Sophos Central Orchestration extends Xstream Protection Bundle beyond just Zero-Day Protection
Sophos Central Orchestration is a specially designed license that enables additional advanced features. It provides the ability to connect multiple Sophos Firewalls via VPN through Sophos Central with just a few clicks. In addition to the pure VPN connection functionality, this license includes a light version of the Sophos Central Firewall Reporting Advanced license to enable advanced reporting. Furthermore, the license is required to enable the MDR and XDR connector in Sophos Firewall. This licensing model ensures that you get access to the most advanced features and services to optimize your network security.
As a security administrator, you know the challenges of manually creating VPN connections between multiple firewalls. Sophos Central Orchestration is a powerful solution that greatly simplifies this task. It allows you to create VPN connections in seconds and with just a few clicks, and manage complex network structures.
With Sophos Central Orchestration, you can quickly and efficiently create complex network structures such as full-mesh networks, hub-and-spoke models, and tunnel setups. In addition to VPN connections, Sophos Central Orchestration provides a variety of SD-WAN features that improve network performance and increase network resilience. Not only will you save time and effort, but you'll also benefit from improved network performance and security.
Various network models that can be created using Sophos Central Orchestration:
Full mesh networks: This network design is characterized by each device being directly connected to every other device. With four firewalls, you would need six separate VPN connections, which is calculated by the formula n(n-1)/2, where n is the number of firewalls. With six firewalls, there would be 15 connections, and with ten, there would be as many as 45. This model provides maximum redundancy and performance, as data can be sent directly from any device to any other without being routed through an intermediate device.
Hub-and-spoke models: In this model, all devices are connected to a central device, the "hub". This acts as an intermediary for communication between the individual "spokes" (the devices). With four firewalls, each firewall would be connected only to the hub, requiring a total of three VPN connections. With six firewalls, there would be five connections, and with ten firewalls, there would be nine. This model is easier to manage and requires fewer connections than a full mesh network, but may provide less redundancy and performance because all data must be routed through the hub.
Tunnel setups: In a tunnel setup, private network data and communications are sent securely over public networks such as the Internet. Data is encrypted before sending and decrypted upon receipt to ensure security and privacy. VPN connections are a common example of tunneling. With Sophos Central Orchestration, you can set up VPN tunnels between your firewalls easily and efficiently.
Overall, Sophos Central Orchestration enables faster, easier and more efficient management of VPN connections between multiple firewalls. This makes your job as an admin much easier while improving the performance and resilience of your network. With Sophos Central Orchestration, you can implement all these network designs and more quickly and easily, minimizing complex configuration tasks.
Central Firewall Reporting Advanced (Light) - logs for 30 days
The Central Orchestration license provides a light version of Sophos Central Firewall Reporting Advanced, a powerful cloud-based reporting tool. With 30 days of firewall data storage in Sophos Central, it provides comprehensive insight into your network security.
The variety of predefined reports on threats, compliance and user activity provides valuable insights. In addition, advanced options allow you to create and customize reports and views according to your specific needs. Whether you want to save, schedule or export the reports, Sophos Central Firewall Reporting Advanced provides the flexibility you need.
With the ability to expand the storage for additional history reports, Sophos Central Firewall Reporting Advanced ensures that you always have access to the information you need, regardless of the time period.
Central MDR and XDR Connector
Additionally, Central Orchestration includes the Sophos XDR and MDR connector. This enables firewall data sharing for cross-product extended detection and response and our 24/7 managed threat response service
- Sophos MDR is an optional, fully managed service that provides around-the-clock threat hunting, detection and response by the Sophos team of experts.
- Sophos XDR provides advanced detection and response capabilities that are the responsibility of your own team.
Whether you hire Sophos to handle threat hunting and detection and response, or you handle these tasks yourself, your Sophos Firewall is configured to securely transmit all relevant threat data and information to the cloud.
Sophos XGS Firewall – Datasheet
Sophos XGS Firewall – Brochure
Sophos Firewall – Solution Brief
Sophos Central Firewall – Datasheet
Next-Gen Firewall – Buyer's Guide
Cybersecurity System – Buyer's Guide
Sophos Central Firewall Reporting – Datasheet
Sophos Firewall and SD-WAN whitepaper
What’s New in Sophos Firewall – Beginner’s Guide