Sophos XG Firewall – Security Heartbeat
Sophos has now officially released the new XG series in November last year, marking a major milestone in their roadmap. For such a product, which is already in use at our company (Sophos XG 125), to be created, especially at the software level, you have to go back in the history books at least to 2011. Sophos bought the German company Astaro at that time. Three years later, Sophos also acquired Cyberoam, a rival company founded in India in 1999.
Formed from the components of Astaro and Cyberoam, the new Sophos XG Firewall combines only the best of both systems.
Killer Feature – Security Heartbeat
What Sophos has accomplished with the new XG Firewall is communication between the firewall and the endpoints. Sophos is thus the first company to introduce Synchronized Security, which is designed to provide protection against the increasingly sophisticated cyberattacks.
- Faster threat detection
- Active identification of the source of the threat
- Automatic response to incidents
New XG Hardware
Matching the new Sophos Firewall OS comes the new XG hardware. But this one is not that new. The XG series is identical to the SG series, only the pre-installed operating system is different.
- The Sophos SG comes with the Sophos UTM 9.x
- The Sophos XG comes with the Sophos Firewall OS
Datasheet: Sophos XG Appliances
How does the Security Heartbeat work
To benefit from the security heartbeat at all, an SG or XG appliance running the new Sophos Firewall OS is required. Endpoints are protected by Sophos Central, which is now also hosted in German data centers.
Then, as soon as a new Sophos-protected endpoint device is added to your network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and communicates the security status of that device. Threats are transmitted in real time to the firewall, which then denies the client access to the Internet or the company server, depending on the configuration. In the near future, the client may also be deprived of the keys used for data encryption. Only when the firewall classifies the client as “clean” again, it gets the keys back. The systems therefore exchange information, which means that attacks can be responded to much more quickly. Pretty clever, isn’t it?
This new technology makes it possible to better protect against the new threats from the Internet. Security breaches are responded to in real time, for example, to prevent a malware outbreak or data theft.
“No other company is currently able to provide this kind of synchronized and integrated communication between endpoint and network security products. The resulting time and resource savings are very attractive, especially for the SMB sector; as is the ability to stand up to increasingly sophisticated cyber attacks.”
Christian Christiansen, Vice President of Security Products at market researcher IDC
Admittedly, the new Sophos Firewall OS doesn’t have much in common with Sophos UTM 9.x anymore. It takes some time to get used to the new interface. But just the security heartbeat is reason enough to give the new Firewall OS a chance! Make your network more secure with Synchronized Security.
- If you want to try the new Sophos Firewall OS, you can either install it on a Sophos SG or you can just buy a Sophos XGS Firewall. 🙂
- For your endpoints, there’s Sophos Central End point with Sophos Central Endpoint Intercept X, or both products together as Intercept X Advanced.
If you need assistance with the configuration, we will of course be happy to help.