sophos utm-roadshow-south africa-2012

UTM meets EndpointDu Preez van WykNetXactics – Sales Consultant

At a glance: Network Security Group

3

The Network Security Group of Sophos (formerly Astaro) is Europe’s market leader for Unified Threat Management (UTM).

• The Astaro business was founded in 2000 and is since 2011 part of Sophos

• Constantly gaining market share• Common Criteria and ICSA

certified products• Received more than 120

product awards• Approximately 65.000 installations• Design and engineering

made in Germany

Unified Threat Management

Crackers Botnets Spam Phishing Scam Hoax Viruses Spyware Gray ware

Intrusions Denial of Service Distributed Denial of Service Ping floods Eavesdropper

Script Kiddies Espionage Malware Root kits Adware P2P File sharing Trojans Spit Bots Backdoors Buffer Overflows Hackers Malcode Bugs Key loggers Crime ware

Pharming Competitors Identity theft Exploits DNS poisoning Snarf attacks Spam bots Spy bots Trap doors War driving Ransomware ASCII bombs Bluesnarfing

Worms Decrypting Reverse engineering Phreaking Port Scanning

Internet threats on the increase

8

Cost Time Investment

Network security solutions today

9

Router

Firewall

IPS

SSL VPN Gateway

Email/Spam Filter

Anti Virus Filter

Web Filter

WAN Link Balancer

Load Balancer

Total:

Roadwarrior

Modern IT-Security challenges (1)

10

Protect internet communication with office computers and servers

Internet

Central office

Branch office

VPN

VPNNetwork Security

Modern IT-security challenges (2)

11

Protect communication with endpoints and endpoints itself

Internet

Central office

Roadwarrior

Branch officeMobile user Endpoint Security

& Mobile Control

Sophos UTM v9 Unified threat management appliances

Our all-in-one approach

13

Complete protection for your network

Central, browser-basedmanagement & reporting

of all applications

VPN & wirelessextensions

Software Appliance

Flexible Deployment

Virtual Appliance

Integration of complete email, web& network protection

Networking features for high availability and load balancing

Endpoint Security& Mobile Control

UTM v9

Device Control AntiVirus

Endpoint Protection

optional

Security features

14

Enterprise-class security for small and mid-size businesses

• Wireless Controller forAstaro Access Points

• Multi-Zone (SSID) support

• Captive Portal/Voucher

Wireless Protection

optional

• URL Filter• Antivirus & Antispyware• Application Control

Web Protection

optionaloptio

nal

• Reverse Proxy• Web Application Firewall• Antivirus

Web Server Protection

• Anti Spam & Phishing• Dual Virus Protection• E-Mail Encryption

Mail Protection

optional

• Stateful Firewall• Network Address Translation• PPTP/L2TP Remote Access

Essential Firewall

Network Protection

optional

• IPS incl. MAPP• IPSec/SSL/RED VPN• WAN Link Balancing• SSL Portal (HTML5)

Management made easy

Individual UserPortal Comprehensive ReportingIntuitive Dashboard

15

Sophos UTM

16*Pricing based #IPs/Users

HardwareAppliance 110/120 220 320 425 525 625 Multiple

+ RED

Environment Small network

Medium network

Medium network

Large network

Large network

Large network

Large networks+ branches

Network ports 4 8 8 6 & 2 SFP 10 & 4 SFP 10 & 8 SFP Multiple

Max. recommended firewall users

10/80 300 800 1.500 3.500 5.000 10.000+

Max. recommended UTM users

10/35 75 200 600 1.300 2.000 5.000

Software Appliance * Runs on Intel-compatible PCs and servers

VirtualAppliance *

VMware Ready & Citrix Ready certified Runs in Hyper-V, KVM, and other virtual environments

Branch Office SecuritySecurely connect branch offices

Branch Office Security - challenges

18

Businesses with many small branch offices need an easy and affordable way to connect them back to the headquarter location and keep their Internet access secure.

MPLS and managed VPN services

Low-end UTM appliances

Available solutions

Routers for private users

19

Sophos RED

20

The easiest and most economic way to secure your branch offices in a few minutes – without the need for technical personnel at the remote site!

Deployment scenario

21

Sophos Branch Office Security

Remote Office Central Office

1. Enter RED name & ID3. Connect RED Device

2. Automatic

storage of the

configuration

4. Aut

omat

ic

requ

est f

or th

e

conf

igur

atio

n

Sophos UTMInternet Router

5. Establish Tunnel

RED

Ship the RED without configuration

Sophos Provisioning Service

Technical information

23

Sophos RED 10

• Solid steel chassis• No moving parts• 1 WAN port• 4-Port LAN switch• 1 USB 3G/UMTS modem port• 30 Mbit/s VPN-throughput• <7 Watt power consumption• Unrestricted users• No buttons, no GUI

Wireless ProtectionSecure wireless networks for businesses

Wireless networks – challenges

25

Businesses need an easy-to-use, secure and reliable possibility to integrate wireless devices into their business networks.

Enterprise wireless solutions

Low-end UTM appliances with integrated Wi-Fi

Available solutions

Access points for private users

26

Deployment scenarios

27

Sophos Wireless Protection

Easy installation

28

Guest

Internet Finance

Sophos UTM

Hotspot aka Captive PortalSecure Internet access for guests in companies, hotels & other typical hotspot areas

29

#2 Feature Request on http://feature.astaro.com

• Wireless and wired• Operating-Modes

• Disclaimer-Page• Password of the Day• Vouchers with time/data quota• Guest-Registration within the

Enduser-Portal• Customization of the Portal-Site• Part of the Wireless Subscription

Sophos Access Points

AP 10• Up to 10 users• 150 Mbit/s throughput• 1 x 10/100 Base TX• IEEE 802.11 b/g/n

AP 50• Up to 50 users• Dual-band/dual-radio • 2.4Ghz and 5GHz• IEEE 802.11 a/b/g/n • 300 Mbit/s throughput• PoE+ (IEEE 802.3at)

AP 30• Up to 30 users• 300 Mbit/s throughput• 1 x 10/100 Base TX• IEEE 802.11 b/g/n• Power over Ethernet (IEEE 802.3af)

AP 5• Up to 7 users• USB Access Point• Wifi extension for RED10 rev.2/3

30

Additional Feature ExamplesAlways State-of-The-Art

Application Control aka Next Generation Firewall

• Patterns for ~600 relevant applications• Deep Layer-7 inspection for true application

identification (Next Generation Firewall)• Unclassified application feedback• Complete control to block, allow, shape, and prioritize• Detailed real-time reporting and forensic history• Graphical flow-monitor shows everything as it happens

Clientless SSL VPN

• Browser based VPN without additional software

• IE > v10, Firefox > v6, Google Chrome• No Java / ActiveX or Flash!• Applications:

• Remote Desktop• VNC• Telnet• SSH• Webapp (HTTP / HTTPS)

HTML 5 VPN Portal

#1 Feature Request on http://feature.astaro.com

Endpoint ProtectionComplete Security – Better Together!

Branch Office

UTM Endpoint ProtectionAlways connected and up-to-date – everywhere

35

Internet

Central Office

Roadwarrior

Live ConnectService

Mobile User

UTM 9.1

Policies

Policies, Events, Updates

Policies, Events, Updates

Endpoint Management

36

Sophos UTM 9 - Roadmap

37

Nov DecJan Feb Mar

2012OctApr May Jun Jul Aug Sep Jan Feb Mar Apr

2013May Jun

UTM 9.0

GUI in Sophos DesignSAV IntegrationUTM Endpoint Protection• Device Control• AV & HIPS

Clientless SSL VPNHotspot support • “Captive Portal”

UTM 9.1

Extended Endpoint Protection• Web Filtering (policy sync.)• Client Firewall (policy sync.)• DLP• Full Disk Encryption• MAC OS support

Extended Wireless Protection• Repeater, Wireless IDS,

Rogue AP detection

UTM Mobile Control• Remote Lock & Wipe• Central App. Mgmt.• Email Access Mgmt

UTM 9.2

Extended Endpoint Protection• App.Ctrl (client/UTM comm.)• Device & Media Encryption• VPN client

TBA• ….

UTM 9.0 UTM 9.1 UTM 9.2

Sophos UTM v9

38

Conclusion

Complete Security• UTM with the most comprehensive feature set on the market• UTM meets endpoint – full integration of endpoint security

Without Complexity• Single intuitive GUI for all functionalities• Unique plug`n`play Wifi and VPN technology

Let´s cut the costs• All-In-One vs. bunch of point solutions• Tailor made subscription plan• “Keep things simple”

Thank you very much!Questions?

Sophos UTM Contact: dupreezvw@netxactics.co.za