During the Sophos Security Day Belgium, Chris McCormack showed the audience what Sophos has been working on in the field of Network Security products. Amongst other things, Sophos XG v16 was elaborately discussed.

1. Sophos XG Firewall
The next thing in next-gen
Chris McCormack
NSG Product Marketing
November, 2016

2. What we’ll cover…
2
Today’s Top Problems with Existing Firewalls
Sophos XG Firewall
What’s New
Live Demo
What’s Next

3. Today’s top firewall problems
Compounded by trends in network security
Poor performance
Poor value
Too complex
Insufficient security & control
Insufficient visibility
Top complaints with existing Firewalls (2016*) Network Security Trends
Enormous amounts of data collected
More than any IT manager can consume
More sophisticated threats
Evasive, targeted, zero-day threats
Increasing number of solutions
Too many features, too many products
$
Spiralling costs of security
More solutions competing for similar budget
Unprecedented network demands
Cloud, IaaS, vanishing perimeter, BYOD
*Sophos commissioned a survey of mid-market IT managers on Spiceworks

4. Sophos XG Firewall
4
Solving today’s top problems with existing Firewalls
Central ManagementSimpler to manage Instant visibility Synchronized security Top performance
 Streamlined workflows
 Unified policies
 Policy templates
 Control center
 User & App Risk
 On-box reporting
 Linking firewall & EP
 Security Heartbeat™
 Dynamic app ID
 Industry-leading HW
 FastPath optimization
 High-performance proxy
 Full-featured & consistent
 Cloud or on-premise
 Free for partners
Complete protection
 Firewall & Wireless
 Web, Apps, APT
 Email and WAF

5. XG Firewall’s Unique Innovations
5

6. What makes XG Firewall Unique
6
Innovative features you just can’t get anywhere else
Synchronized Security
• Links Endpoints and Firewall to share telemetry and status
• Enables features like Security Heartbeat™ & Real-time App ID
Unified Firewall Rules and Policies
• All firewall rules on one screen with snap-in user-based policies
• Policy templates simplify protecting business applications
Enterprise-grade Secure Web Gateway
• Powerful top-down inheritance based web policy model
• Easy and intuitive to build sophisticated user and group based policies
User and Application Risk Assessment
• Automatically identifies high risk users and applications on the network
• Identifies potential issues before they become real problems
No-compromise Deployment and Central Management
• The most flexible deployment options without compromise: XG Series, software, virtual, IaaS (Azure)
• Comprehensive centralized management and reporting made simple

7. Synchronized Security
7
Admin
Endpoint/Next-Gen EndpointUTM/Next-Gen Firewall Security Heartbeat™
RED Heartbeat
Firewall detects traffic from Endpoint
!

8. Synchronized Security
8
Admin
Endpoint/Next-Gen EndpointUTM/Next-Gen Firewall Missing Heartbeat
MISSING Heartbeat
Firewall detects traffic from Endpoint
?

9. Synchronized Security
9
Admin
Endpoint/Next-Gen EndpointUTM/Next-Gen Firewall Destination Heartbeat™
GREEN Heartbeat
!RED Heartbeat
Connections to/from the compromised system are blocked
Endpoint attempts to connect to compromised system

10. Synchronized Security
10
Admin
Endpoint/Next-Gen EndpointUTM/Next-Gen Firewall Dynamic App Identification
GREEN Heartbeat
Firewall detects unknown traffic from Endpoint
Firewall requests context from endpoint
Application information is exchanged

11. Unified Firewall Rules and Policies
11
Making management easier
All firewall rules in one place
User, Network, Business Applications
Powerful filtering options
By rule type, zone, status or ID
At a glance indicators
Type, source, destination, users, service,
traffic status, heartbeat, QoS, and natural
language description

12. Policy Templates
12
Custom tailored templates enable easy & proper protection for common business apps

13. Enterprise-grade Secure Web Gateway
13
Powerful tools for building sophisticated user and group based web policies
Top-down inheritance policy model
Makes building sophisticated policies easy
and intuitive. The same kind of SWG usually
found only in dedicated enterprise products.
Pre-defined policy templates
Out-of-the-box policies for included for
workplace, CIPA compliance, and more
Powerful customization
Custom define users/groups, activities
(URLs, categories, file types), allowed action,
and time-of-day and day-of-week constraints

14. User Risk Assessment
14
Automatically identifying top risk users on the network
Automatically identifying top risk users
on the network – before they become a
problem

15. App Risk Assessment
15
Automatically identifying top application risks and overall app risk
Risk: Low
A few high risk applications and users are
operating on the network – continue to
monitor the situation carefully
Risk: High
Take action and setup an application
control policy before data loss, abuse, or
illegal activity become a real problem

16. Deployment flexibility without compromise
16
XG Series Hardware
Full range of hardware appliances with wireless AP and RED add-ons
Multi-core processors, solid-state storage, generous RAM
Industry-leading performance at all price points – Miercom tested
Virtual/Software
Vmware, Hyper-V, Citrix XEN, KVM
Flexibility regarding resource assignment and high availability
Compatible with all x86 hardware
IaaS
Available in Microsoft Azure Marketplace
Up and running in minutes with preconfigured VM
Pay-as-you-go or BYOL
Flexible deployment options optimized for today’s business

17. XG Firewall – How to buy
17
Deployment, Licensing and Pricing
Firewall & VPN Wireless
Network
Protection
Web & App
Protection
Email
Protection
Web Server
Protection
XG Series
Appliances
Software/
Virtual
IaaS
Base License
Total Bundle or À la carte
Deployment Choices
NGFW Bundle

18. XG Firewall
How XG does user policy better
18

19. Layer-8 User Identity and Awareness made simple
19
Covers all areas of the Firewall. Consolidated. Easy to Manage
IPS QoS Web Apps Routing

20. Powerful user/group policy enforcement made simple
20
Simply snap-in your sophisticated user and group based polices to a single firewall rule
Define your user/group web enforcement policy Snap-it-in to your desired firewall rule

21. Sophos Transparent Authentication Suite (STAS)
21
Making user identity transparent and reliable. Single-Sign-On (SSO) made easy
Microsoft
Active Directory
Server
STAS
Collector & Agent
No client required on devices for SSO!
XG Firewall
Authentication
Information

22. XG Firewall v16
22

23. 23
HA support for dynamic WAN interfaces
Per-rule and Policy-based routing
Google Apps Control
Microsoft Azure SupportTwo-Factor Authentication
Support for 3rd party URL databases
New Navigation
New AP 15C and RED 15w support
Enhanced Anti-Spam
STAS GUI configuration
Synchronized Security
App Identification
Streamlined Firewall
Rule Screen
Firewall-to-firewall RED tunnels
Clone firewall and other rules
Log Viewer Enhancements
Enhanced Control Center
Email Per-Domain
Routing and MTA
SPX Email Encryption reply portal
Support for 3rd party URL databases
New User/Group Web Policy
Creative Commons SafeSearch
Image Enforcement
Enhanced Security Heartbeat
Firewall domain name
Missing Security
Heartbeat Detection
120!
Over…
New Features

24. XG Firewall v16: Key Focus Areas
User Experience
Creating a more intuitive experience
across all areas of the product from
navigation to policy to logging & more
New Features
Over 120 new features including the 35
most-wanted features from UTM 9
across web, email, 2FA & more
Synchronized Security
Adding new Synchronized Security
features to the arsenal to improve
protection, enforcement and visibility

25. Headline Enhancements
25
New (more familiar) Nav
Redesigned SWG-style Web Policy
Email Enhancements (MTA)
Logging and Troubleshooting
Two-factor authentication
Synchronized Security
Missing Heartbeat
Real-time app visibility
Destination Heartbeat
Microsoft Azure Support

26. Live Demo
26

27. What’s Next
27

28. SFM/CFM for v16
28
Entering beta soon
Full-Featured
Manage all firewall features
Monitoring, alerting, role-based admin
Easy Time Savers
Policy templates make enrollment quick
Firmware update management
Deployment Flexibility
On-Prem (Hardware, Software, Virtual)
Free in the cloud for Partners
Cloud coming for customers in v17

29. Sophos Sandstorm
29
Cloud-sandboxing – coming to XG Firewall in v16.5 (December)
Suspect Control Report
Sophos Sandstorm
Hash ?
Determine Behavior

30. How Effective is It?
30
10-20
One university that deployed Sandstorm blocked over 400 new macro variants in the
first few weeks. Very delighted with the simplicity and effectiveness of Sophos
Sandstorm.
Daily detonated files per customer
0.4-1.8Daily malware detected per customer

31. Sophos Central
Sophos Labs
Analytics | Analyze data across all of Sophos’ products to create simple, actionable insights and automatic resolutions
| 24x7x365, multi-continent operation |
URL Database | Malware Identities | File Look-up | Genotypes | Reputation | Behavioural Rules | APT Rules
Apps | Anti-Spam | Data Control | SophosID | Patches | Vulnerabilities | Sandboxing | API Everywhere
Admin Self Service Partner| Manage All Sophos Products | User Customizable Alerts | Management of Customer Installations
In Cloud On Prem
Synchronized Security Coming in XG Firewall v17
31
Mobile
Server
Wireless
Email
Web
Encryption
Endpoint/Next-Gen EndpointUTM/Next-Gen Firewall Dynamic App Control
Dynamically identifying & controlling applications
Heartbeat in SFOS TAP Mode
Enhancing EP security and intelligence from the side

32. 32

33. 33

34. XG Firewall on Sophos Central
34
•Full-featured multi-device
•On-prem or cloud (partners)
•Single device and HA clusters
•Zero-touch and alerting
•Simple groups & multi-device
•API Support
Sophos Firewall
Manager
Sophos Central
Single Device
Sophos Central
Multi-Device
Q4Q1 Q2 Q3
CY 2017

35. Why Customers Choose Sophos
for their next firewall
35

36. Why customers are choosing Sophos
36
for their next firewall
1. Simpler to manage
We make advanced next-gen protection easier to manage than any other firewall product, making it easier to ensure
proper protection.
2. Instant insights
We include extensive rich on-box reporting at no extra charge and unique insights into risks and activity.
3. Complete protection
We provide more-in-one appliance than any other vendor.
4. Top Performance
Our firewall delivers industry leading performance at every price point.
5. Trusted industry leader
Sophos is among the top 3 vendors in the industry and has been a Gartner Magic Quadrant leader for the past 5 years.

37. A Leader in Unified Threat Management
37
• Sophos first entered into this MQ publication in March 2012,
positioned in the Leader quadrant – and has retained this position for
5 consecutive publications
• Sophos remains one of only three leaders after Dell and WatchGuard
were demoted last year
• Gartner’s perception of Sophos is even better than last year,
recognizing the strength of Synchronized Security, the breadth of our
security portfolio and that we are growing - taking market share from
our competitors
• In relative terms Sophos is edging closer on Fortinet and leaving
smaller vendors trailing further behind
This graphic is published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Sophos.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's
research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
All statements in this report attributable to Gartner represent Sophos’ interpretation of data, research opinion or viewpoints published as part of a syndicated subscription service by Gartner, Inc., and have not been reviewed by Gartner. Each Gartner publication speaks as of its
original publication date (and not as of the date of this presentation). The opinions expressed in Gartner publications are not representations of fact, and are subject to change without notice.
Gartner Magic Quadrant
UNIFIED THREAT MANAGEMENT
Magic Quadrant for Unified Threat Management, Jeremy D'Hoinne, Adam Hils,
Rajpreet Kaur, 30 August 2016