Security: more important than ever! At the Sophos Day Belux 2014, Jorn Lutters took the time to have a look back at 2014 and showed the audience what we've been dealing with in IT-security world the past year. Looking to 2015, Sophos is excited to contribute to a safer world!
John Shaw, VP of Product management at Sophos, introduced us to the world of Project Galileo. What is Sophos doing to bring Network Security and Endpoint security together? How do we make these two pillars of IT security work together?
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
Presentation of Vincent Vanbiervliet at Sophos Security Day 2015. On the new innovative products from Sophos such as Synchronized Security and our new XG firewall
Next-Generation Enduser Protection and Project Galileo are the new technologies that Sophos is developing to face new generation endpoint and network threats
Discover Synchronized Security - Sophos Day Netherlands Sophos Benelux
During his keynote, Matt Fairbanks (CMO of Sophos) showed the audience the mission and vision of Sophos to bring the market Sophos' perception of Synchronized Security. What does it mean when you bring the worlds of Network Security and Endpoint Security together and what has this meant for the developments at Sophos this last year?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
During the Sophos Security Day Belgium, Chris McCormack showed the audience what Sophos has been working on in the field of Network Security products. Amongst other things, Sophos XG v16 was elaborately discussed.
John Shaw, VP of Product management at Sophos, introduced us to the world of Project Galileo. What is Sophos doing to bring Network Security and Endpoint security together? How do we make these two pillars of IT security work together?
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
Presentation of Vincent Vanbiervliet at Sophos Security Day 2015. On the new innovative products from Sophos such as Synchronized Security and our new XG firewall
Next-Generation Enduser Protection and Project Galileo are the new technologies that Sophos is developing to face new generation endpoint and network threats
Discover Synchronized Security - Sophos Day Netherlands Sophos Benelux
During his keynote, Matt Fairbanks (CMO of Sophos) showed the audience the mission and vision of Sophos to bring the market Sophos' perception of Synchronized Security. What does it mean when you bring the worlds of Network Security and Endpoint Security together and what has this meant for the developments at Sophos this last year?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
During the Sophos Security Day Belgium, Chris McCormack showed the audience what Sophos has been working on in the field of Network Security products. Amongst other things, Sophos XG v16 was elaborately discussed.
On December 1st 2015, Lars Putteneers gave a presentation on Sophos Cloud during the Sophos Security Day. Sophos Cloud is the fastest growing and most innovative product within Sophos' product portfolio.
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Benelux
During their presentation, Lars Putteneers and Jerco Veltjen showed the audience some "unknown" but very cool and potential tools of Sophos such as Sophos Sandstorm, Email security and wireless protection.
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
Lars Putteneers, Sales Engineer at Sophos Benelux introduced the audience of Infosecurity Belgium 2017 to the signatureless anti-ransomware and anti-exploit solution of Sophos: Intercept X
The 2013 Security Threat Report recaps what happened in data security in 2012, and what trends are ahead in 2013. For more information, visit: http://bit.ly/VcLfLa
Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product.
This slide deck covers:
• Anti-virus policy live protection
• Anti-virus policy web protection
• Data control policy options to track files and removable storage
• Web control multi-browser inappropriate filtering and full web control
This presentation focuses on the features of Sophos UTM that give you complete security, without complexity. UTM provides security solutions for every part of your business. Endpoint, Network, Data, Email, Web and Mobile.
Find out more about Sophos UTM here: http://bit.ly/ULoBZV
This is Next-Gen IT Security - Introducing Intercept XSophos Benelux
Former CEO of Surfright (now Sophos' Director of Engineering) Mark Loman, presented Intercept X to the Dutch market at the Sophos Day Netherlands. This signatureless next-generation endpoint security solution delivers anti-ransomware, anti-exploit and anti-hacker features that will bring the game of IT security to a whole new level.
With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.
For more on Sophos EndUser Protection, visit: http://www.sophos.com/en-us/why-sophos/endpoint.aspx
O Sophos XG Firewall traz uma nova abordagem na forma de gerenciar o seu firewall, responder às ameaças e monitorar o que acontece na sua rede. Prepare-se para um novo nível de simplicidade, segurança e percepção.
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Panda Endpoint Protection is the cloud based solution that allows you to manage the security of your network endpoints (Windows, Mac, Linux and Android), without interfering with the performance and with minimum cost.
More info: http://www.pandasecurity.com/enterprise/solutions/cloud-office-protection/
On December 1st 2015, Lars Putteneers gave a presentation on Sophos Cloud during the Sophos Security Day. Sophos Cloud is the fastest growing and most innovative product within Sophos' product portfolio.
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Benelux
During their presentation, Lars Putteneers and Jerco Veltjen showed the audience some "unknown" but very cool and potential tools of Sophos such as Sophos Sandstorm, Email security and wireless protection.
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
Lars Putteneers, Sales Engineer at Sophos Benelux introduced the audience of Infosecurity Belgium 2017 to the signatureless anti-ransomware and anti-exploit solution of Sophos: Intercept X
The 2013 Security Threat Report recaps what happened in data security in 2012, and what trends are ahead in 2013. For more information, visit: http://bit.ly/VcLfLa
Sophos Professional services reviews how to optimally configure your Sophos Endpoint Product.
This slide deck covers:
• Anti-virus policy live protection
• Anti-virus policy web protection
• Data control policy options to track files and removable storage
• Web control multi-browser inappropriate filtering and full web control
This presentation focuses on the features of Sophos UTM that give you complete security, without complexity. UTM provides security solutions for every part of your business. Endpoint, Network, Data, Email, Web and Mobile.
Find out more about Sophos UTM here: http://bit.ly/ULoBZV
This is Next-Gen IT Security - Introducing Intercept XSophos Benelux
Former CEO of Surfright (now Sophos' Director of Engineering) Mark Loman, presented Intercept X to the Dutch market at the Sophos Day Netherlands. This signatureless next-generation endpoint security solution delivers anti-ransomware, anti-exploit and anti-hacker features that will bring the game of IT security to a whole new level.
With Sophos EndUser Protection you get endpoint security, mobile device management, web protection, protection for your data and email, and more—all in a single license.
For more on Sophos EndUser Protection, visit: http://www.sophos.com/en-us/why-sophos/endpoint.aspx
O Sophos XG Firewall traz uma nova abordagem na forma de gerenciar o seu firewall, responder às ameaças e monitorar o que acontece na sua rede. Prepare-se para um novo nível de simplicidade, segurança e percepção.
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Panda Endpoint Protection is the cloud based solution that allows you to manage the security of your network endpoints (Windows, Mac, Linux and Android), without interfering with the performance and with minimum cost.
More info: http://www.pandasecurity.com/enterprise/solutions/cloud-office-protection/
A mesma confiança Sophos na proteção de endpoint, agora disponível na nuvem. Implantação imediata, simples e segura
Sem necessidade de configurar um Servidor de Gerenciamento
Sem custos de compra de Hardware e Software
Adicione licenças na medida que seu negócio cresce
Obtenha novos recursos rapidamente, previsto no Road Map
Tim Ray, security analyst at 21CT gave this presentation on security visualization at FloCon 2013. The presentation was focused on why and how network security visualization could be used by organizations to find and eradicate network security vulnerabilities that they previously could not see.
For more information read Tim's blog post: http://ow.ly/h2iFD
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
Mark Loman showed the audience Sophos' next-generation signatureless endpoint solution which tackles exploits, zero-days, ransomware and any other known and unknown types of malware.
Symantec Cyber Security Solutions minimize the potential business impact of increasingly sophisticated and targeted attacks by reducing the time it takes to detect, assess and respond to security incidents.
One of the core Meaningful use measures requires providers to perform a security audit to ensure the protection of patient information. Learn more about what a security audit should entail, as well as potential risks and how configuration options within the SuccessEHS solution can be used to protect patient data.
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
By A.K. Vishwanathan, Senior Director – Enterprise Risk Services, Deloitte India
Vis is a Chartered Accountant, has a Certified in Risk and Information System Control (CRISC) and a member of the Information Systems Audit and Controls Association (ISACA).
He has advised large organisations in their endeavour in information security and controls, and led risk consulting in complex environments and regulated industries; specifically banking and financial services, telecom, manufacturing, oil and gas, pharma and life sciences and government sector.
Simply preventing personal devices from accessing your network might not be the best option for your business. A well thought out BYOD policy and the proper wireless security strategy can empower your employees, save costs, and increase productivity while maintaining security and control.
This presentation covers:
• The security implications of BYOD
• Steps to prepare your network for BYOD
• Strategies for managing remote users, branch offices and wireless access
Find out more about BYOD here: http://bit.ly/Ob1Giz
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
For the past several years, software-defined networking (SDN) has been a popular buzz word in the networking industry. In many ways, networking has always been defined by software. Software is pervasive within all of the technology that impacts our lives and networking is no different. However, networks have been constrained by the way software has been configured, delivered and managed—literally within a box, updated monolithically, managed through command lines that are reminiscent to the days of minicomputers and DOS in the 1980’s. Well, almost.
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
As cyber attacks have matured and become more complex over the last number of years, the objective of most attacks has not changed: compromise and collect user credentials. This session will explore the changing cybersecurity landscape and how managing identity – both in the enterprise as well as across 3rd party applications - is becoming job #1 in managing your organization’s risk.
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
As the volume and sophistication of attacks has increased, it has become even more critical for organizations to be able to rapidly and accurately identify malicious attack vectors and payloads at time of delivery. This session will explore Microsoft’s unique approach to dealing with this problem and also how we approach tracing and deconstructing a successful attack in order to prevent its’ next iteration.
La sécurité n’est plus un add-on au système d’information, mais doit s’intégrer à tous les niveaux, depuis son architecture jusqu’à la résolution d’incidents, en passant par l’exploitation au quotidien des centres de données. Dans un contexte de mobilité accrue et en considérant l’émergence d’un modèle d’informatique à la demande, la sécurité repose autant sur la prévention technique que sur l’éducation comportementale des utilisateurs et sur la capacité des systèmes à résister aux attaques Session présentée par le partenaire : DELL.
Speakers : Florian Malecki (DELL)
Achieving Deeper Network, Mobile and Email SecurityDell World
Today’s cybercriminals use complex techniques to avoid detection. Simplify your security oversight and governance so you can combat both internal and external threats—all while controlling costs.
Learn about the latest zero-day attacks and bring-your-own-device (BYOD) challenges. You will also see how Dell SonicWALL solutions offer deeper network security and control against emerging threats, simple and secure mobile access to critical data and apps, as well as spam prevention and secure email exchanges.
Similar to Security: more important than ever - Sophos Day Belux 2014 (20)
During Infosecurity 2017, John Shier, senior security advisor at Sophos told the audience all about the current Threat Landscape. What are the nastiest malware sorts out there today that are affecting our everyday lives? What and who are the baddies we should be worrying about?
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Benelux
Sophos Senior Security Advisor John Shier gave an insight into the most popular threats on the current IT security market. What works, what doesn't, what do we and our users need to look out for. Not only did he give some great insights but also was able to give some local Benelux numbers on the most popular and widely used threats.
IT Security landscape and the latest threats and trendsSophos Benelux
Senior Security Advisor at Sophos, John Shier provided a very informative session during Infosecurity 2016 in the Netherlands in which he discussed the latest threats and trends in the digital world.
Ransomware has become one of the most widespread and damaging threats that internet users face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike.
Mobile apps are the entry point to your web applications, APIs and web services. But sometimes the developer implements security in the mobile app that can easily be bypassed by a malicious attacker, allowing the attacker to exploit your web applications and steal confidential information. In this presentation I will show you how easy it is to attack a mobile application, intercept the communication and exploit the trust model of mobile apps. I will also give an overview of the OWASP Top 10 Mobile Risks.
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
Session on what the EU Data Protection Regulation actually means for EU organizations and how you can comply. Presented by Michael Heering at the Online Security Summit Belgium.
Prevent million dollar fines - preparing for the EU General Data RegulationSophos Benelux
On December 1st, Anthony Merry presented the proposed changes for the EU Data Protection Regulation (GDPR) and what this means for you as an organization.
In een interactieve presentatie nam Mahdi Abdulrazak, CISO bij Diagnostiek voor U mee in de stappen die een organisatie als de zijne neemt om informatiebeveiliging op orde te brengen.
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
13. 13
Malvertisements
Legitimate websites serving malware
30,000
Infections per hour –
just for Yahoo alone.
That’s roughly 8
computers per second
225%
Increase in popularity
in 2014 - currently 1 in
5 add providers are
compromised
14. 14
Professionalism, Crimeware
“Monetization”: Bulk of Threats Are Automated, Coordinated & Professional
Welcome to the Age of Personalized Malware
50% 75% 88%
50% of our detections
are based on only 19
malware identities.
75% of unique pieces of
malware are targeted
attacks (i.e., are not
seen beyond the
organization targeted).
88% of malware found
in fewer than 10 other
organizations.
36. 36
Corporate
Owned and
BYOD
Protect My
Data
Go Wireless
Users Are
Everywhere
What About
Securing My
Servers?
Transition to
the Cloud
Can’t Control
Users via
Brute Force
Downtime
Unacceptable
Regulations &
Compliance
“Console
Proliferation”
& “Agent
Pollution”
Help Desk
Queries
37. 37
Corporate
Owned and
BYOD
Protect My
Data
Go Wireless
Users Are
Everywhere
What About
Securing My
Servers?
Transition to
the Cloud
Can’t Control
Users via
Brute Force
Downtime
Unacceptable
Regulations &
Compliance
“Console
Proliferation”
& “Agent
Pollution”
Help Desk
Queries
New Attack
Surfaces
(Android, iOS)
250,000 New
Threats Will
Appear Today
Polymorphic
Threats Affect
Everyone
Macs Are No
Longer
Immune
Not Just A “Big
Company”
Problem
IT Systems Are
The Lifeblood
for Any Size Org
39. 39
Complete Security…
Network Servers End Users and Devices
Made Simple.
Simple Deployment Simple Protection Simple Management
• On premise
• Virtual
• Cloud
• User self provision
• Active Protection – real-time
protection powered by SophosLabs
• Live lookups via the Cloud
• SophosLabs experts tune the
protection so you don’t have to
Next Gen
Firewall
Anti-malware
and IPS
URL
Filtering
Network
Access Control
Wireless VPN Anti-Spam Email
Encryption
Anti-
Malware
Mobile Encryption Patch
Assessment
Application
Control
Device
Control
Encryption
for Cloud
Endpoint Web
Protection
Anti-Malware
Webserver
Protection
Virtualization
Intuitive consoles:
On Premise or
From the Cloud
Backed by expert support
App Control
V-Shield
40. 40
Reputation Data • Active Protection SophosLabs Correlated intelligence • Content Classification
AT HOME AND ON THE MOVE
Mobile Control Endpoint Security
SafeGuard Encryption
Secure VPN
Client
HEADQUARTERS
Endpoint Security
SafeGuard Encryption
REMOTE OFFICE 1
NextGen Firewall
Secure Wi-Fi
Endpoint Security
SafeGuard Encryption
Mobile Control
Administration
Secure Wi-Fi
SOPHOS CLOUD
Web Application Firewall
Secure Email
Gateway
Secure Web
Gateway
Mobile Control
Network Storage Antivirus
Server Security
Guest Wi-Fi
UTM
NextGen Firewall
Secure Web Gateway
Secure Email Gateway
Web Application Firewall
REMOTE OFFICE 2
Secure Wi-Fi
Endpoint Security
SafeGuard Encryption
Mobile Control
Secure VPN RED
41. 42
AT HOME
ON THE MOVE
HEADQUARTERS
SAMPLES
TELEMETRY
HONEY POTS
SOPHOSLABS
HUMAN
DECISION
MAKING
AUTOMATED LEARNING
& AUTOMATION
BIG DATA
ANALYTICS
Dynamic & Static
REMOTE OFFICE
42. 43
SophosLabs
Active Protection
Malware
Data
Website URL
Database
HIPS
Rules
Reputation
Data
Malicious
URLs
Spam
Campaigns
Sensitive
Data Types
Application
Categories
Device
Data
Mobile
Application
Reputation
Anonymizing
Proxies
Application
Patches
Network Servers Devices
Web Email
Next
Gen FW
Web App
FW
Wifi
Smartphone/
Tablet
Workstation/
Laptop
Data
Correlated Intelligence
Reputation Data
Content Classification
Email
Web
File
45. 46
“Complex solutions aren’t solutions. We
make security for the real world – for the
pragmatic enterprise. Simple security is
better security.”
Kris Hagerman, CEO Sophos
50. 51
SEC
Block C&C
DNS
IP tables
AFC
Webproxy
and UTM Advanced Threat Protection
C&C Server
URL Database
Command & Control Server
Check URL
Contact
C&C server
File checksum
suspicious
SXL
Analyze
Send file
Pattern
ATP
IPS
Juni 2013 NSA lek
NSA en Government Communications HeadQuarter (CGHQ)
Prism
Target: In the days prior to Thanksgiving 2013 – reported december 12 2013
Home depot: 18th of september 2014 – reported 6 november 2014
Heartbleed Juni 2014
Facebook
Instagram
Pinterest
Tumblr
Google
Yahoo
Amazon
Etsy
GoDaddy
Flickr
Netflix
Youtube
American Funds
Box
Dropbox
Github
OKCupid
Wikipedia
Wordpress
Stéphane Chazelas contacted Bash's maintainer, Chet Ramey, on 12 September 2014[1] telling about his discovery of the original bug, which he called "Bashdoor". Working together with security experts, he soon had a patch as well.[1] The bug was assigned the CVE identifier CVE-2014-6271.[4] It was announced to the public on 24 September 2014 when Bash updates with the fix were ready for distribution
Original release date: October 17, 2014 | Last revised: October 20, 2014Print Document
Systems Affected
All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.
Source: Haveibeenpwned.com
PWC global state of Information Security survey 2015
10,000 executives and IT directors in 154 countries
Let’s talk a bit about security
…the “malware” problem is getting larger (and at a faster pace) than imaginable. Today: 250,000 new threats will appear. Tomorrow, more than that will appear. Etc.
…Macs are no longer immune.
…new mobile platforms (Android, iOS) are expanding the attack surface
…targeted attacks are not just against the “big guys” anymore
…ever-changing (polymorphic) threats require industrial-strength protection
…reliance on IT systems and data (for all sizes of organizations) could not be higher. Saying it’s the lifeblood of the org is an understatement. It must be available and secure.
Simple Deployment* Select the delivery method that works best for you
* Be up and running in [xx time]
* Stay up-to-date automatically with cloud deployment
Simple Management* Navigate easily with intuitive management interface
* Get anywhere / anytime access with cloud management
* Simplify policy rollout across devices and technologies
Sophos Labs collects data from millions of endpoints and correlates it with our own research to provide immediate protection from the latest threats.
We don’t want using all this great technology to be difficult. That’s why we’re doing the hard work. A good example is our HIPs solution which gives you everything we know about how malicious files are constructed and behave and identifies them for you. You don’t have to construct a complex policy, you just tick a box to get it working. And our active protection is truly unified. Identifying and protecting against every type of threat and delivered to the engine that powers all of our products, whether at the endpoint, gateway or across the network.
1. As in all markets at first products were created to solve individual problems - what we’d call point products – they were focussed on solving one problem in one way – for example signature based antivirus or simple firewalls.
2. As the threat grew and as new technologies emerged to address these threats - like host intrusion prevention or application control – the number of point products required for effective protection increased. Often security vendors offered these new technologies as new, separate products. Often they only really integrated at the brand or licensing level.
Using all these products would in theory increase protection effectiveness, but in reality to achieve that level of protection an unsustainable increase in IT admin resource was required. The biggest impact was increased overhead for administrators and users. They were being asked to install multiple point products that were not integrated sufficiently at the deployment, policy or reporting levels.
This left customers with multiple agents on their endpoints slowing their users down, multiple appliances at their gateway slowing theri traffic down and multiple technical support hotlines to call, slowing resolving issues down.
In addition this lack of true integration meant many customers where overwhelmed and ended up not using all features. This trend continues today – and is exacerbated by increased pressures on IT – to protect against more sophisticated threats, on a more diverse range of platforms and devices – all with far fewer resources.
3. Our approach has always been fundamentally different. Because we’re focussed on cutting through the complexity by truly integrating all the security layers to deliver complete protection with a minimum of resources.
This started with enabling our endpoint antivirus agent to detect spyware and PUAs alongside viruses - and to include runtime HIPS (Host intrusion prevention system) technologies – without the need for a plug-in or separate agents. And it continues today with our complete security approach through all our products:
Web in Endpoint – combines our endpoint agents and gateway UTM appliances to ensure consistent web protection everywhere
Data Control – again built-into our endpoint agent and our gateway protection with our labs supplying the data intelligence to power the protection
Mobile Control – our unique combination of Mobile Device Management and Mobile Security
And our UTM lets you to manage everything on one physical or virtual box – from your network firewall to the endpoint antivirus and even includes a wireless controller so you get truly secure wi-fi
And our difference is not just about how the products work together but also about making them usable. We make sure aour products are practical to use in a business environment. For example we’ll use our expertise to make our management interfaces only display the essential options required to build the policies you require – we’ll use a single checkbox to activate a technology like HIPS - and hide all the complex configuration and fine tuning behind this - as it’s all is handled by the experts in our labs…we call this Active Protection.
Today we’re continuing to build on this approach – by constantly improving the ways in which our security components work better together – both at the protection level using our labs to hide the complexity from our customers and to simplify deployment and management by utilizing the Sophos Cloud platform.
Our product vision is to delver Complete Security Integration that reduces the enemy of security – complexity - for both IT admins and their users. To provide better protection with the lowest possible overhead. Our aim is to allow businesses operating securely and focus on growing without having over invest IT security products or expertise.
In the to protecting against web-based threats by enabling our endpoint agent and gateway
perform runtime HIPS,
At the core of ATP is a set of different traffic analysis mechanisms based on DNS, IP tables and the application control engine. This efficiently checks against data from our Sophos Labs to detect and prevent devices to connect to C&C/botnets outside the network. But that's not all: If you also enable Web Protection and IPS (which I recommend!) the ATP analysis will be leveraged by results of those systems - all consolidated in one dashboard/inline report/reporting view.
As mentioned above, ATP is able to consolidate results not only from its core engine but also IPS and Web Protection. Thus, the webadmin dashboard for ATP will show results whenever one of the analysis reports an incident. Same is true for the inline reports (-->Network Protection), only those will of course add more details/options: You will find information about source and destination of the traffic, a description of the threat found (and an external link to Sophos Threatcentral for ATP result), the origin which tells you which parts of the ATP system triggered the alert (DNS, AFCd, Proxy or IPS). You'll also have the option to add exceptions out of the inline report by hitting the "+" symbol! Note so, that the dashboard and inline reports will reset themselves on a daily basis
Competition:
Fortinet
Include similar ATP functionality to us including cloud sandboxing, botnet database and web filtering
Offer on-box sandboxing
Analysis
We offer a better multi-layer ATP solution that combines DNS, IPS, App control and Web that goes beyond what Fortinet provides
They have on-box sandboxing which we don’t currently offer, but the cloud is actually a better place to do this than on a customers system.
Expensive and complex
Conclusion
We compare favorably with Fortinet’s Advanced Threat Protection
Sonicwall
Offer basic IP-address based botnet filtering only
Mobile control
Mobile encryptie
Applicatiebeheer
DLP in email appliance en UTM
DLP in endpoint
DLP met Safeguard
SPX met email appliance en UTM