Sophos XG Firewall with Security Heartbeat - Synchronized Security

Sophos XG Firewall - Security Heartbeat

22. JANUARY 2016

In November last year, Sophos officially released the new XG series, marking a major milestone on its roadmap. To understand how a product like this - which we are already running in production (Sophos XG 125) - came to be, especially on the software side, you need to look back at least to 2011. That was when Sophos acquired the German company Astaro. Three years later, Sophos also acquired its competitor Cyberoam, founded in India in 1999.

The new Sophos XG Firewall is built from Astaro and Cyberoam components and combines only the best of both systems.

Killer feature - Security Heartbeat

With the new XG Firewall, Sophos has enabled direct communication between the firewall and the endpoints. As the first vendor to do so, Sophos is delivering Synchronized Security, designed to protect against increasingly sophisticated cyberattacks.

Faster detection of threats
Active identification of the origin of the threat
Automatic response to incidents

New XG hardware

To accompany the new Sophos Firewall OS, the new XG hardware is being introduced. However, it is not entirely new. The XG series is identical to the SG series; only the pre-installed operating system differs.

The Sophos SG ships with Sophos UTM 9.x
The Sophos XG ships with Sophos Firewall OS

Datasheet: Sophos XG Appliances

How Security Heartbeat works

To benefit from Security Heartbeat, you need an SG or XG appliance running the new Sophos Firewall OS. On the endpoints, protection is provided by Sophos Central, which is now also hosted in German data centres.

As soon as a new Sophos-protected device is added to your network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and reports that device’s security status. Threats are sent to the firewall in real time, allowing it to deny the client access to the internet or corporate servers, depending on your configuration. In the near future, the client will also be able to have the keys used for data encryption revoked. Only when the firewall again classifies the client as ‘clean’ will it receive its keys back. The systems continually exchange information, enabling a much faster response to attacks. Smart, isn’t it?

This new technology makes it possible to protect yourself more effectively against emerging internet-borne threats. Security violations are handled in real time to prevent, for example, malware outbreaks or data theft.

“No other company is currently able to offer this type of synchronised and integrated communication between endpoint and network security products. The resulting savings in time and resources are particularly attractive for the SME segment, as is the ability to counter increasingly sophisticated cyberattacks.” Christian Christiansen, Vice President of Security Products at market research firm IDC

Admittedly, the new Sophos Firewall OS has very little in common with Sophos UTM 9.x. It takes some time to get used to the new interface. However, Security Heartbeat alone is reason enough to give the new firewall OS a chance. Make your network more secure using Synchronized Security.

If you would like to try the new Sophos Firewall OS, you can either install it on a Sophos SG or simply buy a Sophos XGS Firewall.
For your endpoints, there is Sophos Central Endpoint with Sophos Central Endpoint Intercept X, or both products combined as Intercept X Advanced.

If you need help with configuration, we are of course happy to support you.

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.