More Related Content


Sophos Cloud - breaking the stereotypes

  1. 1 Lars Putteneers Sales Engineer Sophos Cloud Breaking the stereotypes
  2. 22 Industry overview
  3. 3 Corporate Perimeter VPN Corporate Perimeter Cloud Services Dissolving Corporate Perimeter
  4. 4 I hate to break it to you……
  5. 5 End user  Endpoint protection  Mobile security  Web gateway Advanced User Protection Integrated User-based policy, management and reporting
  6. 66 Sophos Cloud Overview
  7. 7 Sophos Cloud is… Easy to use • Easy to try • Cloud-based • No management server required • Works out of the box IntegratedComprehensive • Endpoint Security: Windows, Mac, Servers • Mobile: iOS & Android • Secure Web Gateway • Secure Mail Gateway • Cloud managed WiFi • Single user-based policy for workstations, mobile devices, and web gateway • Only cloud-managed security product that is fully integrated
  8. 8 Sophos Cloud Products Endpoint Protection Mobile Control Server Protection Web Gateway Email Gateway For Channel Partners • Customer and License Management • Cross-customer security incident management Sophos Cloud For Administrators • Unified management and reporting • Simple to deploy – no servers to manage Sophos Cloud Key Benefits: • Easy Deployment • Simple management • Faster delivery of security • Comprehensive & integrated - Enhanced deeper security and visibility • Modular – simple add-on license activation
  9. 99 Endpoint/Enduser protection
  10. 10 Remediation Removes detected malware automatically; Security Heartbeat (Galileo) enables a synchronized security response with Copernicus Firewall Prevention Correlates threat indicators to block web and application exploits, dangerous URLs, potentially unwanted apps and malicious code Detection Analyzes software behavior and network traffic in real time, alerting you to hidden threats that can be missed by traditional AV technology Next Generation Endpoint Protection
  11. 11 What’s new in Sophos Cloud Endpoint Protection Application control Download reputation Adware & PUA detection for Mac
  12. 1212 Server Protection
  13. 13 Sophos Cloud Server Protection Standard and Advanced Simple • One-Click lockdown • Automatic trust rules • Cloud-managed: Instant deployment. • Server-specific policy • Automatic exclusion Great Protection • Whitelisting integrated with AV and HIPS • Web Security Fast performance • Fast scanning • Low impact • Won’t slow down servers unique unique
  14. 14 Positioning Server Protection • Server Protection Standard ○ Server AV for Windows and Linux ○ Automatic Scanning exclusion for windows ○ Can be upgraded from free Linux AV ○ Agentless option for VMWare virtualization platform (vShield) • Server Protection Advanced ○ Server Standard + Server lockdown Sophos Server Protection offers the best protection, performance and ease of use. It’s the best choice for the mid-market.
  15. 15 Server Lockdown with One Click
  16. 16 What happens when you click “Lockdown” Status Server Management Receive Rules from Server Authority Whitelisting Check if it needs to be whitelisted Check if it is maliscious Create a profile/ fingerprint executable Add to whitelist Applying Trust Identify trust rules Apply trust rules Sophos Cloud
  17. 17 Sophos Cloud
  18. 1818 Sophos Cloud Mobile Control & Mobile Security
  19. 19 MDM: Sophos Cloud Mobile Control Simple to Manage, Enhanced (IT) Productivity & Cost Savings (50% Savings Compared to Competitors) Manage Device • Support BYOD • OTA enrolment and configuration • One policy for iOS and Android Secure Device • Enforce passcodes & encryption • Locate, Lock and wipe • Compliance Protect Data • Configure email access • Configure Wi-Fi access
  20. 20 Sophos Cloud Mobile Security Country Malware PUA United States 4,49 14,28 Germany 4,84 9,71 Netherlands 6,65 17,64 UK 5,51 10,97 France 5,2 14,19 Canada 2,29 14,13 Australia 3,75 14,3 Singapore 11,82 28,89 % infected devices Jan-Jun/15 Protects Android devices from malware, risky apps and websites SophosLabs 2015 Proven SMSec client can be managed from Sophos Cloud and integrated with MDM Launched October 2015 Differentiated protection, scalable cloud managed, user licenced, unbundled. - Integrate with Sophos MDM - Extend End-User protection Global mobile malware concerns (IDC, Germany) Global Treat Trends SophosLabs
  21. 21 Integrated in Sophos Cloud Dashboard
  22. 22 Sophos Mobile Control
  23. 2323 Sophos Cloud Web Gateway
  24. 24 Supported Platforms Mac & Windows Available Now, Other Platforms Coming Soon Mac OS X 10.8.5+ Windows 7+ Android 4.0+ iOS 5.0+Chromebook Coming in late Q3
  25. 25 Global Network Optimized for Mobile Workforce Lightweight Endpoint Agent • Proxies data traffic to a Sophos Gateway • Dynamically chooses the best performing gateway • Knows what traffic not to proxy based on policy Globally distributed gateways • Analyze each packet for threats • Apply corporate policies • Aggregate data for real-time analytics Central Management through Sophos Cloud Globally Distributed Gateways
  26. 26 Sophos Cloud Web Gateway Security & Control Advanced Protection and Granular Control Security and Control • Web filtering on 90+ categories • App & URL filtering • Anti-malware and anti- phishing based on Sophos Labs • Lightweight DLP (keyword content scanning) • SSL scanning – zero touch SSL certificate management • Google SafeSearch
  27. 27 CWG Visibility & Reporting Big Data Reporting and Analytics made Simple Visibility and Reporting • Org wide reporting • Bandwidth, threats, category, domain, protocol • Per user reporting • Same reports as org • Network usage • By app, user, category, location, device, domain, protocol • Malware & phishing reporting
  28. 28 Differences Between Web Security Products Cloud A/V Web Controls SWA UTM Cloud Web Gateway Web filtering 54 categories 54 categories 54 categories 90 categories Reporting Limited Great Good Good SSL Scanning ✗ Admin must deploy certificates Admin must deploy certificates ✔ Keyword filtering (DLP) ✗ ✗ ✗ ✔ Custom block pages ✗ ✔ ✔ ✔ User feedback to admin ✗ ✔ ✗ Q4 App controls ✗ ✔ ✔ Q4 User time quotas ✗ ✔ ✔ Q4 Safesearch / Youtube ✗ ✔ ✔ ✔ Real-time logging ✗ ✔ ✔ ✔ Syslog ✗ ✔ ✔ Q1 Sand-boxing ✗ Q4 Q1 Q1
  29. 2929 Sophos Cloud Email Gateway
  30. 30 Sophos Cloud Email Gateway Sophos Cloud simplicity – with cutting edge mail security
  31. 3131 Sophos Cloud Licensing
  32. 32 Cloud protection
  33. 33© Sophos Ltd. All rights reserved.

Editor's Notes

  1. This is how IT sees it Over the past several years, the endpoint has changed. Endpoints used to be primarily Windows PCs housed on site, within a firewalled perimeter. Now endpoints include employee- and employer-owned PCs, Macs, Androids, iPhones and iPads. They access corporate servers and cloud services inside and outside the perimeter.
  2. Why do we need advanced end user protection? Users are vulnerabiltiy and they are often the weakest link in an organization's secuirty
  3. Sophos Cloud is Simple: You can get started in 60 seconds or less and our single intuitive console manages everything You have clear visibility and control of all user devices —and servers The Sophos Cloud server policy adapts automatically to the customer’s environment Sophos Cloud is Complete: Covering Windows, Windows Server, Mac, iOS, Android and Web control Sophos Cloud is unique and powerful: It’s the only cloud-managed security product with single user-based policy for workstations, mobile devices, and web control It’s the only product to automatically identify server applications and continually adapt the policy And, it’s the only cloud-managed security product to offer protection designed specifically for servers
  4. This will be a good slide for transiting to all other Products Sophos Cloud is a complete solution and will be even more complete in the coming months. Our enduser protection has endpoint + mobile We have added server protection with server application whitelisting and lockdown Cloud based web gateway way provide a comprehensive web security and content filtering capabilities
  5. When we talk about next gen endpoint protection – we are focusing on prevention, detection and remediation.
  6. Sophos Cloud Server Protection is Server Anti-malware designed specifically for servers that automatically adapts to the customer’s server enviroments. It is easy to configure and manage because once user install the protection agent it automatically identify Server OS, and apply default server policy and automatically apply exclusion whenever appropriate. With other application, you might have to manually group all of your exchange servers, then manually set exclusion. And then move on to other type of servers. With Sophos, you can set one policy, and it will automatically adapt to various environment. When you update your server, the software will adapt to that change, making maintenance extremely easy. At Sophos, we make sure security doesn’t get in the way of performance. Our AV engine has consistently proven to be best in performance by 3rd party tests. Sophos Cloud Server protection is no exception. In summary, with Sophos Cloud Sever protection, you get the best protection, that doesn’t slow down your mission critical servers and we make this extremely easy so you don’t spend our precious time time reading manuals or touble shooting.
  7. So what are the benfits of SCWG
  8. Sophos Cloud is simple to manage, providing enhanced productivity & significant cost savings.
  9. So what are the benfits of SCWG
  10. There’s a Lightweight Endpoint Agent on each device that Proxies data traffic to a Sophos Gateway. It Dynamically chooses the best performing gateway and Knows what traffic not to proxy based on policy Globally distributed gateways where every packet is analysed for threats, corporate policies are applied and data is complied for real-time analytics All is managed through the simple, intuitive Sophos Cloud Management interface
  11. Visibility into all network traffic Zscaler only looks at HTTP traffic We look at all network traffic UDP, TCP, SMTP, IMAP, App Traffic, FTP Need info on polices User/Group based? Yes Time of day? Location based? No (later) Bandwidth Quota? Yes Site categories? 75? What URL database provider? Webroot – Move to our own solution SSL inspection? yes Man in the middle? Yes URL Filtering only? Yes Content based filtering… documents keyword enforcement… “confidential”, cc #s – DLP light weight Context based policies (in v1.1)??? Location, time of day
  12. Big-data reporting and analytics Alerts, warnings and anomaly notification Real-time log API
  13. Sophos has a great selection of web security products All of this information is available on an updtaed deskaid availbale on hub and PP Clarifies the features that are available in each deployment option, haven’t got the time to go through all of these today – but if you want to explain to your customer why they need CWG over the web controls, this is what you need to review
  14. So what are the benfits of SCWG