Sophos XG 86 Network Protection
Learn more about the
Sophos Network Protection
The Sophos Firewall Network Protection provides comprehensive security features to protect your IT infrastructure from cyber threats. This page explains the key features of the license.
The Network Protection is critical to your Sophos Firewall because it provides world-class security features while optimizing the performance of your network.
Synchronized Security and Security Heartbeat are features of Sophos Firewall with Network Protection that enable seamless communication between Sophos security products. These features improve threat detection and response by sharing information about the security status of endpoints and network devices.
Xstream TLS Inspection enables Sophos Firewall to monitor encrypted traffic and scan for threats. This allows the firewall to detect and block malicious content in encrypted traffic without compromising user privacy.
SD-WAN (Software-Defined Wide Area Network) is a feature of Sophos Firewall with Network Protection that provides centralized control and optimization of network connections across multiple sites. SD-WAN improves network performance, increases resilience, and lowers the cost of traditional MPLS links.
Deep Packet Inspection
Deep Packet Inspection (DPI) enables in-depth analysis of data traffic in the network. Unlike traditional packet inspection, which is limited to header information, DPI analyzes the entire content of data packets, including payload and headers. This enables the detection of suspicious activity, malware and other threats.
Deep Packet Inspection offers the following advantages:
- Advanced detection: DPI enables detection of a wide range of threats that may be missed by traditional packet inspection methods. These include advanced attack techniques, malware, and data leaks.
- Protection against malicious applications: By analyzing traffic in detail, DPI can identify malicious applications and scripts. These attempt to bypass security assumptions or extract sensitive information.
- Improved network security: The ability to detect threats at a deeper level enables improved network security and reduced risk of cyberattacks and data loss.
- Customizable security policies: IT administrators can create and configure custom DPI policies to tailor protection to their organization's specific needs. This allows targeted security assumptions to be implemented for specific applications or types of traffic.
- Performance monitoring: Deep packet inspection also enables network performance monitoring, helping IT administrators identify and resolve bottlenecks and quality of service issues.
By implementing Deep Packet Inspection in your Sophos Firewall, you benefit from advanced threat detection, increased network security, and better control of your IT infrastructure. The detailed traffic analysis that DPI provides is a critical factor in preventing cyberattacks and protecting your network.
Intrusion prevention is an important feature of Sophos Firewall Network Protection. It detects and blocks intrusion attempts and cyberattacks in real time. The Intrusion Prevention System (IPS) scans network traffic for anomalies and suspicious activity to detect threats early and initiate countermeasures. It uses advanced technologies and regularly updated signature databases.
Benefits of Intrusion Prevention:
- Proactive protection: IPS provides proactive protection against known and unknown threats. It detects suspicious activity and exploit attempts on the network before they can cause damage.
- Comprehensive detection: By combining signature-based detection methods, anomaly-based detection methods, and behavioral analysis, the IPS can cover a wide range of attack vectors. Both known and zero-day threats are identified.
- Automated response: When a threat is detected, the IPS automatically initiates actions to block the attack and minimize its impact. These include blocking traffic, disconnecting connections or applying quarantine rules.
- Custom policies: To customize detection and response to specific threats and attack vectors relevant to their network and organization, IT administrators can create custom IPS policies.
- Integrated reporting: Intrusion Prevention provides comprehensive reporting capabilities. This allows IT administrators to evaluate the effectiveness of their security measures and continuously improve their security strategy.
With intrusion prevention in your Sophos Firewall Network Protection, you benefit from proactive and comprehensive protection against cyber threats. This improves the security of your network and minimizes the risk of data loss and business disruption.
To manage the Sophos SD-RED appliances and use their full potential, the Sophos Network Protection license is required. SD-RED is an innovative solution that simplifies the setup and management of secure VPN connections between different locations. By using SD-RED appliances, you are able to ensure secure and reliable communications within your corporate network across multiple sites.
It is very easy to set up an SD-RED appliance. You simply connect the appliance to the Internet. It is automatically detected by your centrally managed Sophos Firewall. You can then configure the desired VPN connections and security policies for the appliance. There are no complex manual configurations or time-consuming processes.
With SD-RED, you benefit from secure, encrypted connections between remote sites or branch offices. To enforce consistent security policies, traffic from remote sites can be centrally monitored and filtered through your Sophos Firewall. At the same time, network performance and stability is improved by optimizing bandwidth and latency.
Using SD-RED appliances increases the flexibility and scalability of your network. Without much effort, you can quickly and easily add or remove new sites as needed.
With the Network Protection license, you are thus able to take full advantage of the SD-RED appliances and manage your network easily, efficiently and securely. With this license, you are well prepared for the challenges of an increasingly networked world.
How to: Set up Sophos RED
Advanced Threat Protection
Advanced Threat Protection (ATP) is a powerful feature of Sophos Firewall that detects, prevents, and responds to advanced and targeted attacks. ATP uses cutting-edge technologies to effectively combat complex and persistent threats.
The advantages of ATP include
- Detection of zero-day attacks and unknown threats through the use of machine learning, behavioral analysis, and real-time threat intelligence.
- Proactively defend against threats by detecting anomalies in network behavior and taking preventive action based on them.
- Protection against ransomware and targeted attacks that can often bypass traditional security solutions.
- Integration and collaboration with other Sophos security products for comprehensive and coordinated protection of the IT infrastructure.
- Automated responses to detected threats to minimize the impact of security incidents and reduce the time to restore normal operations.
By implementing ATP in your Sophos Firewall Network Protection, you can ensure that your business is protected against the latest and most sophisticated cyber threats, while reaping the many benefits of this advanced security feature.
Synchronized Application Control
Synchronized Application Control improves the visibility of and controls applications on the network. It enables IT administrators to identify and effectively manage the traffic of applications on the network.
Synchronized Application Control benefits include:
- Increased visibility: IT administrators get detailed information about the applications running on the network. This includes the applications being used by users and devices, as well as bandwidth utilization.
- Fine-grained control: The ability to set application policies at the user, group, or device level enables precise control of application traffic and ensures that critical business applications are prioritized.
- Improved security: Unwanted or unsafe applications can be identified and blocked. This reduces security risks and improves protection against threats such as malware and data loss.
- Network resource optimization: IT administrators can set bandwidth limits for specific applications. This ensures that critical business applications have sufficient resources and network performance is optimized.
With Synchronized Application Control in your Sophos Firewall Network Protection, you benefit from more visibility and control over applications on the network. This leads to greater security and better use of network resources.
Lateral Movement Protection
Lateral Movement Protection helps improve network security by preventing the spread of threats within the network. This feature detects and blocks lateral movement of malware and attackers attempting to access other systems on the network from an infected system.
Lateral Movement Protection helps prevent threats from spreading across the network. This feature detects and blocks lateral movement of malware and attackers when attempting to access other systems on the network from an infected system.
The benefits of Lateral Movement Protection include:
- Increased security: Lateral Movement Protection limits the spread of threats across the network. This reduces the risk of attacks spreading to other systems and causing greater damage.
- Fast detection: Lateral Movement Protection detects suspicious activity that indicates lateral movement. IT administrators can thus respond quickly to potential threats.
- Automatic response: To block lateral movement threats and minimize the impact of attacks, Lateral Movement Protection can automatically take countermeasures.
- Integration with other security features: Lateral Movement Protection works hand-in-hand with other Sophos Firewall Network Protection features. This ensures comprehensive and coordinated protection of the IT infrastructure.
Implementing lateral movement protection in Sophos Firewall Network Protection increases network security and prevents the spread of threats that can cause significant damage and business disruption.
Synchronized User ID
Synchronized User ID provides simplified user identification and seamless integration with existing Active Directory. It enables fast and accurate mapping of network activities to individual users. This does not require complicated manual configurations or scripts.
The advantages of the Synchronized User ID are
- Simplified user identification: Synchronized User ID provides seamless integration with directory services such as Active Directory. This enables automatic discovery of user identities on the network.
- Improved security: By accurately mapping network activity to users, IT administrators can effectively enforce security policies. This ensures that only authorized users have access to sensitive resources.
- Time savings: Automatic user identification eliminates the need for manual configurations and scripts. IT administrators save time and can focus on other important tasks.
- Granular control: To provide granular control over the network, Synchronized User ID allows IT administrators to create user-specific access policies and application rules.
By implementing Synchronized User ID in Sophos Firewall Network Protection, you benefit from improved user identification, enhanced security and more efficient network management.
Sophos Firewall Reporting provides IT administrators and security engineers with valuable insight into network activity and security events. By storing logs in Sophos Central, you can quickly and efficiently access and analyze important information. With standard storage, logs can be stored in Sophos Central for 7 days free of charge.
The reporting functions offer several advantages:
- Visualize network traffic and activity in real time to quickly identify unusual behavior and potential threats.
- Detailed information about the applications, users, and devices that generate network traffic to make informed decisions about security policies and resource allocations.
- Automated reports to meet compliance requirements and identify vulnerabilities or risks in the network.
- Quickly respond to security incidents with user-defined alerts and notifications.
The Central Orchestration increases the storage limit to 30 days, providing a longer period for analyzing and investigating security incidents. The additional Firewall Advanced Reporting license provides even greater storage capacity with up to 100 GB or 365 days of log storage in Central, allowing IT administrators and security engineers to perform even more detailed analysis and trend tracking.
Let us improve your safety
Our services are designed to help you keep your Sophos products running securely and reliably. In addition to the classic support for Sophos Firewalls or the Central platform, we offer the following services, which can be requested from us at any time:
Security auditsRequest more information
Want to have your Sophos products set up by professionals? We support you during commissioning and configuration for smooth operation.
You would like to change from your SG Firewall (UTM) to a XGS Firewall with the SFOS operating system? Thanks to our experience, we can also manage your changeover without any worries.
You have set up your Sophos products yourself and would like us to check the configuration? We will check your settings and give our recommendation.
Is it your job to be knowledgeable about Sophos products in your organization? We offer targeted training that is completely tailored to your needs.
Deepen your knowledge about the XGS Firewall
EDUCATION & GOVERNMENT
Special awards for educational and government institutions
Sophos offers special discounts for schools and government institutions to meet specific budget requirements. A discount of at least 20 % can be expected.*
Ask us and we will prepare an offer for you completely free of charge and without obligation.
* Special pricing for educational and government institutions is only available in the DACH region.Request special prices
Try Sophos Firewall free
Familiarize yourself with the Sophos Firewall user interface before purchasing. See for yourself how intuitive this advanced operating system is and learn about all the features of Sophos Firewall.
Use the online demo for instant access directly in the browser, without installation. Or download the Sophos Firewall software for free (ISO) and install it on your own hardware.
Use the following credentials to start your online demo. Username: demo / Password: XG@demOuser
Help with purchase
Are there any questions about the product?
It is better to ask again before buying, before you end up holding the wrong product in your hands.Ask question