Get the Most From Your Firewall


Published on

Network security implementation has changed a lot in the last few years, but often the way we approach network security in general hasn’t changed much. This presentation takes a fresh look at network security to make sure you’re getting the most out of your firewall.

The firewall in our UTM appliance is easy to use. With an open, visual layout you can be as broad or as detailed as you need. Find out more here:

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • This presentation explores they key network security changes that have implications for your firewall. It will focus on the four Ts: - Technology - Threats - The way we work - Tools
  • Network security implementation has changed a lot in the last few years, but often the way we approach network security in general hasn’t changed much. It’s time to take a fresh look at network security and make sure you’re getting the most out of your firewall.In a recent Sophos survey over one third (34%) of all respondents said they’ve had their firewall for five years or more. If you haven’t reviewed your firewall for a while, there’s a good chance it could be working harder for you.
  • Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity.We began with packet filterswhich delivered the simplest instructions (rules) for inspecting Internet traffic and deciding what to allow through. But soon we realized that more control was necessary. Which led to the creation of second generation firewalls, called stateful filters. These allowed us to create more detailed rules, but were still focused on the type of Internet traffic.Today understanding traffic flow isn’t enough. It’s also important to know what’s inside that traffic. Which brings us to application level firewalls, also known as next generation firewalls. So as you can see, firewalls are not a static commodity. And if you haven’t updated yours for a while, there’s a good chance it could be doing a lot more for you.
  • Some of the key technology developments that have implications for network security include: - Wireless: Wireless enables users to connect to your network from roaming locations and from a wide range of devices. Great for productivity, but a threat to the security of your network and data. Both in terms of what might get on and what might come off. - VPN: Remote access: Users increasingly want – and often need – to have full access to the corporate network when working remotely. Virtual private networks have existed for many years but recently VPNs have become more prevalent due to significant cost reductions, increased bandwidth, and security. It’s likely that these IP based VPNs will ultimately find their way into almost every network based communications activity, including inside corporate local area networks - Private cloud: This is where cloud-based infrastructure is operated solely for a single organization, whether managed internally or by a third-party and hosted internally or externally. - IPv6: IPv6 presents new challenges for both monitoring and traffic management. Tools are immature, and lack feature parity. You can’t depend on NAT, and firewall rules must take all traffic into consideration. BYOD: And the seismic change in consumer technology, with Smartphones and tablets, means users increasingly want to use their own shiny devices for work, devices that you can’t control or that lack standard corporate security features.Adopting new technologies such as these is fast becoming a must-do, not to gain competitive advantage but rather to stay in the game. If you don’t open your arms to them, you’ll get left behind.
  • What do these technology changes mean for security? Essentially they mean a whole load more for Network Administrators and IT Security Managers to consider. Not only do you need to keep up with security for traditional in-office computers, but you also need to enable users to take advantage of these new technologies without adversely impacting your network or your data.
  • Todaynearly all modern threats are web-based.SQL injection, phishing, spam and malware distribution have all migrated to the web. The web is available to everyone and cyber criminals prey upon unpatched users, programming flaws and poor human judgment to deliver their attacks.Considering that 21% of organizations we surveyed have had an outage due to a malware infection in the last year it is no wonder that two in five have concerns about the increasing sophistication of threats for their network security.
  • While traditional methods provide some protection against worms and automated protocol attacks, the reality is that trying to use 20th century tools against 21st century threats compromises your ability to defend your networks, and, more importantly, your data.When it comes to network security, it’s no longer just about the direction of traffic or which port numbers it is traversing. Rather it’s about the intent of the payload. The device you use to connect and the medium you connect over matter just as much as any other factor. The threat landscape has changed, but there’s no reason to panic. We just need to make sure we have the right security solutions for today’s and tomorrow’s threats.
  • Over the last 20 years they way we work has changed significantly. Road warriors in the cafe, car or customer site need the same IT functionality and access to data as in the office. Over recent years the boundaries between personal and professional have become ever more blurred. And it’s different from generation to generation. For those who are new to the workforce, stopping access to personal devices and social media sites in the workplace seems outrageous. For them multi-tasking between work and social activities is as natural as breathing. And of course consumer devices – smartphones, tablet PCs – are now commonplace in the workplace.
  • Users expect to securely access any necessary data from anywhere, on every device. This demands a shift in thinking. Protection of sensitive information must be done based upon the need to secure that data, not on where it is located.Breaches will happen, so no matter where information resides it must be protected. We need to find a way to allow authorized access to information anywhere it might be needed in a world fraught with threats.
  • Network security tools have changed significantly over the last 20 years. Back then the choice was between best of breed point products, which gave the best protection but required more management. Or a UTM solution that required customers to compromise on protection in return for the easier management.Things have changed with Sophos UTM, the first unified product on the market that doesn’t require compromise. It gives you an all-in-one easy to manage solution utilizing the latest technologies backed by SophosLabs.However you want to manage your network security, point solutions or unified protection, we can help.
  • Let’s take a quick look at the UTM and the optional modules you can add to enhance your security.Firewall: At the heart of the solution is the firewall.The duties of a firewall include more than just being a traffic cop. Sophos UTM not only analyzes traffic, but provides secure VPN functionality and audit logging to keep a close eye on what’s transiting your network.Network Security: Network security is an important component in a comprehensive defense. Sophos Network Security providessecure access while watching for known malicious behavior which is an essential starting point to limiting the risks to your traffic. While the Branch Office functionality enables you to securely connect remote sites to headquarters simply, quickly and cheaply.Web Security: The vast majority of threats enter modern networks through web exploits and social engineering. Sophos Web Security lets you filter websites by category or by only looking for malicious content. This limits access to dangerous content and is one of the most effective techniques at reducing risk.Mail Security: Email security is considered old hat to many IT professionals, but it’s a lot more sophisticated than one might think. Sophos Mail Security gives you the best protection against phishing, targeted attacks while making it simple to encrypt and send secure emails.Web Application Security: This module filters the inputs and attacks targeting your websites can help defend against some of the most public data leakage incidents making the news. Web filtering is a two-way street – both keeping what should stay in, in, and what needs to stay out, out.Wireless Security: the Wireless Security module lets you consistently configure your wireless networks across the enterprise with the ability to segregate guests, mobile devices and managed PCs control access to sensitive informationEndpoint Management: use the Sophos UTM as the one place to manage and report on all your security tools with integrated management of your Sophos Anti-Virus clients.
  • SophosUTM is a 21st century solution, designed to enable you to take advantage of today’s – and tomorrow’s – technologies and working practices. You can add modules as and when you need them – whether you need to enable secure wireless networks, securely connect branch offices, or enable road warriors to connect in securely.With regards the changing threat landscape, the truth is there is no silver bullet to stopping modern threats. Different techniques like anti-virus, web filtering, application control and web application firewalls are all effective at combating different attack vectors. A comprehensive solution is necessary to provide an effective defense. And Sophos UTM gives you just that, all managed through one easy-to-use console.And our threat protection is backed up by SophosLabs. Our global threat centers research threats from their origin and deploy protection from those threats based upon the most successful methods available to prevent exploitation. Working as a single unit, SophosLabs are able to inform our products to identify malicious content, regardless of technology or origin.Of course, you may not want to take advantage of every security option initially, but the Sophos UTM is designed to grow with your needs. The next generation of technologies to shore up our defenses is unknown, but the design of the Sophos UTM allows you to add functionality to your existing investment without the need for additional hardware or complicated rip and replace projects.
  • Get the Most From Your Firewall

    1. 1. Get the Most From Your FirewallHow your firewall can do more to meet today’s security needs
    2. 2. Agenda Changes in the security environment  Technology  Threats  The way we work  Tools Introducing Sophos UTM Real life case studies2
    3. 3. Remember the ’90s?Think back to the time before the mobile revolution You didn’t have to worry about all of these:3
    4. 4. The history of firewallsFirst generation to next generation 1st generation: 2nd generation: 3rd generation: Packet filters “Stateful” filters Application level4
    5. 5. What’s changed: Technology  Wireless  IPv6  VPN  BYOD  Private cloud5
    6. 6. Security implications:A lot to think about6
    7. 7. What’s changed: Threats  SQL injection  Phishing  Spam  Malware7
    8. 8. Security implications: Data loss8
    9. 9. What’s changed:The way we work Road warriors Remote offices Consumer devices9
    10. 10. Security implications:Protecting data everywhere10
    11. 11. What’s changed: Tools Point Products vs. Unified Threat Management (UTM) Back in the ’90s: Best of breed individual solutions or Compromise on protection for convenience Sophos today: Best of breed individual solutions or Best of breed unified solution vs.11
    12. 12. UTM: Firewall  Application Awareness  User Awareness  Visibility12
    13. 13. UTM: Wireless protection  Guests  BYOD  Remote Offices13
    14. 14. UTM: Endpoint protection  Global Visibility  Latest Protection  Removable media control14
    15. 15. UTM: Network protection  Intrusion Prevention  VPN  Remote Offices15
    16. 16. UTM: Web protection  Web security  Content filtering  Application control16
    17. 17. UTM: Email protection  Anti-virus  Encryption  POP3/IMAP filtering  Anti-spam/anti-phishing17
    18. 18. UTM: Web server protection  SQLi/XSS protection  Anti-virus  Form hardening  Cookie protection18
    19. 19. Sophos UTM UTM Endpoint Protection • Antivirus • HIPS • Device Control UTM Wireless Protection UTM Network Protection •Wireless controller for optional • Intrusion prevention Sophos access points • IPSec/SSL VPN •Multi-zone (SSID) support • Branch office security Essential Network Firewall • Stateful firewall optional • Network address translation optional • PPTP/L2TP remote access UTM Webserver Protection UTM Web Protection • Reverse proxy optional • URL Filter optional optional • Web application firewall • Antivirus & antispyware • Antivirus UTM Email Protection • Application control • Anti-spam & -phishing • Dual virus protection • Email encryption19
    20. 20. Protection for today’s needs20
    21. 21. Complete security Everything you need to stay protected Endpoint Web Email Data Mobile Network Anti-malware Anti-malware Anti-malware Disk Encryption Anti-malware Unified Threat Management Firewall Intrusion Malicious Anti-spam Mobile Control Secure branch offices prevention URL Filtering File encryption WiFi security Application Producttivity Mobile appDevice Control Data Control Key management Control Filtering security Web Application Endpoint Web Anonymising Proxy Email Device Control FirewallAccess control Protection blocking encryption Data Control Encryption Patch Manager Content control Email archiving Encryption Virtualization for cloudData Control HTTPS Scanning
    22. 22. Staying ahead of the curveStaying ahead of the curve US and Canada 1-866-866-2802 Sophos on Google+ UK and Worldwide + 44 1235 55 9933 22