Sophos utm-roadshow-south africa-2012


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Letsstartwithsome quick overviewabou Sophos:
  • As you can see different businesses trust the protection of Astaro. You find global brands as well as thousands of mid size companies
  • The ASG product line covers models for small networks and remote locations with up to 10 users to large networks with up to 5000 users.As opposed to other UTM solutions, Astaro software can be also installed on your own servers.The same set of security applications, including features such as Active/Active Clustering, WAN Uplink Balancing or Active Directory Integration, is available on all Astaro Security Gateway models - no matter if the hardware, software or virtual appliance is deployed.Furthermore, every hardware appliance contains an integrated hard drive for local spam quarantine and log/reporting information. Therefore, even the smallest remote office can get the same protection as a company's central office - without compromise.The ASG 525 and 625 models offer the highest availability through a redundant hard drive and power supply.
  • Astaro Wireless Security is a new approach, which serves to simplify the secure and reliable availability of WLAN environments. The integrated wireless controller in the ASG ensures that the affordable Access Points do not require any manual configuration. Astaro Access Points can be positioned anywhere in the office and offer a strong WLAN signal all over the office - the placement behind an Astaro RED is also possible, WLAN access for guests is also available in minutes and many clients can also be protected through the UTM security of the central ASG.
  • 9.2 SynchronisationderApplicationControl zwischen V9 und Endpoint -- gibt es heute noch nicht -> V9 fragt beim Client nach, welche App einen bestimmten netflow erzeugt -- Zusammenarbeit mit Sophos Labs eröffnet unerahnte MöglichkeitenVPN client im Endpoint Client enthaltenMobile Control: iOS und Android
  • Summary
  • Sophos utm-roadshow-south africa-2012

    1. 1. UTM meets EndpointDu Preez van WykNetXactics – Sales Consultant
    2. 2. At a glance: Network Security GroupThe Network Security Group of Sophos(formerly Astaro) is Europe’s market leaderfor Unified Threat Management (UTM). • The Astaro business was founded in 2000 and is since 2011 part of Sophos • Constantly gaining market share • Common Criteria and ICSA certified products • Received more than 120 product awards • Approximately 65.000 installations • Design and engineering made in Germany3
    3. 3. Unified Threat Management
    4. 4. Internet threats on the increase Crackers Botnets Spam Phishing Scam Hoax Viruses Spyware Gray wareIntrusions Denial of Service Distributed Denial of Service Ping floods Eavesdropper ScriptKiddies Espionage Malware Root kits Adware P2P File sharing Trojans Spit Bots Backdoors Buffer Overflows Hackers Malcode Bugs Key loggers Crime ware Pharming Competitors ExploitsIdentity theft DNS poisoning Snarf attacks Spam bots Spy bots Trap doorsWar driving Ransomware ASCII bombs Bluesnarfing Worms Decrypting Reverse engineering Phreaking Port Scanning 8
    5. 5. Network security solutions today Cost Time Investment Router Firewall IPS SSL VPN Gateway Email/Spam Filter Anti Virus Filter Web Filter WAN Link Balancer Load Balancer Total:9
    6. 6. Modern IT-Security challenges (1)Protect internet communication with office computers and servers Branch office Internet VPN VPN Roadwarrior Central office10
    7. 7. Modern IT-security challenges (2)Protect communication with endpoints and endpoints itself Branch office Mobile user Internet Roadwarrior Central office11
    8. 8. Sophos UTM v9Unified threat management appliances
    9. 9. Our all-in-one approachComplete protection for your network Endpoint Security & Mobile Control Integration of Networking features complete email, web for high availability & network protection and load balancing Flexible Deployment VPN & wireless Software Appliance Central, browser-based extensions management & reporting of all applications Virtual Appliance13
    10. 10. Security featuresEnterprise-class security for small and mid-size businesses Endpoint Protection  Device Control  AntiVirus Wireless Network Protection optional Protection • Wireless Controller for Essential • IPS incl. MAPP Astaro Access Points Firewall • IPSec/SSL/RED VPN • Multi-Zone (SSID) • WAN Link Balancing support • Stateful Firewall • SSL Portal (HTML5) • Captive Portal/Voucher • Network Address Translation • PPTP/L2TP Remote Access Web Server Web Protection Protection optional • Reverse Proxy • URL Filter • Web Application Firewall Mail • Antivirus & Antispyware • Antivirus Protection • Application Control • Anti Spam & Phishing • Dual Virus Protection • E-Mail Encryption14
    11. 11. Management made easy Intuitive Dashboard Individual UserPortal Comprehensive Reporting15
    12. 12. Sophos UTM Hardware Multiple 110/120 220 320 425 525 625 Appliance + RED Small Medium Medium Large Large Large Large networks Environment network network network network network network + branches Network ports 4 8 8 6 & 2 SFP 10 & 4 SFP 10 & 8 SFP Multiple Max. recommended 10/80 300 800 1.500 3.500 5.000 10.000+ firewall users Max. recommended 10/35 75 200 600 1.300 2.000 5.000 UTM users Software Appliance * Runs on Intel-compatible PCs and servers Virtual VMware Ready & Citrix Ready certified Appliance * Runs in Hyper-V, KVM, and other virtual environments *Pricing based #IPs/Users16
    13. 13. Branch Office SecuritySecurely connect branch offices
    14. 14. Branch Office Security - challengesBusinesses with many small branch offices need an easy and affordable way toconnect them back to the headquarter location and keep their Internet access secure.18
    15. 15. Available solutions Routers for private users Low-end UTM appliances MPLS and managed VPN services19
    16. 16. Sophos REDThe easiest and most economic way to secure your branch offices in a fewminutes – without the need for technical personnel at the remote site!20
    17. 17. Deployment scenarioSophos Branch Office Security21
    18. 18. Sophos Provisioning Service3. Connect RED Device 1. Enter RED name & ID Remote Office Central Office 5. Establish Tunnel RED Internet Router Sophos UTM Ship the RED without configuration
    19. 19. Sophos RED 10Technical information • Solid steel chassis • No moving parts • 1 WAN port • 4-Port LAN switch • 1 USB 3G/UMTS modem port • 30 Mbit/s VPN-throughput • <7 Watt power consumption • Unrestricted users • No buttons, no GUI23
    20. 20. Wireless ProtectionSecure wireless networks for businesses
    21. 21. Wireless networks – challengesBusinesses need an easy-to-use, secure and reliable possibility to integratewireless devices into their business networks.25
    22. 22. Available solutions Access points for private users Low-end UTM appliances with integrated Wi-Fi Enterprise wireless solutions26
    23. 23. Deployment scenariosSophos Wireless Protection27
    24. 24. Easy installation Guest Sophos UTM Finance Internet28
    25. 25. Hotspot aka Captive PortalSecure Internet access for guests in companies, hotels & other typical hotspot areas• Wireless and wired• Operating-Modes • Disclaimer-Page • Password of the Day • Vouchers with time/data quota • Guest-Registration within the Enduser-Portal• Customization of the Portal-Site• Part of the Wireless Subscription #2 Feature Request on 29
    26. 26. Sophos Access Points AP 10 AP 30 • Up to 10 users • Up to 30 users • 150 Mbit/s throughput • 300 Mbit/s throughput • 1 x 10/100 Base TX • 1 x 10/100 Base TX • IEEE 802.11 b/g/n • IEEE 802.11 b/g/n • Power over Ethernet (IEEE 802.3af) AP 50 • Up to 50 users AP 5 • Dual-band/dual-radio • Up to 7 users • 2.4Ghz and 5GHz • USB Access Point • IEEE 802.11 a/b/g/n • Wifi extension for RED10 rev.2/3 • 300 Mbit/s throughput • PoE+ (IEEE 802.3at)30
    27. 27. Additional Feature ExamplesAlways State-of-The-Art
    28. 28. Application Control aka Next Generation Firewall • Patterns for ~600 relevant applications • Deep Layer-7 inspection for true application identification (Next Generation Firewall) • Unclassified application feedback • Complete control to block, allow, shape, and prioritize • Detailed real-time reporting and forensic history • Graphical flow-monitor shows everything as it happens
    29. 29. Clientless SSL VPNHTML 5 VPN Portal• Browser based VPN without additional software• IE > v10, Firefox > v6, Google Chrome• No Java / ActiveX or Flash!• Applications: • Remote Desktop • VNC • Telnet • SSH • Webapp (HTTP / HTTPS) #1 Feature Request on
    30. 30. Endpoint ProtectionComplete Security – Better Together!
    31. 31. UTM Endpoint ProtectionAlways connected and up-to-date – everywhere UTM 9.1 Live Connect Policies, Events, Service Updates Branch Office Mobile User Policies, Events, Updates Policies Internet Roadwarrior Central Office 35
    32. 32. Endpoint Management36
    33. 33. Sophos UTM 9 - Roadmap2012 2013Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun UTM 9.0 UTM 9.1 UTM 9.2UTM 9.0 UTM 9.1 UTM 9.2GUI in Sophos Design Extended Endpoint Protection Extended Endpoint ProtectionSAV Integration • Web Filtering (policy sync.) • App.Ctrl (client/UTM comm.)UTM Endpoint Protection • Client Firewall (policy sync.) • Device & Media Encryption • Device Control • DLP • VPN client • AV & HIPS • Full Disk EncryptionClientless SSL VPN • MAC OS support TBAHotspot support • … • “Captive Portal” Extended Wireless Protection . • Repeater, Wireless IDS, Rogue AP detection UTM Mobile Control • Remote Lock & Wipe • Central App. Mgmt. • Email Access Mgmt 37
    34. 34. ConclusionSophos UTM v9 Complete Security • UTM with the most comprehensive feature set on the market • UTM meets endpoint – full integration of endpoint security Without Complexity • Single intuitive GUI for all functionalities • Unique plug`n`play Wifi and VPN technology Let s cut the costs • All-In-One vs. bunch of point solutions • Tailor made subscription plan • “Keep things simple”38
    35. 35. Thank you very much!Questions?Sophos UTM Contact: