Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
Security: more important than ever! At the Sophos Day Belux 2014, Jorn Lutters took the time to have a look back at 2014 and showed the audience what we've been dealing with in IT-security world the past year. Looking to 2015, Sophos is excited to contribute to a safer world!
On December 1st 2015, Lars Putteneers gave a presentation on Sophos Cloud during the Sophos Security Day. Sophos Cloud is the fastest growing and most innovative product within Sophos' product portfolio.
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
During the Sophos Security Day Belgium, Chris McCormack showed the audience what Sophos has been working on in the field of Network Security products. Amongst other things, Sophos XG v16 was elaborately discussed.
Discover Synchronized Security - Sophos Day Netherlands Sophos Benelux
During his keynote, Matt Fairbanks (CMO of Sophos) showed the audience the mission and vision of Sophos to bring the market Sophos' perception of Synchronized Security. What does it mean when you bring the worlds of Network Security and Endpoint Security together and what has this meant for the developments at Sophos this last year?
Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product.
This slide deck covers:
• Anti-virus policy live protection
• Anti-virus policy web protection
• Data control policy options to track files and removable storage
• Web control multi-browser inappropriate filtering and full web control
Next-Generation Enduser Protection and Project Galileo are the new technologies that Sophos is developing to face new generation endpoint and network threats
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Benelux
During their presentation, Lars Putteneers and Jerco Veltjen showed the audience some "unknown" but very cool and potential tools of Sophos such as Sophos Sandstorm, Email security and wireless protection.
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
Security: more important than ever! At the Sophos Day Belux 2014, Jorn Lutters took the time to have a look back at 2014 and showed the audience what we've been dealing with in IT-security world the past year. Looking to 2015, Sophos is excited to contribute to a safer world!
On December 1st 2015, Lars Putteneers gave a presentation on Sophos Cloud during the Sophos Security Day. Sophos Cloud is the fastest growing and most innovative product within Sophos' product portfolio.
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
During the Sophos Security Day Belgium, Chris McCormack showed the audience what Sophos has been working on in the field of Network Security products. Amongst other things, Sophos XG v16 was elaborately discussed.
Discover Synchronized Security - Sophos Day Netherlands Sophos Benelux
During his keynote, Matt Fairbanks (CMO of Sophos) showed the audience the mission and vision of Sophos to bring the market Sophos' perception of Synchronized Security. What does it mean when you bring the worlds of Network Security and Endpoint Security together and what has this meant for the developments at Sophos this last year?
Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product.
This slide deck covers:
• Anti-virus policy live protection
• Anti-virus policy web protection
• Data control policy options to track files and removable storage
• Web control multi-browser inappropriate filtering and full web control
Next-Generation Enduser Protection and Project Galileo are the new technologies that Sophos is developing to face new generation endpoint and network threats
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Benelux
During their presentation, Lars Putteneers and Jerco Veltjen showed the audience some "unknown" but very cool and potential tools of Sophos such as Sophos Sandstorm, Email security and wireless protection.
With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.
For more on Sophos EndUser Protection, visit: http://www.sophos.com/en-us/why-sophos/endpoint.aspx
John Shaw, VP of Product management at Sophos, introduced us to the world of Project Galileo. What is Sophos doing to bring Network Security and Endpoint security together? How do we make these two pillars of IT security work together?
The 2013 Security Threat Report recaps what happened in data security in 2012, and what trends are ahead in 2013. For more information, visit: http://bit.ly/VcLfLa
O Sophos XG Firewall traz uma nova abordagem na forma de gerenciar o seu firewall, responder às ameaças e monitorar o que acontece na sua rede. Prepare-se para um novo nível de simplicidade, segurança e percepção.
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
Presentation of Vincent Vanbiervliet at Sophos Security Day 2015. On the new innovative products from Sophos such as Synchronized Security and our new XG firewall
This is Next-Gen IT Security - Introducing Intercept XSophos Benelux
Former CEO of Surfright (now Sophos' Director of Engineering) Mark Loman, presented Intercept X to the Dutch market at the Sophos Day Netherlands. This signatureless next-generation endpoint security solution delivers anti-ransomware, anti-exploit and anti-hacker features that will bring the game of IT security to a whole new level.
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
Lars Putteneers, Sales Engineer at Sophos Benelux introduced the audience of Infosecurity Belgium 2017 to the signatureless anti-ransomware and anti-exploit solution of Sophos: Intercept X
F-Secure Radar offers you complete control over vulnerability management.
It lets you:
- Map your true attack surface, before someone else does
- Measure yourself against PCI compliance
- Improve your security measures with easy management
- Get customized reports that fit your company’s needs
- Scale and adapt F-Secure Radar to your needs
- Use seamless API integration with 3rd party solutions
F-Secure Radar is a European solution that can be implemented on premise or be used from the cloud.
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
Get on top of your IT security and manage risks centrally.
Policy Manager gives you the control of your IT security. You decide what sites your employees are allowed to access, and what software is allowed to be run the web.
F-Secure Policy Manager automates daily operations such as protection of new computers and removal of disconnected hosts. This allows you to focus on more critical issues. Multiple administrators with different admin level rights can work simultaneously and you can control their access rights individually.
With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.
For more on Sophos EndUser Protection, visit: http://www.sophos.com/en-us/why-sophos/endpoint.aspx
John Shaw, VP of Product management at Sophos, introduced us to the world of Project Galileo. What is Sophos doing to bring Network Security and Endpoint security together? How do we make these two pillars of IT security work together?
The 2013 Security Threat Report recaps what happened in data security in 2012, and what trends are ahead in 2013. For more information, visit: http://bit.ly/VcLfLa
O Sophos XG Firewall traz uma nova abordagem na forma de gerenciar o seu firewall, responder às ameaças e monitorar o que acontece na sua rede. Prepare-se para um novo nível de simplicidade, segurança e percepção.
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
Presentation of Vincent Vanbiervliet at Sophos Security Day 2015. On the new innovative products from Sophos such as Synchronized Security and our new XG firewall
This is Next-Gen IT Security - Introducing Intercept XSophos Benelux
Former CEO of Surfright (now Sophos' Director of Engineering) Mark Loman, presented Intercept X to the Dutch market at the Sophos Day Netherlands. This signatureless next-generation endpoint security solution delivers anti-ransomware, anti-exploit and anti-hacker features that will bring the game of IT security to a whole new level.
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
Lars Putteneers, Sales Engineer at Sophos Benelux introduced the audience of Infosecurity Belgium 2017 to the signatureless anti-ransomware and anti-exploit solution of Sophos: Intercept X
F-Secure Radar offers you complete control over vulnerability management.
It lets you:
- Map your true attack surface, before someone else does
- Measure yourself against PCI compliance
- Improve your security measures with easy management
- Get customized reports that fit your company’s needs
- Scale and adapt F-Secure Radar to your needs
- Use seamless API integration with 3rd party solutions
F-Secure Radar is a European solution that can be implemented on premise or be used from the cloud.
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
Get on top of your IT security and manage risks centrally.
Policy Manager gives you the control of your IT security. You decide what sites your employees are allowed to access, and what software is allowed to be run the web.
F-Secure Policy Manager automates daily operations such as protection of new computers and removal of disconnected hosts. This allows you to focus on more critical issues. Multiple administrators with different admin level rights can work simultaneously and you can control their access rights individually.
Endpoint security will helps in enhancing protection to corporate networks. It prevents from threats, virus and monitor potential entry in the network. Would you like to know more about the endpoint security working mechanism, then click here https://www.comodo.com/business-enterprise/endpoint-protection/endpoint-security-manager.php
Best practice Windows Update integrert i Configuration Manager sammen med Custom Update Publisher.
Gode eksempler på bruk av Desired Configuration Management. Vi ser også på nyheter som kommer i neste versjon.
Cloud computing transforms the way we can store, process and share our data. New applications and workloads are growing rapidly, which brings every day more sensitive data into the conversation about risk and what constitutes natural targets for bad actors. This presentation reflects on current best practices to address the most significant security concerns for sensitive data in the cloud, and offers participants a list of steps to achieve enterprise-grade safety with MongoDB deployments among the expanding service provider options.
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPrimend
IT halduse lihtsustamiseks on lisandunud mitmeid mõnusaid uuendusi. Andres Nurk rääkis põhilisematest nagu: Windows Server 2016, Windows 10 E3, ATP, OMS. Uuenduste tuules on muutunud ka WinServeri litsentsimine. Aleksei Räim andis kiire ülevaate, mida peab silmas pidama.
Will St. Clair: AWS San Francisco Startup Day, 9/7/17
Operations: Security Crash Course & Best Practices! All companies should build with security and protection of customer data as the number one priority. This talk will cover a wide range of best practices from MFA, root accounts, encrypting laptops, inventory management, MDM, and incident response. You'll learn key principles of how to build a secure organization to protect your data. Don't wait until your first security incident before putting these best practices in place.
Operations: Security Crash Course — Best Practices for Securing your CompanyAmazon Web Services
All companies should build with security and protection of customer data as the number one priority. This talk will cover a wide range of best practices from MFA, root accounts, encrypting laptops, inventory management, MDM, and incident response. You'll learn key principles of how to build a secure organization to protect your data. Don't wait until your first security incident before putting these best practices in place.
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesSymantec
End of Support is Not the End of Business
Businesses need to be prepared for the end of support of operating systems (OSes), especially if the OS is used enterprise-wide or runs business critical applications, such as Microsoft® Windows XP® and Windows Server® 2003.
As you know, Microsoft ended support for Windows XP on 8 April 2014, and will similarly pull the plugon Windows Server 2003 on 14 July 2015. Without any security patches, Microsoft has cautioned that “PCs running Windows XP after April 8, 2014 should not be considered to be protected”.
However, many organisations stick with their legacy Windows systems, even after support ends. Changing an OS across the entire organisation opens up the risk of downtime for mission critical applications. Migrating to a new OS is also manpower-intensive, and could easily lead to time and cost overruns.
Not surprisingly, companies see very little incentive to replace an unsupported but still functional OS—until there is an overwhelmingly urgent need to do so. In addition, their business may be dependent on old, proprietary applications that cannot run on newer platforms. Yet, it’s crucial for organisations to understand the risks of running an out-of-support OS against the costs and effort of migrating to a new one.
During Infosecurity 2017, John Shier, senior security advisor at Sophos told the audience all about the current Threat Landscape. What are the nastiest malware sorts out there today that are affecting our everyday lives? What and who are the baddies we should be worrying about?
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Benelux
Sophos Senior Security Advisor John Shier gave an insight into the most popular threats on the current IT security market. What works, what doesn't, what do we and our users need to look out for. Not only did he give some great insights but also was able to give some local Benelux numbers on the most popular and widely used threats.
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
Mark Loman showed the audience Sophos' next-generation signatureless endpoint solution which tackles exploits, zero-days, ransomware and any other known and unknown types of malware.
IT Security landscape and the latest threats and trendsSophos Benelux
Senior Security Advisor at Sophos, John Shier provided a very informative session during Infosecurity 2016 in the Netherlands in which he discussed the latest threats and trends in the digital world.
Ransomware has become one of the most widespread and damaging threats that internet users face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike.
Mobile apps are the entry point to your web applications, APIs and web services. But sometimes the developer implements security in the mobile app that can easily be bypassed by a malicious attacker, allowing the attacker to exploit your web applications and steal confidential information. In this presentation I will show you how easy it is to attack a mobile application, intercept the communication and exploit the trust model of mobile apps. I will also give an overview of the OWASP Top 10 Mobile Risks.
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
Session on what the EU Data Protection Regulation actually means for EU organizations and how you can comply. Presented by Michael Heering at the Online Security Summit Belgium.
Prevent million dollar fines - preparing for the EU General Data RegulationSophos Benelux
On December 1st, Anthony Merry presented the proposed changes for the EU Data Protection Regulation (GDPR) and what this means for you as an organization.
In een interactieve presentatie nam Mahdi Abdulrazak, CISO bij Diagnostiek voor U mee in de stappen die een organisatie als de zijne neemt om informatiebeveiliging op orde te brengen.
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
3. 3
What’s New in SafeGuard Enterprise 7.0
• Enhancements on Windows
Windows 8.1 August Update (f.k.a 8.1-2014) supported
BL management improvements
File Tracking for Cloud Storage targets
LSH user enrollment enforcement
Backend performance improvements in large DB environments
Support of new tokens/smartcards (KBA will be updated for release)
• Enhancements on OS X
• File encryption enhancements – original mount points hidden
• File encryption performance improvements
4. 4
BL - Support for Password Protector
• Passwords as an additional authentication mechanism
4
5. 5
BL - Support for Password Protector
• "Auto-Unlock" as a way to automatically protect and unlock
NON-boot volumes without requiring a user interaction at all.
• Implements support for the BitLocker hardware test, which is
initiated before encryption of the boot volume starts. This
improves the user experience, as scenarios where the user gets
locked out from the system are avoided.
• Allow the user to explicitly postpone BitLocker encryption
when, e.g., a new password is requested.
5
6. 6
LSH user enrollment enforcement
• User are now "remembered" to answer their questions in 3
stages
• Stage 1: Baloon tooltip in tray icon every hour, change to stage 2
on next
calendar day
• Stage 2: Additionally to stage 1 behavior LSH will be started
every logon and unlock and users can postpone, change to stage
3 after 2 days
• Stage 3: Additionally to stage 2 behavior (except the tooltip) the
LSH dialog will be started every 60 min (users can postpone it)
6
7. 7
Mac – File Encryption enhancements
• „Real“ enforcement of file encryption (original folders are
hidden to users and replaced by SGN secured folders)
• No changes in workflows anymore
Users can work with the secured folder as usual
Secured folders are stored on the same place where the original folders
were)
Real pathes (e.g. documents) can be used in Terminal now
• Support of additional AV engines
7
11. 11
Sophos Security.
Cloud Simplicity.
The same trusted endpoint protection, now available in the cloud.
Instant deployment, instant security, instant satisfaction.
13. 13
Business Key Needs Sophos Cloud
Easy to Implement
As a small business owner I typically have to “do it all”
and don’t have time to become a security expert. It’s
critical that this solution is quick to implement.
From Need to Solution in Minutes
• Sign up online and deploy endpoints right from
the cloud
• No server to implement
Easy to Manage, Maintenance free
Once we’re running, make it simple for me to stay
protected and, when I need to take action, make it easy.
Manage Anywhere with Auto Updates
• Per user policy and reporting
• Automatic upgrades
Ideal for Businesses
Cost Effective
My budget is tight so the price has to be competitive.
Economical
• Per user license – add users as you grow
• Licensing flexibility
• Annual, Multi-year
• No equipment procurement or maintenance costs
Effective Protection Everywhere
I need to ensure remote and roaming users are
protected the same way as office users
Best in Class Protection Everywhere
• Automatic threat and policy updates
• Built-in best practices; fewer clicks to better
protection
14. 14
Sophos Cloud v3 – Key Capabilities
-Releases November 18 2014-
Windows server protection (standard)
Automatic exclusions, enhanced exclusion capabilities, device based
policy
Existing EP customer automatically extended a 25% server allocation
(license)
Evaluation license support
Customer of EP or Server can always try the other regardless of whether
customer is licensed for it
15. 15
Cloud Server Protection (Standard)
Easy to configure and manage
• Automatically identifies and adapts to your server
environment
• Automatic exclusions
Fast Performance
• Low performance impact that won’t slow down your
servers
Great Protection
• Anti-malware, HIPS, Live Protection, Web Security
16. 16
Cloud Server Protection (Standard)
How is it different from Endpoint Protection?
Server policy is set per machine (server) and not per user
The server policy allows you to control all the features
(endpoint limits control over certain features)
Server has its own dashboard widget and report
Server has improved exclusions support and automatic
exclusions
Server doesn’t have device control or web control
You can only install Server on server OS and you can only
install Endpoint on desktop OS
17. 17
Cloud Server Protection (Standard) - Exclusions
What variables are supported?
Variable Windows 2008 Windows 2003
Example Expansion Uses Environment Variables Expansion Uses Environment Variables
%allusersprofile% C:ProgramData %allusersprofile% C:Documents and SettingsAll
Users
%allusersprofile%
%appdata% C:Users*AppDataRoaming %systemdrive% C:Documents and
Settings*Application Data
%systemdrive%
%commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles% C:Program FilesCommon Files %commonprogramfiles%
%commonprogramfiles(x86)% C:Program Files (x86)Common
Files
%commonprogramfiles(x86)% C:Program Files (x86)Common
Files
%commonprogramfiles(x86)%
%localappdata% C:Users*AppDataLocal %userprofile% C:Documents and
Settings*Local
SettingsApplication Data
%userprofile%
%programdata% C:ProgramData %programdata% C:Documents and SettingsAll
UsersApplication Data
%programdata%
%programfiles% C:Program Files %programfiles% C:Program Files %programfiles%
%programfiles(x86)% C:Program Files (x86) %programfiles(x86)% C:Program Files (x86) %programfiles(x86)%
%systemdrive% C: %systemdrive% C: %systemdrive%
%systemroot% C:Windows %systemroot% C:Windows %systemroot%
%temp% or %tmp% C:Users*AppDataLocalTemp %systemdrive% C:Documents and
Settings*Local SettingsTemp
%systemdrive%
%userprofile% C:Users* %systemdrive% C:Documents and Settings* %systemdrive%
%windir% C:Windows %windir% C:Windows %windir%
%homedrive% NOT SUPPORTED %homedrive% (per-user) NOT SUPPORTED %homedrive% (per-user)
%homepath% NOT SUPPORTED %homepath% (per-user) NOT SUPPORTED %homepath% (per-user)
18. 18
Cloud Server Protection (Standard) : Exclusions
Automatic Exclusions –
We will automatically apply exclusions based on the
applications detected on the server
The feature is controlled from the policy
Detection will be handled via the registry and custom
detection scripts
Sophos will provide a data feed with the exclusion rules,
which will be updated regularly
We are starting with the Microsoft ones: Exchange, SQL and
Active Directory domain controllers
We are the only ones doing this
32. 33
What is SMC?
• For IT professionals that want to enable mobility, Sophos
Mobile Control manages and secures mobile devices, content,
and applications with a user-centric approach that delivers the
simplest experience for users and administrators.
33. 34
Core Benefits of SMC 4.0
• Data Protection that Doesn’t
End at the Office Door
• Integrated Security
(Anti-malware, Web Filtering,
UTM integration)
• User Centric
(user based pricing and simple UI)
!
34. 35
Mobile Content Management
Data Protection that Doesn’t End at the Office Door
• Mobile Encryption built into the SMC Console
• Ensures Secure Content Collaboration
• Only EMM vendor to offer individual File Encryption
protected even “beyond the Cloud” with gated entry to each
file
• Ensures that each document that is connected to the server
remains secure
44. 45
Top complaints about current firewalls
IT Manager Survey on SpiceWorks
Profit
Insufficient reporting & visibility
Insufficient security & control
Not easy to manage
Poor value
Poor performance
45. 46
UTM Advantage 9.3
Enhancing Protection – New Features:
Stronger Protection
Simply Securing Content
• Time quotas, tagging, and selective SSL
scanning bolsters web protection
• SPX encryption user portal simplifies
data protection
• WAF features improve our TMG
replacement advanage
Better Everywhere
Extending deployment flexibility
• Microsoft Hyper-V 2012 support
• Remote assistance in a click with
customer-controlled secure access
• Multiple Bridge Support
Smarter WiFi
Taking Secure WiFi to the next level
• Automated wireless optimization
• New HTTPS and multi-tenancy hotspots
• Support for new APs and
wireless appliances
• Availabilty of SMS authentication*
46. 47
Top 3 New Features in Web Protection
Enterprise level SWG features – poweful, flexible, simple
• Time quota policy - users can browse specified categories for a set period
per day
• Site tagging – enables sites to be tagged and tags to be used in policies (e.g.
“customer sites” or “research sites”)
• Selective HTTPS Scanning – automatically determines which encrypted
connections to scan
Other Notable Features:
• Updated App Control engine – broader app coverage (1300 Apps) and
enhanced ATP
• Performance Improvements – proxy optimizations resulting in 20%
performance improvement and 75% memory reduction
• True File Type Detection – can block archives based on the files they
contain
47. 48
Time Quota Policy
Policy: Select the categories and the time quota…
User Experience
Helpdesk
(Reset if needed)
48. 49
Site Tagging
Tag sites to create unlimited custom categories
Use tags in policy just like
other categories
49. 50
Selective HTTPS Scanning
Optimize performance and privacy by scanning only sites that pose a risk
50. 51
Top 3 New Features in Email Protection
Simpler SPX Email Encryption and Better Email AV
• SPX Self-Registration – provides a portal so users can register, recover, and
reset their own SPX passwords
• SPX Reply Portal Support for Attachments – SPX replys can now support
email attachments.
• Live Anti-Virus – implemented Sophos AV engine for email with added
protection from malware in emails by doing cloud lookups on suspicious
content and true-file-type detection
53. 54
Top 3 New Features in Web Server Protection
Improving our Advantage as a TMG Replacement…
• Flexible Setup – allow/deny lists for IP ranges,
wildcards for server farms, username prefix/suffix
settings, support for custom WAF rules
• WAF Performance– Scan size limits and for customers
only using a UTM for WAF, they can dial up the capacity
of the WAF
• Persistent SSO – (coming a bit later) better user
experience that doesn’t require them to re-enter
credentials when accessing different MS applications
54. 55
Top 3 New Features in Wireless Protection
Taking Wireless Protection to the next level
• Automated WiFi Optimization – extends
automatic channel selection beyond startup to
work ongoing in the background
• Hotspot Multi-tenancy and HTTPS – Allows one
UTM to be used to service different hotspots
and encrypt the portal page.
• SMS Authentication – (available as needed)
allow users to request access to a hotspot on
their phone and receive voucher via SMS
55. 56
Top 3 Better Everywhere Features
Extending deployment flexibility
• Hyper-V 3.5 – adds support for Microsoft Hyper-V
Server 2012 R2 including MS Integration Tools v3.5
which will add HA/LB to Hyper-V
• Remote Assistance In-a-Click – enables webadmin
access to the UTM by Sophos Support with the click of a
single button
• Multi-Bridge Support – improves deployment options
57. 58
Sophos iView
Extending Reporting – Key Features and Benefits:
Added Visbility
Increased depth and breadth of reporting
• Over 1000 built-in reports and views
• Compliance reporting: HIPAA, PCI DSS,
GLBA, SOX
• Fully customizable reports & views
with extensive drill-down capabilities
Security Intelligence
Identify issues before they become
problems
• Rich dashboard and detailed traffic reports
offer intelligent insights
• Easily monitor suspect users or traffic
anomalies
• Quickly identify attacks on your network
Consolidated Reporting
Centralized reporting across multiple UTMs
• Works out-of-the-box with all Sophos UTMs
• Single centralized view of all network activity
• Great for larger organizations
and MSPs
Log Management
Backup and long-term log storage
• Automated backups of all UTM logs for long-term storage
• Eliminates reporting gaps if replacing/upgrading a UTM
• Quick access and retrieval of historical data for
audits and forensics
Our Design principle for Sophos Cloud is to provide Sophos security with Cloud Simplicity
The same trusted endpoint protection now available as a cloud-based/ cloud managed service with instant deployment.
What is Sophos cloud?
Sophos Cloud is a Cloud Managed security service.
The initial version of Sophos Cloud delivers cloud-managed endpoint security as a service.
The management console is hosted by Sophos which means there is no server to set up and security can be deployed instantly.
A small client anti-malware software (or agent) is installed on the protected computers.
Users - regardless of where they are – either in the office, working remotely working or traveling - will get complete coverage everywhere with real time policy refresh, and the latest threats and software updates. And because the management is hosted by Sophos in the cloud, users will get automatic updates and upgrades through the management console.
Smaller and growing businesses like yours may not have a lot of resources but are still concerned about cybercrime having a negative impact on your business.
Your IT resource is far too precious to focus a lot of time on security.
You need security that is easy to deploy.
Sophos Cloud doesn’t require a server. And you can start with a trial account that take minutes from sign up on line to deployment.
<Click>
The second need is effective protection everywhere.
Growing business like yours typically have remote and roaming workers. You want to ensure they are protected the same way as office users.
Sophos Cloud provides automatic threat updates and real time policy refresh so your roaming workers are always protected against the latest threats.
In addition, we know that 90% of threats are coming from web. Sophos Cloud automatically blocks web threats before they reach your computers.
What’s more, Sophos Cloud uses security best practice to automatically resolve issues for you. Whenever we can, we make dealing with issues easier and quicker than ever.
<click>
We know that security is not your only job, so a solution must be easy to manage and maintenance free.
Sophos cloud’s management console is accessible from anywhere.
And because the server is hosted by Sophos, we provide automatic software updates and upgrades, which means it is maintenance free for you.
<click>
Lastly, you want a solution the is economical. We offer per user licensing. Your user may have a desktop and a macbook air for travel, but that stil counts as one user. Sophos Cloud is subscription-based, so you can add users as you grow.
And we have flexible licensing terms with available annual or multi-year subscriptions, and monthly subscriptions are coming soon.
Again, Sophos cloud means no equipment procurement or maintenance costs, automatic updates and upgrades, and per user licensing.
Improved exclusion capabilities (2008/r2, 2012/r2)
Automatic exclusions (2008/r2, 2012/r2)
Competitive intelligence – against competitor’s server product focus on set up/ configuration.
No plan to put server AV on 3rd party test.
Performance test - > 3rd party accolade (general Sophos, not product specific)
download reputation – first in cloud. (server?) APT/ network-aware threat detection.
Guidance on what collateral -
The original Cloud Endpoint license (EP-Cloud) introduced with v1 was retired when v2 was released. All customers with this license were automatically upgraded to CEA.
Set up is extremely easy. If you start with the trial, complete a simple form and Sophos Cloud will send you an activation email. That leads you to set up your account log in.
We know that setting up an account without deploying endpoint client doesn’t really help anybody. So the first experience after you sign in is this “lightbox” that urges you to deploy the software.
Simply deployment via email
Policy can be set by the user or by the group, and will automatically apply to all the computers under that user or group.
A dashboard that shows actions required, if any, is also included to give you tremendous visibility into your deployment.
The reports give you at a glance views of all the devices, computers and users protected. You can also view reports by users, by computers or by devices
- Data Protection that doesn’t end at the office door: With Mobile Content Management for iOS devices, SMC is the only EMM vendor to offer individual File Encryption, ensuring each document that is connected to the server remains secure, allowing users to remain productive by collaborating safely. Gated entry to each file allows organizations to rest assured that their documents and data remain safe – not just in the office, but anywhere & everywhere their users go.
- Integrated Security: Mobile devices are essentially computers that travel everywhere with users; hence, mobile devices need the same level of AV protection, to ensure users can remain productive and safe. Sophos Mobile Control is the only vendor to provide integrated AV and Web Filtering for Android devices – Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC 4.0, users get integrated anti-malware, which protects users from malicious websites and other threats; this can be integrated into the SMC console and centrally managed through SMC. Additional web filtering protection helps ensure that Android devices remain secure, and organizations have reduced risk data breaches with our UTM integration which blocks network access based on compliance status of device (SMC also integrates with Checkpoint & Cisco for Network Access Control).
-User-Centric: the only EMM vendor to offer user-based pricing, Sophos makes it easier for organizations to calculate the costs of implementing BYOD in their environment
With this new and exciting feature, we are extending our promise of “Encryption Everywhere” by offering built in Mobile Encryption into SMC. Cloud storage makes it easy for your customers’ users to access files from any location. But after news of data breaches, can they be sure that their data is really safe? Data protection shouldn’t end at your office door. SMC now makes it easier for you to collaborate with colleagues and business partners. And it enables persistent encryption because each document that is connected to the server remains secure. What makes us different? We are the only EMM vendor to offer individual file encryption: with AirWatch/Mobile Iron, if someone gets access to your dropbox account, they automatically get access to a users’ content. With SMC, each document is gated and therefore even if they get into the dropbox account, they cannot access individual files without a key. Gated entry to each file allows organizations to rest assured that their documents and data remain safe – not just in the office, but anywhere & everywhere their users go. Currently, iOS first Android to follow. Encryption Everywhere
Gartner called out the importance of this in their 2014 MQ report - “Sophos' mobile content management transparently encrypts files leaving a PC or mobile device to prevent data leakage. This integrates with third-party file storage providers and enables companies to securely use low-cost third-party storage.”
Screen shot of Mobile Encryption app, automatically built into SMC. We support DropBox, Egnyte, Google Drive, etc
Available only on iOS
If device is not compliant, the access to the SME app will be blocked
Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life.
-SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.
-SMSec is integrated into the SMC console and centrally managed through SMC
-Admins have full control over the app settings and can block infected or outdated devices.
Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability.
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life.
-SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.
-SMSec is integrated into the SMC console and centrally managed through SMC
-Admins have full control over the app settings and can block infected or outdated devices.
Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability.
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life.
-SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.
-SMSec is integrated into the SMC console and centrally managed through SMC
-Admins have full control over the app settings and can block infected or outdated devices.
Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability.
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life.
-SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.
-SMSec is integrated into the SMC console and centrally managed through SMC
-Admins have full control over the app settings and can block infected or outdated devices.
Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability.
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
Integrated AV (malware protection): With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life. Android devices encompass 70% of smartphone sales, yet Android devices are the most susceptible to malware; last year there were about 80,000 malware samples detected. With SMC, users get integrated anti-malware which provides full functionality to protect your Android device without reducing performance or battery life.
-SMC (with built in SMSec) Helps users avoid undesirable software that may lead to data loss and unexpected costs.
-SMSec is integrated into the SMC console and centrally managed through SMC
-Admins have full control over the app settings and can block infected or outdated devices.
Other EMM vendors don’t offer built in Anti-malware, they have a 3rd party that provides that capability.
Web Filtering: Sophos Mobile Control is the only vendor to offer Web Filtering for Android devices. Admins can define 14 categories that they allow/warn/block, filtering web access on Android devices. Sophos is the only EMM vendor to extend this endpoint functionality to mobile devices, offering additional robust protection for Androids to prevent access to data-stealing web pages.
Network access control: Organizations have reduced risk data breaches, since SMC can be programmed to block network access based on device compliance status. In 4.0, SMC integrates with Sophos UTM. SMC controls a user’s network access via Wi-Fi and VPN based on the compliance status of device: if you have a roach device, you can block VPN or Wi-Fi access.
- SMC also integrates with Checkpoint & Cisco for network access control (however, only for controlled VPN/Wi-Fi access only)
So we’ve covered how we’re extending our reporting with iView and addressing customers top complaints about their current firewall, but what about these other major complaints. Of course, the UTM does a great job in providing protection and controls, that are easy to manage, and with everything in a single box, customers get outstanding value, but let’s have a look at how we’re extending this advantage in UTM 9.3
What’s new in UTM 9.3? Well there are a bunch of new features that fall nicely into four areas…
Stronger protection with new features for web, email, and WAF… in particular… one of our most requested features… time quotas for web surfing policies so you can limit users to say 1 hour per day for categories such as social media, shopping or sports. Site tagging and selective SSL scanning are also being introduced.
We’re also making WiFi smarter with enhancements to the WiFi channel optimization to maximize performance, hotspot authentication via mobile devices and of course support for the new Access points.
New deployment options extend the UTMs ability to work better in even more places… with Hyper-V 2012 R2 support (with HA options), support for HA on AWS, and a new option for one-click secure support access to SSH or Webadmin.
And of course, the new iView reporting appliance extends and enhances our UTM reporting, so let’s look at that in more detail…
For those of you that may not know… Sophos iView is our first product collaboration with Cyberoam. This is a product that we’ve worked with them on bringing to the sophos UTM product line as an add-on that extends and enhances our on-box reporting. It works out of the box with Sophos UTMs and offers a number of great features that will appeal to many organizations such as…
Added visibility, adding a bunch of additional reports and views, including reporting that meets compliance requirements for standards like HIPAA, PCI, and a few others.
It also offers a lot of additional views and customization options that will appeal to the nerdy IT admin.
Another key benefit it provides is consolidated reporting across multiple UTMs which will be huge for MSPs and larger organizations with more than one UTM.
It also provides some good insights into traffic trends that may allow admins to identify problem users or attacks on their network
And it provides great log management for backup and long-term storage so if a UTM needs to be replaced all the historical reporting is not lost and makes retrieval easy for audits or forensics
It’s a great new addition to the UTM line up, particularly for customers wanting more breadth and depth of reporting, those who need to meet compliance requirements, or those managing networks with multiple UTMs. It’s coming at the end of Sept.
Since Sophos iView uses the same OS and installer as Sophos UTM, that part of deploying iView will be very familiar to SEs and partners.
After iView is installed, On the UTMs you’re monitoring, all you need to do is go into “Log Settings” and setup iView as a syslog server – iView will automatically recoginze the UTM and start accepting log data
iView offers a huge number of reports and dashboards that are easily customized with attractive animated 3D graphs. Here’s a snap shot of of the Web Usage Dashboard showing top domains, users, categories, and content in a single view with extensive drill down capability
A key feature of iView is the ability to help customers achieve compliance reporting requirements for standards such as PCI, HIPAA and others.
The compliance reporting section offers all the reports customers needs… here’s an example of the admin audit trail report that’s required for PCI compliance.
Consolidated reporting is another key feature of iView as it can collect logs from multiple UTMs and provide both a consolidated view of the entire network as well as the ability to organize UTMs into groups or drill down into individual UTMs
There’s an option to “Select Device” on the top of every report
Which allows you to select the specific UTM or group of UTMs you want to report on.
iView also offers important trend reporting which can be helpful in identifying attacks, such as a sudden increase in ICMP traffic that might be indicating a Denial of Service type attack as you can see here on this chart.
It also offers a ton of custom report options, scheduled reports, and literally any feature you might expect in a dedicated reporting appliance.
We’re going to put together a screen shot library of many of the reports as soon as we can as a sales tool.