Avanet Epic Protection for XGS 3300
Learn more about the
Avanet Epic Protection
In an ever-changing digital landscape, simple protection measures are often no longer enough. Epic Protection is at the forefront of modern defense, providing a comprehensive, adaptive security solution based on the latest technologies and insights. With purpose-built capabilities to identify and neutralize even the most sophisticated and hard-to-detect threats, Epic Protection sets a new standard. It is the first choice for companies that want to be one step ahead of the digital challenges of today and tomorrow. Epic Protection embodies not only the latest in security technology, but also Sophos's pursuit of excellence and pioneering in the digital security industry.
Network Protection - First-class protection for your network
- Intrusion Prevention System (IPS): This security module continuously monitors network traffic, including traffic between internal networks (VLANs). SSL/TLS Inspection integration enables IPS to scan decrypted traffic. When suspicious activities or attack patterns are detected, they are blocked immediately to ensure network security and data safety.
- Advanced Threat Protection (ATP): Analyzes incoming and outgoing network traffic for threats. ATP allows you to detect compromised clients on your network and log or block traffic from these devices.
- VPN enables secure connections for remote workstations and site-to-site networking via IPsec or SSLVPN. With VPN, employees can access corporate resources securely and efficiently from anywhere.
- SD-WAN: optimizes network performance by intelligently leveraging multiple WAN links, maximizing bandwidth and minimizing latency. Unlike expensive MPLS lines, SD-WAN or the SD-RED VPN provides a simple and cost-effective way to establish and manage secure connections between multiple sites.
- DoS & DDoS Protection: These security mechanisms detect and fend off overload attacks as well as targeted sabotage attempts aimed at crippling your IT infrastructure. Constant monitoring and real-time intervention of your network keeps it available and performing in critical situations.
- Synchronized Security and the Security Heartbeat, the Sophos Firewall combined with Network Protection provides efficient communication between Sophos security solutions. These mechanisms improve the efficiency of threat detection and response by sharing security information between endpoints and network products.
- Xstream TLS Inspection: This allows Sophos Firewall to inspect encrypted traffic to identify potential threats. This makes it possible to detect and block dangerous content hidden in encrypted connections without compromising the user's privacy.
- Deep Packet Inspection (DPI) analyzes all network traffic, not just header information, to detect threats. Detection of malware, malicious applications, and other risks improves network security and enables targeted security policy adjustments. By using DPI in your Sophos Firewall, you can strengthen your defenses against cyberattacks.
Web Protection - decrypt, monitor, control and analyze Internet traffic
- URL filtering: This security measure blocks access to dangerous or non-compliant websites. SophosLabs makes it possible to use an extensive database of millions of websites to ensure that users are kept away from malicious content.
- Synchronized App Control: This innovative feature is part of Sophos's Synchronized Security. It enables detection, classification and control of unknown applications on the network. Seamless information sharing between different Sophos products allows network anomalies to be detected more quickly and responded to accordingly.
- Xstream TLS Inspection: At a time when more and more web traffic is encrypted, Xstream TLS Inspection ensures that organizations are not blind to threats. It decrypts, analyzes and re-encrypts SSL/TLS traffic while maintaining user privacy and security. This ensures that encrypted threats do not go undetected.
- Traffic shaping for web and applications: Traffic shaping and QoS tools in Sophos Web Protection enable organizations to use network resources efficiently. Targeted prioritization of traffic can optimize critical business applications and restrict non-essential traffic as needed.
- Web Control: This tool provides unprecedented control over users' web access. An extensive URL filtering database and detailed filtering options allow organizations to target web access, improving both security and productivity.
- Protection against web threats: Sophos Web Protection arms businesses against a wide range of online threats. From viruses to unwanted applications, the solution protects networks and users from malicious attacks and ensures they are protected in the ever-changing cyber threat environment.
- Dual Engine Antivirus: Sophos Web Protection uses both its own and a second, independent malware detection engine from Avira. This ensures that all downloaded data is thoroughly scanned for any malware.
- Content Control: Organizations can restrict or block the download of specific file types based on security and business requirements, with control based on file type, extension, and active content types.
- Phishing Protection: Protection against pharming attacks is essential. Sophos Web Protection ensures that users are not redirected to fake websites that could steal their personal data.
- HTTPS Scanning: Since much of the web traffic is encrypted, it is important to scan this traffic for threats. Sophos offers Xstream TLS Inspection to analyze encrypted traffic without compromising user security or privacy.
- Application Control: This technology works at layer 7 level and detects and controls the data traffic of applications. Organizations can prioritize network traffic, block unwanted applications and optimize bandwidth usage to ensure a smooth network experience.
- Time-based Web Browsing: IT administrators can use this feature to control users' web access based on schedules. Companies can set surfing time limits by user or group to ensure that the Internet is used productively during working hours.
- Reporting: Sophos Web Protection's comprehensive reporting capabilities provide organizations with valuable insight into web and application activity. Detailed logs and analytics visualize web access, application usage, and detected threats, enabling IT managers to make informed decisions and continuously optimize security strategy.
Sophos Zero-Day Protection is not just an additional license, but a critical component of a robust, multi-layered security architecture. This license supplements your Sophos Firewall with additional protection mechanisms against Advanced Persistent Threats (APTs) and zero-day malware, especially in the area of web and email protection.
- Next-generation sandboxing: Isolates and analyzes unknown threats in a cloud-based sandbox to assess their risk.
- SophosLabs Intelix Integration: Suspicious downloads and email attachments are analyzed through a combination of machine learning, sandboxing and research.
- Full system emulation: A deep understanding of the behavior of unknown malware enables the detection of threats that other solutions may miss.
Threat analysis process: When a user downloads a file or the email engine (MTA) of the Sophos Firewall recognizes a file attachment in an email, a hash of the file is first created and sent to Sophos. If the file is already known to be secure or insecure, the result is immediately reported back to the firewall and the download or e-mail attachment is handled accordingly. If the file is unknown, it is sent to Sophos Labs Intelix for further analysis. There it is analyzed in a sandbox. The check is only carried out for supported file formats and files that are no larger than 10 MB. A scan can take between 10 and 15 minutes, during which time the user must wait for a web download.
Not a replacement for endpoint protection: It is important to emphasize that Sophos Zero-Day Protection is an additional layer of protection and is not a replacement for solid endpoint protection. Many customers misunderstand this and think that the firewall takes care of everything. We strongly recommend installing high-quality endpoint protection in the first instance.
With Sophos Zero-Day Protection, you can strengthen your security infrastructure and be better armed against the diverse and complex cyber threats attacking businesses today.
Sophos Central Orchestration
SD-WAN: Sophos Central Orchestration lets you overcome the challenge of manually setting up VPN connections between multiple firewalls. The platform makes it possible to connect multiple firewalls in just a few clicks, which makes work much easier. Furthermore, it supports various network structures such as full mesh networks, hub-and-spoke models and tunnel setups. Built-in SD-WAN capabilities improve network performance and resilience, making network management both more efficient and more secure.
Central Firewall Reporting Advanced (Light) - Logs for 30 days: With the light version of Sophos Central Firewall Reporting Advanced, you get a powerful cloud-based reporting tool. It stores firewall data for 30 days and provides comprehensive insights into your network security. Get valuable insights into threats, compliance, and user activity with a variety of predefined and customizable reports.
Central MDR and XDR Connector: This feature includes the Sophos XDR and MDR Connector, which leverages firewall data for cross-product extended detection and response and provides a 24/7 managed threat response service. While Sophos MDR provides a 24/7 managed threat hunting and response service, Sophos XDR provides advanced detection and response capabilities for your own team. Your Sophos Firewall is configured to securely transmit relevant threat data to the cloud.
Sophos Webserver Protection - Secure internal web servers from attacks
- Policy templates for business applications: Preconfigured templates make it easy for administrators to implement optimal security settings for popular applications such as Microsoft Exchange, SharePoint, and Skype for Business.
- Protection against the latest hacks and attacks: Current and emerging threats are consistently defended against thanks to advanced protection technologies, including Intrusion Prevention System (IPS), Advanced Threat Protection (ATP) and Web Application Firewall (WAF).
- Reverse proxy: With the integrated reverse proxy, data traffic can be efficiently controlled, performance optimized and, above all, web server security guaranteed.
Sophos Email Protection - Protect Internet mail servers from spam, dangerous attachments
- Integrated Message Transfer Agent: Enables efficient processing and filtering of email directly through the firewall, optimizing the performance of the internal mail server.
- Sandboxing: A special feature that analyzes email attachments in a secure, isolated environment to identify and defend against potential malware threats.
- Live anti-spam: Unsolicited emails are detected and blocked in real time, maintaining the integrity of the email system and keeping employees productive.
- Self-Service Quarantine: A feature that allows users to securely review and manage potentially dangerous or unwanted emails.
- SPX email encryption: An advanced technology that secures confidential emails and ensures that only authorized recipients have access.
- Data Loss Prevention: An essential tool that prevents accidental or intentional loss of sensitive data and enables administrators to enforce policies to monitor email content.
- Block unwanted content: This feature allows you to monitor and, if necessary, block specific file types in emails to increase security and ensure compliance with policies.
Enhanced support - access to Sophos experts 24/7 and extended warranty
- Sophos Support: Sophos Support is always available to help you with technical challenges or questions. Open support tickets or call directly to the specialized Sophos team, available around the clock, 24/7. Benefit from the expertise of experienced technicians who will deal specifically with your request and ensure a speedy solution.
- Important note about using support: Enhanced Support is there for you if you believe that a feature of your firewall is not working correctly. However, it is not designed to fill gaps in your own knowledge of how to configure the firewall. In such cases, we will be happy to assist you according to our support conditions.
- Firmware updates: Sophos Enhanced Support ensures that your firewall is always up-to-date thanks to regular firmware updates. So you always enjoy the latest features and the best possible security. Without this license only 3 firmware updates are included for free.
- Security hotfixes: Sophos provides regular security hotfixes to quickly respond to newly identified threats and close security gaps. These hotfixes ensure that your systems remain robust against current and emerging security threats.
- Pattern Updates: These updates ensure that your Sophos solution always has up-to-date detection patterns. This allows it to effectively identify and defend against known malware, viruses and other harmful content. Pattern Updates keeps your security infrastructure up to date and reliably protects you from threats.
- Extended warranty: More security beyond the standard warranty. Enhanced Support extends the warranty period of your Sophos Firewall up to 5 years.
- Advance exchange in the event of a warranty claim: In the event of a hardware defect, an uncomplicated advance exchange is available to you. This way, your firewall infrastructure is fully functional again as quickly as possible.
Let us improve your safety
Our services are designed to help you keep your Sophos products running securely and reliably. In addition to the classic support for Sophos Firewalls or the Central platform, we offer the following services, which can be requested from us at any time:
Security auditsRequest more information
Want to have your Sophos products set up by professionals? We support you during commissioning and configuration for smooth operation.
You would like to change from your SG Firewall (UTM) to a XGS Firewall with the SFOS operating system? Thanks to our experience, we can also manage your changeover without any worries.
You have set up your Sophos products yourself and would like us to check the configuration? We will check your settings and give our recommendation.
Is it your job to be knowledgeable about Sophos products in your organization? We offer targeted training that is completely tailored to your needs.
Deepen your knowledge and learn more about the “Sophos XGS Firewall”
EDUCATION & GOVERNMENT
Special awards for educational and government institutions
Sophos offers special discounts for schools and government institutions to meet specific budget requirements. A discount of at least 20 % can be expected.*
Ask us and we will prepare an offer for you completely free of charge and without obligation.
* Special pricing for educational and government institutions is only available in the DACH region.Request special prices
Try Sophos Firewall free
Familiarize yourself with the Sophos Firewall user interface before purchasing. See for yourself how intuitive this advanced operating system is and learn about all the features of Sophos Firewall.
Use the online demo for instant access directly in the browser, without installation. Or download the Sophos Firewall software for free (ISO) and install it on your own hardware.
Use the following credentials to start your online demo. Username: demo / Password: XG@dem0user
Help with purchase
Are there any questions about the product?
It is better to ask again before buying, before you end up holding the wrong product in your hands.Ask question