for most any deployment. Systems Manager offers cloud-based endpoint management tools that easily scale up to meet growth needs. By providing admins the ability to manage distributed deployments from anywhere in the world, Systems Manager is an endpoint security solution built for a highly mobile, highly distributed world.
Look for the best endpoint protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
Modern businesses tend to deploy several cloud-based applications to meet the unique demands of their business. Apps such as DropBox and Skype–both common mainstays on SMB and enterprise networks alike–can make or break day-to-day business communication. However, every application comes with its own set of vulnerabilities, patches, and management dashboards that can make juggling multiple apps a headache for admins. Plus, these apps eat up huge amounts of bandwidth if left unchecked!
Sophos Synchronized Application Control, compatible with all Sophos XG Firewalls, attacks both issues. Plus, it provides a lower Total Cost of Ownership that makes your network security investment a win. Monitor all traffic, both inbound and outbound, across your network without the need to employ multiple network security specialists.
Synchronized Security enables you to deliver greater benefit for your security investment. Automated incident response frees up IT teams, while centralized management slashes day-to-day overheads. Driving down the total cost of owning and managing your firewall frees up resources, both human and monetary.
Synchronize your Security & Save Money
Synchronized App Control, as part of Sophos XG Firewall, uses Synchronized Security to share information across the network, gathering data points from all endpoints to provide a top-down view of your network topography. Configuring Synchronized App Control is quick and easy.
This lets you identify wasteful software, bandwidth-hungry apps, and potential security vulnerabilities. Sophos Intercept X endpoint protection paired with Synchronized App Control means that your network is constantly sharing information in real time, enabling your firewall to identify all applications on your network—even the ones trying really, really hard to stay hidden!
Application Categories & Labels
Synchronized App Control grants you the ability to block individual applications as well as entire categories of apps. That means if your business struggles to keep employees off unwanted instant messaging apps or unsecured file transfer apps, you can nix them all with a few clicks. Applications can be automatically marked with the following labels to simplify management:
New: Newly-detected apps unknown to your XG Firewall
Mapped: Detected apps automatically mapped to an app category
Customized: Applications that you mapped manually
Managing application labels and categories is made simpler with a handful of intuitive commands. XG Firewall includes a default set of categories for most common applications, but you can go more advanced with individual app controls. Synchronized App Control allows you to:
Acknowledge new applications & indicate that you don’t want to change their attributes
Customize an app to edit its name & category
Hide or Show applications you already know or don’t want to see
Delete apps & remove them from application filters. If XG Firewall detects a deleted app on an endpoint, the application will reappear on the application list
All of this is accomplished through one cloud-based management dashboard: a single pane of glass that acts as command and control for your entire security infrastructure. Whether you’re managing your bandwidth to ensure you squeeze every last MB out of your ISP or are hunting down network bottlenecks, a single unified console cuts your time spent in half.
Cybersecurity Evolved
Through Sept. 30th, Sophos is offering its Evolved Firewall Promo, making it more cost-effective than ever for small businesses to bolt on advanced security services like Synchronized App Control with XG Firewall. By purchasing a 3-year security service bundle, you get the firewall hardware free. It’s that simple. Enjoy the added benefits of Sophos XG Firewall & save money. Plus, we’ll throw in free, same-day ground shipping on your order.
Sophos XG 86 & XG 106 firewalls stand in as secure VPN appliances
Sophos XG 86 and Sophos XG 106 appliances are powerful next generation firewalls many small businesses use to as their primary cyber threat defense. However, these mighty little devices are far more versatile than admins give them credit for! Did you know the XG 86 and XG 106 can both stand in as dedicated VPN platforms to secure temporary remote work spikes? So you won’t need a Sophos RED (remote ethernet device) or other comparable VPN appliance.
A Sophos XG 86 firewall costs about the same as a Sophos RED and similar competing remote access devices. Yet it can perform even better than SMA devices if a split-tunnel deployment is required. This substitution is possible because Sophos XG firewalls come with a basic set of security features and services. They include the ability to deploy Sophos site-to-site VPN tunnels. Since this feature is part of the XG firewall base license, that also means no recurring fees or renewals are necessary.
Remote access security ensured
With your remote workers accessing company applications and resources through a firewall-facilitated VPN tunnel, you ensure the onboard and advanced Sophos security features they enjoy at the office protect users working from home as well. Those include Network Protection, Synchronized Security, and the Sophos Heartbeat. Bundle your Sophos XG 86 firewall with an EnterpriseProtect Plus package that includes advanced Web Protection to get a solution ideal for split-tunnel VPN deployments.
Ease management & deployment of remote access users
Another great benefit of using your Sophos XG 86 or XG 106 firewall as a stand-in for a secure remote access device is ease of management. Manage all your site-to-site tunnels and connected users intuitively through the Sophos XG Firewall single-pane-of-glass management dashboard. Simplify remote work chaos by monitoring and managing traffic with the same tools you would in the home office.
Sophos XG 86 vs Sophos RED
Remote workers returning? XG 86 can shift back to a security role
XG 86 offers more flexible secure access options like SSL & IPSec VPN
Centrally manage XG 86 VPN deployments with Sophos Central
Protect traffic routed through split tunnel setups that Sophos RED does not secure
How to use an XG Firewall for secure remote access
Using an XG 86 or XG 106 (for even more power and user support) in place of a RED or similar secure access device is simple. A Sophos XG firewall will act as a server that waits for incoming connection requests. This is quick and easy to configure with a few clicks to turn on “RED Status.” You can see full detailed instructions for this VPN setup in the Sophos Knowledge Base.
To continue our recent theme of decoding abbreviations, EDR means Endpoint Detection & Response, and that means that the age of AI is upgrading networks. This automated, real-time endpoint solution ensures that end users can work securely no matter where in the world they’re located in relation to a firewall.
With EDR, your network defenses constantly scan for the kinds of elusive malware, ransomware, and zero day threats that signature-based detection platforms miss. And in the event a security incident occurs, advanced Endpoint Detection & Response platforms such as Sophos Intercept X Advanced with EDR or FortiEDR stop attacks even if the endpoint is compromised. Guided response lets administrators easily walk through the steps of an attack to see its root cause and isolate infected machines.
EDR’s machine learning systems deter, detect, disarm, dissect, deescalate, and do away with any cyber threats you can throw its way.
Why EDR works for small businesses
Survey after survey several years running have revealed two facts: a majority of small businesses find it difficult to hire qualified IT talent–especially talent focused on network security–and their budgets often struggle to accommodate the talent they do find. Automated endpoint detection and response monitored by 24-hour machine learning intelligence adds just the kind of cybersecurity expertise that SMBs need without a higher employee headcount.
Just like modern grocery stores have self-checkout lines and autoworkers now benefit from the assistance of robotics, automation enables small businesses to do more with less to get the job done. Farm out malware expertise and incident response to the bots!
Sophos Intercept X Advanced with EDR
Intercept X Advanced has been a longstanding go-to for network admins looking to add advanced protection to their networks in a comprehensive, integrated system. Sophos Intercept X Advanced now also consolidates that industry-leading protection and EDR into a single solution. Intercept X’s advanced malware prevention significantly eases the workload on the EDR component, allowing you to utilize more of the speed and performance you pay your Internet Service Provider for.
Minimize staffing by automating IT tasks usually done by skilled experts
Provide visibility into attack scope, root cause, impact, & network health
Hunt for indicators of compromise that may leave your network vulnerable
Fortinet FortiEDR
FortiEDR will be made available to order on May 4th and is already boasting some big benefits and features. An EDR solution purpose-built to detect potential threats, FortiEDR stops breaches in real time, and mitigate the damage of ransomware even on machines that have already been compromised. FortiEDR also extends security to IOT devices with the ability to protect everything from PCs to servers to point-of-sale systems and more.
Creates very small network footprint thanks to native cloud infrastructure
Enjoy automated EPP with orchestrated response across platforms
Stop file-based malware with Fortinet’s kernel-level Next Gen AV engine
Eliminate dwell time & reduce post-breach expenses
SonicWall Capture Client
Automated endpoint detection and response is integrated into SonicWall’s Capture Client, bringing together EDR, advanced threat protection, and integrated network security. With unique ransomware rollback capabilities and intuitive attack visualizations, Capture Client offers a comprehensive endpoint protection and EDR environment for any SonicWall network.
Just in the nick of time for our strange days of full-capacity remote work, Sophos releases a new heir to the secure remote access throne with a replacement for their mainstay Sophos RED appliances. The new Sophos SD-RED 20 and Sophos SD-RED 60 bring together secure, encrypted SD-WAN capabilities and the Sophos Synchronized Security flagships XG Firewall and Intercept X. These unique and simple remote work solutions extend network connectivity to remote branches, distributed offices, outposts, home offices, and any other remote workers, no matter where they’re located. Whether you need stable remote access at a mountaintop observatory or in your new sealab, Sophos SD-RED appliances have you covered with stable, secure access and real-time visibility.
Other new features include SFP ports, Power-over-Ethernet capabilities for the SD-RED 60, huge improvements in throughput, and more interfaces than previous Sophos RED devices. The Sophos SD-RED appliances work seamlessly with Sophos wireless access points and the SD-RED 60 could even support two Sophos access points with Power-over-Ethernet alone!
Due to COVID-19, many small businesses now have employees working from home that may have no prior experience with remote work before the big change. SD-RED appliances ease the pressure of extending your secure network to remote workers with a truly plug-and-play, zero-touch deployment. No technical skill is required for remote workers or branch locations to install an SD-RED 20 or SD-RED 60. Just type the device ID into your Sophos firewall appliance and ship your SD-RED appliance to its destination. Once the device is received and plugged in, the SD-RED will connect to the Internet, call back home to your primary firewall, and automatically establish a secure VPN tunnel with auto-provisioning.
Sophos RED vs Sophos SD-RED
So how do these new remote access devices stack up against their predecessors? Check out our handy comparison table or keep scrolling to see new throughput improvements, expanded interfaces, and more to compare the original RED to the new, improved SD-RED.
Ready to get your hands on Synchronized SD-WAN? These new SD-RED appliances are ready to ship now! With the Sophos RED 15 potentially looking at backorders in the wake of the remote work rush, the SD-RED 20 and 60 have landed just when they are needed most. Synchronize your SD-WAN and secure your remote workforce today!
Sophos Threat Cases make Intercept X Advanced with EDR truly stand out from the crowd as an end user protection platform. Granting admins the ability to investigate and clear up malware attacks with just a few clicks, Threat Cases provide a birds’ eye view allowing you to visualize incidents occurring on your network. After getting an idea of what the incident looks like, you can then drill down into individual events and files to investigate details at a granular level. Guided response, root cause analysis, and attack visualization make Threat Cases a one-of-a-kind experience for network administrators.
See where attacks originated, how and where they spread, and identify which files, processes, applications, and devices were affected by the breach. Threat Cases are available for both XG firewalls and for servers, offering extensive visibility and control both on-premise and in the cloud.
Quickly identify, diagnose, & mediate
Isolate affected devices
Search for similar threats
Clean up after a breach
Block threats with automated guided response
For example, if malicious behavior is detected in an Office 365 file such as a Word document or Excel spreadsheet, Sophos Threat Cases will indicate that the file was written to the computer by Outlook.exe and tip off administrators that the threat was the result of a malicious email. Admins may then use this information to identify and close security gaps to prevent future exploitation of this attack vector.
Threat cases are only generated for malicious behavior detections and do not include detection of Potential Unwanted Applications and other false positives.
Types of infections seen by Sophos Threat Cases:
Malware detection
Web threats
Malicious behavior
Malicious traffic
Exploits
Where to find Sophos Threat Cases
If you want to take advantage of the features offered by Sophos Threat Cases such as root cause analysis, registry key and process filters, infection path visualization, and guided response, you’ll need an Intercept X Advanced license to get started. Once logged into your Sophos Central Admin dashboard, Sophos Threat Cases can be found by clicking the “Endpoint Protection” or “Server Protection” menu linked in the “My Products” section.
The Anatomy of a Threat Case
What does a threat case event look like and why is it so helpful for network administrators? Every Threat Case begins with a simplified events chain, giving an easy-to-follow visualization of the basic details of your incident.
After the simplified attack chain, each Sophos Threat Case serves up a more robust attack summary that details basic information like detection name, root cause, potentially affected data, infected user, device names, and attack timeframe.
The summary section is followed up by a Suggested Next Steps function which generates automated remediation advice on what to do next. Advice is dependent on the type of attack and other details specific to the incident. Examples of some advice from Sophos Threat Cases include isolating computers, setting priorities, and setting the status of a case record.
Last but definitely not least, the Analyze section is home to most of the detailed information admins will love from Sophos Threat Cases. Here you can find graphics of the attack “beacons” that Sophos detected and the root cause that Threat Cases identified. The beacon and root cause are then linked by interconnecting lines that make up the attack chain.
Admins can click on any individual event in this attack chain graphic, allowing them to view additional detailed information in a right-hand pop-up menu.
Hardcore fans of the Firewalls.com Blog (yes, we’re aware those don’t exist) may remember our Emotet malware article in March of last year, painting the banking trojan as the cybersecurity world’s biggest villain of 2019 and comparing him to the ever-evolving baddie, Ultron. With recovery costs surpassing a million dollars per incident, this feisty malware can wreak real havoc on small businesses and enterprises alike. A year has passed since that spotlight article, but Emotet is far from being ancient history. In fact, recent trends suggest that the Emotet problem may grow worse in 2020.
Security researchers at Nuspire discovered a huge resurgence in Emotet malware activity throughout Q4 of 2019 including 1,275 unique variants of the malware with 339,000 new strains discovered each week. To support this growth, Emotet has been diligently adding new features to its toolset, allowing for greater versatility in stealing credentials, spreading infection, and pilfering user data.
Same goal, new ways to reach them
We discuss a few of these new capabilities in Episode 13 of Ping: the Firewalls.com Podcast, specifically focusing on Emotet’s ability to scan wireless networks and infect connected devices. Added up with past strategies–spreading through email spam and lateral network movement–this advanced Trojan is proving ever more elusive to detect, identify, and prevent with every iteration.
When Emotet malware made a sharp resurgence in September of 2019, it often paired up with Ryuk ransomware, providing maximum damage to networks once attackers got their foot in the door. Cameos with TrickBot and BitPaymer also demonstrate that Emotet is willing to team up with fellow no-goodniks to cause even greater disaster after an infection.
Best practices to prevent Emotet malware
When it comes to malware, the greatest cure is prevention. Educating users, securing unmanaged devices, and shining a light on network blind spots are all strong preventative measures that can prevent an Emotet outbreak on your network. Focusing on email security training and Business Email Compromise with your staff arms them with the knowledge needed to sidestep Emotet’s widespread spam campaigns.
Sophos Intercept X Advanced with EDR (and other machine learning-powered endpoint protection platforms) monitor the evolving behavior of malware strains such as Emotet, comparing threat data from security sensors worldwide to compile real-time threat data to networks. Intercept X offers multiple layers of security, including detonation of executable files in a secure sandbox environment.
Maybe you’ve heard about the exciting new release of Sophos XG Firewall v18 or maybe you’re looking to add powerful Synchronized Security with Sophos Central Intercept X and EDR to your network setup. Whatever the reason you’re shopping for a Sophos XG firewall, there has never been a better time to make your investment. That’s because Sophos is giving away a free XG Firewall with every purchase of a qualifying 3-Year FullGuard Plus or EnterpriseGuard Plus bundle until the end of March 2020. *This promo has been extended until September 30, 2020!
This deal is called the Sophos Evolved Firewall Promotion because 2020 is the perfect time for your network security to evolve to the next generation!
What is FullGuard, FullGuard Plus, & EnterpriseGuard Plus?
FullGuard Bundle
The Sophos FullGuard Bundle includes Network Protection, Web Protection, Email Protection, WebServer Protection, & Enhanced Support. This option is a perfect fit for medium-sized organizations and businesses that maintain their own web- or cloud-based servers. Just remember to take advantage of this promotion, you’ll have to take the next step up.
FullGuard Plus Bundle
With everything included in the FullGuard Bundle, the FullGuard Plus Bundle takes your security to new heights with the inclusion of Sandstorm, a cloud-based sandbox environment. Quarantine suspicious traffic and detonate malicious payloads in a safe environment segregated from your network!
EnterpriseGuard Plus
The Sophos EnterpriseGuard Plus bundle includes Network Protection, Web Protection, & Enhanced Support. This package also includes the same powerful sandboxing capabilities with the addition of Sandstorm. EnterpriseGuard Plus is a great fit for smaller enterprises that can do without the extra Email and WebServer assets included with FullGuard.
A firewall is more than just a box you put on a desk or in a rack in the back room, it’s an appliance you count on to secure your network. But it’s often hard to distinguish between which of those appliances offers the best solution for your specific needs. Enter Sophos XG Firewall. This model line has options for networks of many shapes and sizes (even including virtual and software firewalls). Sophos XG Firewall features superior visibility, protection, and response to stop malware in its tracks. This series is also noted for its ease of deployment and management for even those who may be a little less tech savvy. In honor of the X in Sophos XG, we decided to put together X (or 10 when in Rome) Sophos XG Firewall features in video form.
More on XG Firewall features
If the video whet your appetite, but you still want to learn more about the Sophos XG firewall, we can help! Check out our feature review videos of the XG 125 and the new XG 86 & XG 106. We’ve also written about Sophos’ two security services bundles, EnterpriseProtect and TotalProtect. And last, but certainly not least, if you like learning about Sophos XG Firewall features in audio form, listen to episode 3 of Ping: A Firewalls.com Podcast in which we talk to Sophos’ Chris McCormack to take an even deeper dive into the XG firewall series.
If you’re looking into deploying a Sophos XG Firewall on your business network, it can be a challenge to discern the precise differences between various bundles, services, and licenses. What exactly is included in a Sophos TotalProtect or TotalProtect Plus bundle? How does it differ from FullGuard or EnterpriseProtect? While we took an in-depth look at Sophos EnterpriseProtect & EnterpriseProtect Plus suites in past posts, we’re back to peek again into the Sophos arsenal. This post will layout exactly which services are included in TotalProtect & TotalProtect Plus bundles for XG Firewall, showcasing the most comprehensive security solutions Sophos offers as part of its Synchronized Security suite.
XG Firewall Base Appliance
We talked extensively about the capabilities of Sophos XG Firewalls in our most recent podcast with Chris McCormack, (Sophos Senior Product Marketing Manager). XG Firewalls range in size from 1-10 user setups to 1000+ user environments, bringing advanced scanning and security capabilities to SMBs and enterprises alike. TotalProtect and TotalProtect Plus bundles include both a physical XG Firewall appliance–like the recently launched XG 86 & XG 106 firewalls–and the full suite of security services. FullGuard and FullGuard Plus consist of the attached security services, but do not include an appliance.
Network Protection
Sophos Network Protection licenses tie in the Sophos Intrusion Prevention Service, Advanced Threat Protection, and the Sophos Security Heartbeat, providing your network with robust perimeter defenses designed to keep zero-days at bay.
Email Protection
Sophos Email Protection scans inbound and outbound inbox traffic and fully supports SMTP, POP3, & IMAP protocols. Spam greylisting and a robust reputation service keep your inboxes free of unwanted junk while real-time security lookups in the cloud test message contents against the latest email threat intelligence. With plenty of automated file-type detection, phishing detection, and malware detection engines running simultaneously, the threat of Business Email Compromise is minimized. Additionally, pre-packaged Content Control Lists make for convenient one-click compliance for PII, PCI, HIPAA, and many other regulatory requirements.
Web Protection
With a majority of Internet traffic now encrypted, managing inbound and outbound web traffic is crucial to keeping threats off your internal network while protecting and prioritizing your limited bandwidth resources. Sophos Web Protection provides real-time visibility and control, enhanced web filtering, huge databases of pre-built URL blacklist, Smart Filters, and continuous threat intelligence updates from SophosLabs.
Web Server Protection
Sophos Web Server Protection guards your externally-facing servers and applications, shoring up one of your most publicly-exposed attack surfaces. If you host your own website, Web Server Protection offers a reverse proxy and web application firewall, along with SSL offloading and authentication services, to prevent data loss. This is a super easy way to harden your servers against attack while improving server performance.
Enhanced Support
Sophos Enhanced Support provides a warranty and replacement option for your firewall should it experience a malfunction. Your network is also backed by 24×7 Sophos support via phone, email, or a web portal ticket system. When new firmware updates become available, Enhanced Support ensures your XG Firewall is updated in a timely manner – a security must.
Why Bundle Sophos Services?
Some administrators may think that it saves time, money, or labor hours if they purchase individual security licenses “a la carte” as needed, but in most cases this is incorrect. Manufacturers bundle comprehensive service suites not because they hope to sell more services, but because these bundles have been holistically designed to integrate with one another and provide far greater visibility, control, and ease-of-use when working in tandem than when working individually. In the case of Sophos TotalProtect & TotalProtect Plus bundles, the whole is even better than the sum of its parts. When your system is composed of like-minded team players, it enables real-time communication between network layers. This means your security infrastructure is covered from multiple angles and is more responsive in the case of a breach.
It’s taken us two full episodes, but we’ve decided it’s time. Episode 3 of Ping: A Firewalls.com Podcast focuses on our namesake, the firewall. Specifically, we turn our attention to Sophos’ XG Firewall with Chris McCormack, Senior Product Marketing Manager with Sophos Network Security. During our discussion, we discuss the XG Firewall mantra: “A firewall that thinks like you, so you don’t need to think like a firewall.” You’ll learn about the various XG Firewall models available, from small business to enterprise appliances to software and virtual options. Chris also highlights some key features of XG Firewall, including its integration with other network devices through the Sophos Security Heartbeat.
Also in this episode, Firewalls.com Network Engineer Alan Steady checks in with our Engineer’s Minute bringing an important reminder regarding how to maximize the security that your XG Firewall offers. Learn more about the network security services our certified engineers offer.
And in our Headlines segment, you’ll hear about how cyber insurance companies are encouraging ransomware payouts (and why they shouldn’t be), how configuring your cloud presence is vital for your security, and how someone may be watching through your webcam.
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Spotify, Google Podcasts, Stitcher, Overcast, TuneIn, iHeart, Pocket Cast, Castro, Castbox, Podchaser, YouTube, and of course via RSS, to name a few). Remember to subscribe or follow where you can to get the latest episodes as soon as they’re released, and rate and review us as well!
I know the basic button code you gave me awhile back was pretty basic – like no color or font adj
New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!
Each day, more and more business-critical assets move from on-premises deployments to the cloud. Maintaining visibility across platforms is vital to ensuring your organization’s sensitive information is secure. The new SaaS-based Sophos Cloud Optix does just that. Powered by artificial intelligence (but not Haley Joel Osment), Cloud Optix automatically and continuously discovers all your assets on Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) environments.
That visibility, combined with smart alerts about suspicious behavior, gives you the ability to see when risks emerge and respond to them in minutes instead of days or weeks – making the cloud anything but cloudy. You can also setup guardrails to prevent, detect, & remediate network configuration changes. Speaking of setup, Cloud Optix plays nice with all your organization’s existing tools, and you can have this agentless service up & running in minutes.
Why Cloud Optix?
Aren’t cloud platforms already pretty secure? Yes and no. These services do have built-in protections on their end. But in a recent report, Sophos found that cloud servers faced an average of 13 attempted attacks per minute, per honeypot. That means if just one setting is wrong on your end, your organization’s valuable data may be exposed. Cloud Optix ensures you have the full picture of your settings at all times, making it simple to see if there’s a problem and address it.
And what about compliance? The public cloud is always evolving, and compliance requirements often change with that evolution. Cloud Optix continuously monitors compliance with custom or out-of-the-box templates for standards like CIS, SOC2, HIPAA, ISO 27001, and PCI DSS. It also does the diagramming for you so you’ll be prepared for security audits – with reports ready to download in just a couple of clicks instead of the hours they used to take to put together manually.
Ready to See More?
Take a closer look at some features of Cloud Optix with this Sophos datasheet, then see it in action in this video:
Try It Yourself
You may be thinking that while the video demo is nice, you’d need to take it for a test drive yourself before buying in. Guess what? You can! Sophos is offering a free online demo of each and every feature. And if that’s not enough, you can get a 30-day free trial to test it with the tools your organization uses every day. And finally, once you’re ready to buy, we have the subscription option that’s right for your organization.
Spring is the season for the New, and Sophos has sprung forth with the XG 86 and XG 106 firewalls – the latest additions to the XG firewall family. These models replace the Sophos XG 85 and XG 105 appliances – providing new options in the desktop firewall market for small business and other small office networks. While the physical appearance, software offerings, and most technical specifications remain the same as their predecessors, the XG 86 and XG 106 come complete with 4 GB of RAM – double that of the previous iterations. And at 16 GB, the XG 86 also features two times the embedded MultiMediaCard (eMMC) storage of the XG 85.
Before we go further discussing these new firewall models, let’s back up and talk about the Sophos XG firewall family. XG firewalls are known for top notch visibility into both known & unknown threats. They see & stop malware, and ensure your network is secure – automatically. Top 3rd-party evaluators like Gartner, NSS Labs, and SC Media have found Sophos XG firewalls to be leaders of the network security pack. As part of a Synchronized Security Solution, Sophos XG firewalls can be managed with the Sophos Central cloud console, offering real-time communication with your endpoints and other security solutions around the clock through the Sophos Security Heartbeat. With that background, we turn our video spotlight to the new XG 86 and XG 106 firewalls in our latest feature review:
Sophos XG 86/86W Spec Snapshot
Here’s a quick snapshot of the technical specifications for this small business firewall:
Already watched all the videos? Not to worry, we’ve got plenty of additional resources to help you find the firewall that’s right for your network. Take a look through our firewall buyer’s guide series and peruse our convenient comparison tables.
Focused on Sophos?
To take a deeper dive into your Sophos network security options, read through our Sophos Buyer’s Guide. In it, you’ll find information about different Sophos firewall series, security bundles, services, & even a glossary of terms to help you navigate your Sophos NGFW shopping journey.
Much like the human heart keeps vital blood flowing from head to toe and everywhere in between in rhythmic fashion, the Security Heartbeat keeps all your Sophos products functioning on the same sheet of music. Why does Sophos use the term “heartbeat” to describe the cornerstone of its Synchronized Security? It seems simple enough. The Heartbeat pumps information between endpoints such as desktop and laptop computers, mobile phones and tablets, Sophos firewalls, and all other security products to form the Synchronized Security system.
You’ve probably heard of Security as a Service, also known as SaaS. Sophos has another abbreviation to remember: Cybersecurity as a System, or CaaS. The Security Heartbeat revolutionizes network security by allowing every component to talk to each other in the same language through the hub of Sophos Central, securely sharing information from each endpoint about your network health.
As we’ve noted before, Sophos puts an impressive suite of security hardware and software at your disposal, from XG Firewalls (which you can get free with a security subscription), to Intercept X Endpoint Protection, and a lot more in between. As an example, let’s spotlight a communication between an endpoint and firewall using the Security Heartbeat in a Synchronized Security system.
A Sophos Security Heartbeat Example
A laptop, running Sophos Endpoint virus and malware protection, identifies a malware attack. Sophos Endpoint uses the Security Heartbeat to let the XG firewall know that it’s been infected. The firewall immediately responds by isolating the laptop to prevent the malware from spreading across the network. In the meantime, Sophos Endpoint cleans up the affected device, then notifies the firewall when it’s back up and running smoothly.
The firewall then restores the laptop to the network, and all is right with the world again. To ensure the mistake can be avoided in the future, Root Cause Analysis caps things off by generating a detailed report of the incident, allowing you to identify weak spots that need to be addressed to be even better prepared for the next attack.
Real-Time Integration for Truly Unified Threat Protection
The best part? All this happens within seconds. Without the Security Heartbeat, this same process could take hours to complete, leaving your network in a state of limbo. Instead of becoming a weeks long crisis, an attack like the one above is barely a blip on the radar, and your organization keeps running smoothly.
Through integrated CaaS coordinated by the Security Heartbeat, Sophos Synchronized Security allows your network to:
Discover – Identify Unknown Threats
Analyze – Get Instant Insights
Respond – Respond Automatically to Incidents
It Only Gets Easier
Another best part? You just need an XG Firewall to let the Security Heartbeat synchronize your security. You can add an XG firewall to your existing network or build your network security from scratch with an XG Firewall. Either way works! Get the XG Firewall that’s right for your network free by bundling it with a suite of next-gen security services.
Unrivaled Network Security. It’s no magic trick. Stopping 2021’s top threats means more than just a slick next-gen appliance. It means deploying a detailed and thorough configuration touching on dozens of unique settings, complex hierarchies, and strategic arrangements of resources. How you manage your firewall is just as important as which brand or model you choose, so you can’t afford to short yourself with the setup wizard. According to Gartner, 99% of successful network breaches can be attributed to a misconfiguration of the firewall. It’s time to blow away the smoke and mirrors.
If You Want Something Done Right
You want to try DIY, but maybe you’re not the GOAT with the NSA series. If you’re switching to new tech or just haven’t tackled a config project in a while, you may be surprised by all the advanced new features and options available on next-generation firewalls like the FortiGate-100E with built-in SPUs or how the SFOS 17.5 firmware release handles clientless SSO through Sophos Central. While you may be tempted to bridge a knowledge gap with the pre-packaged configuration wizard, there’s just not a whole lot there when you look behind the curtain.
In fact, the setup wizard is one of the culprits behind some of the most common mistakes even experienced professionals make when configuring their firewalls. We went over seven missteps that we see most often in the video below. Watch if you’re feeling lucky.
To give you another reason to say “No” to the configuration wizard, Firewalls.com is providing a free copy of our Firewall Configuration QuickStart Checklist! This in-depth checklist assists with every step of the configuration process from start to finish. If you choose to tackle your firewall config in-house, follow along with our checklist to make sure you’re not missing out on any of the advanced capabilities your appliance can perform. The checklist includes:
17 Pages of Settings, Documentation, & Helpful Configuration Tips
User Group Hierarchy Tables & Network Application Logs
In-Depth Overview of WAN, LAN, & Guest Wireless Setting Options
Advanced Security Feature Lists
Options for Managed Security Services, Support, & Custom Solutions
Make sure you never miss a step by following along with the Firewalls.com Configuration QuickStart Checklist. Every setting, big or small, can be the deciding factor that determines whether you’re a victor or a victim. Download the checklist free and say “No” to the setup wizard!
If You Want Something Done Flawlessly
Want to skip the config headache completely? Firewalls.com has the credentials to write the guide on firewall configurations because our expert team of top-tier certified network engineers has been perfectly configuring SonicWall, Sophos, Fortinet, WatchGuard, and Barracuda firewalls for literal decades! Each year, we process hundreds of end-to-end firewall configurations out of our Security Operations Center in Indianapolis. Real, local certified security experts work one-on-one with you to take on the unique demands of your network. Whether you’re looking for a highly available network with built-in redundancy or a super smart appliance backed by machine learning, our engineers have the skills and experience to get the job done while you focus on more productive tasks.
Demand for convenient and comprehensive firewall buyers’ guides exploded over the past year. 2018 was witness to a whirlwind of advancements in next generation firewall defenses. Research teams at FortiGuard Labs, SonicWall’s Capture Labs, & SophosLabs pushed the envelope to hone the capabilities of artificial intelligence, behavioral-scanning, and machine learning in network security.
With product launches like the SonicWall NSa 2650 through NSa 6650 series, a revolutionary power-up to Intercept X Advanced (now with EDR), and the continued growth of the Fortinet Security Fabric, there’s a lot of acronyms, brand terms, and tech data to cover! That’s why in 2018, our Buyers Guides were a huge hit. They generating a ton of buzz and engagement from administrators, small business owners, and IT consultants alike.
Here’s a quick review of all of our firewall buyers’ guides from 2018! *Update: Our latest Ultimate Firewall Buyers Guides are now live. The buttons below will take you to the latest versions.* Arm yourself with the knowledge. Make your best network security investment.
2018 SonicWall Buyers Guide
Check out how SonicWall CGSS and SonicWall AGSS security bundles come with all the tools you need to secure your NSa series next generation firewall. An SMB or mid-range firewall with SonicWall TotalSecure transforms even small business networks into big-time security powerhouses. This guide includes everything you need to know about current SonicWall firewalls, including SonicWall configuration options.
2018 Sophos Buyers Guide
Covering everything from XG Firewalls, recommended user counts, TotalProtect bundles, to Synchronized Security operating through the super-intelligent Sophos Central security hub, our 2018 Sophos Buyers Guide can you teach you how to lockdown endpoints with real-time behavior scanning and integrate your whole network’s security infrastructure with Sophos Security Heartbeat. See how the XG 115, Intercept X, and Sophos Central are linking up to provide enterprise-grade security to small business networks.
Fortinet Buyers Guide
The Fortinet Buyers guide made its debut in October 2018, and it was packed to the brim with information about FortiGate firewalls that can help both Fortinet SMB and Fortinet enterprise customers when they’re looking to build, upgrade, or expand a secure network. FortiGate firewalls are powerful, smart, and best in class in terms of total cost of ownership. Pound for pound, FortiGate firewalls can stack up against any competitor and with reinforcements from FortiCare support contracts and FortiGuard security services, you’re never facing a fight alone. Go see how the Fortinet Security Fabric wraps up all the loose ends of network security.
Network threats are always lurking out there, evolving. Admins need a whole team to pick attack vectors off one-by-one. Sophos has built an all-pro squad in Intercept X, ensuring that even a Tom Brady-level hacker’s attempts to pass malware and ransomware onto your network fall short.
What is Sophos Intercept X? In short, it’s the 1970s Steel Curtain, the 1985 Chicago Bears, and the 2000 Baltimore Ravens defenses all rolled into one package that protects endpoints like those units protected the end zone. Each individual layer of Sophos protection is best in class, but it’s the combination–or team–of features that put Intercept X at the top of the power rankings.
Sophos offers multiple versions of Intercept X with features that only get better as you level-up. Let’s take a look at the different Intercept X plans that are available.
Intercept X
This standard level of endpoint security is the backbone of all Intercept X options–the locker room leader if you will. Intercept X includes Deep Learning Malware Detection and Exploit Prevention that shuts down penetration before it impacts your device. CryptoGuard protects your files against ransomware, while WipeGuard stops boot-record attacks. You’ll also get automated malware removal, Sophos Clean to do a secondary malware scan, and Sophos Security Heartbeat. All of this combines to allow all your Sophos products to communicate, diagnose, and respond to network incidents in seconds, just like the headsets that keep coaches, coordinators, and captains on the same page during the game. You can try Intercept X completely free, no credit card required, for 30 days.
Sophos Intercept X Advanced takes your skills to the next level. All the game-changing features of Intercept X come along for the ride and are joined by the comprehensive features of Sophos Central Endpoint Protection, creating an MVP pairing of protection. These added solutions include Web Security and Application Control, anti-malware file scanning & live protection, potentially unwanted application (PUA) blocking, data loss prev