sophos xg firewall 17.1 news sophos firewall manager sfm · 2018-06-21 · security heartbeat™...
TRANSCRIPT
Sophos XG Firewall 17.1 newsSophos Firewall Manager SFM
Centralisez la gestion de vos firewalls!
Michel Rueger
Sophos Sales Engineer
Une seule console pour toutes les solutions de sécurité
2
Synchronized Security – Jeu collectif vs solo
Analyse
Next-GenFirewall
Wireless
Web
Cryptage de disque
Cryptage de données
Endpoint
Next-Gen Endpoint
Mobile
Server
Sophos Central
Formationutilisateur
Security Heartbeat™
Synchronized Security - Automatic Response
Security Heartbeat™
Servers
XG Firewall Sophos Central
Security Heartbeat™ links Endpoints with the firewall to monitor health and immediately share the presence of threats.
Instant IdentificationSecurity Heartbeat can instantly share telemetry about the user, systems and process responsible
Automated ResponseAutomatically isolate, or limit network access, and encryption keys for compromised systems until they are cleaned up
Internet
XG Firewall Endpoints
Sophos is the only vendor that enables this kind of response
Firewall SecurityFirewall Manager (Via Partner Dashboard)
• Contrôle et visibilité complète• Prêt pour Synchronized Security• Prévention des Intrusions Next-Gen
5
Next-Gen Firewall
Wireless
Web
Disk Encryption
UTM
File Encryption
Endpoint
Next-Gen Endpoint
Mobile
Server
Analytics
User Training
Sophos XG Series Appliances
XG 125 XG 135
XG 105 XG 115
XG 310 XG 330
XG 210 XG 230
XG 430 XG 450
XG 650
XG 550
XG 750 (No SG)
XG 85 (No SG)
FleXi Port Modules
7
Connectivité flexible et évolutive
• Pour appliances 1U et 2U
• Disponible pour cuivre et fibre1Gb, 10Gb et 40Gb Ethernet
8
PerformanceIncrease in throughput
New Apollo Lake/Denverton CPUsBuilt-in high-speed Wi-Fi
New XG Brand ExperienceModern hardware design
Great unboxing experienceQR code direct to setup
High AvailabilityRedundant power supply option*
Connectivity802.11ac Wi-Fi for every w modelAdd 3G/4G module or 2nd radio*
Connect DSL Modem via SFP*
ManagementManage via micro USB or COM
Connect monitor via HDMI
*Not all features are available on every model
Image shows XG model – SG has a different design
Top Performing Protection – New XG Series Appliances
Deployment Options
Hardware
Sophos XG Devices
Software
Intel Compatible Hardware
Virtual
Hyper-VVMWare
Xen ServerKVM
Cloud
Azure
Modules Network
Protection
• Intrusion Prevention (IPS)
• Advanced Threat Prot. (ATP)
• Security Heartbeat
• RED VPN
• Clientless VPN
• Sandboxing
• Detection de menaces inconnues
Sandstorm
Protection
• Anti Spam & Phishing
• Dual AntiVirus
• DLP & Encryption
Protection
• Reverse Proxy
• Web Application Firewall
• Dual Antivirus
Web Server
Protection• HTTP/S Proxy
• Dual AntiVirus
• URL Filtering
• Application Control
• Synchronized AppControl
Web
Protection
• Stateful Firewall
• User/Network Rules
• Wireless
• Site-to-Site VPN
• Remote VPN
• Basic QoS
Base
Firewall (included)
Licences – Souscriptions/Bundles
XG Advantage: Interactive Control Center with Traffic-Light Indicators
12Sophos is the only vendor to offer this level of rich on-box reporting
Threats & Systems at Risk
Sophos is the only vendor to offer this level of risk visibility and reporting
Unknown Windows/Mac Apps
Suspicious Payloads
Risky Users
Advanced Threats
Risky Apps
Objectionable Websites
Intrusion Attacks
Unsanctioned Cloud Apps
XG Firewall Powerful Per-Rule Protection made SimpleA full suite of technologies easily managed from a single screen
Dual AV
SSL Inspection
Sandboxing
IPS
QoS
Web Filtering
App Control
Heartbeat
NAT
Routing
Prioritization
Synchronized App Control in Action
Security Heartbeat™Synchronized App Control
Works with:• Intercept X v2 (EAP)• CEA• Both Windows & Mac
Unknown ApplicationXG Firewall sees app traffic that does not match a signature
Endpoint Shares App InfoSophos Endpoint passes app name, path and even category to XG Firewall for classification
Internet
XG Firewall
SophosEndpoints
1 2
Application is Classified & ControlledAutomatically categorize and control where possible or admin can manually set category or policy to apply.
3
XG Firewall v17.1 Brings CASB Cloud App Visibility
17The industry’s best firewall application visibility is getting even better
Cloud App Visibility
18The industry’s best app visibility is now even better
Cloud Application
Classify
Traffic Shape
Users and Volume of Data
Filter / Sort
Full on-box reporting with hundreds of reports
19Sophos is the only vendor to offer this level of rich on-box reportingSophos is the only vendor to offer this level of rich on-box reporting
Reporting - Bandwidth Usage
20
Reporting - Health
21
Policy Test SimulatorSimplifiez vos strategies de diagnostique
Policy Test Simulator
• Simulez rapidement des requêtespour tester vos stratégies de filtragefirewall et web.
• Testez une variété de protocoles oun’importe quel site web.
• Testez le filtrage web, ou les règlesfirewall, ou les deux.
• Paramétrage de l’utilisateur, de la date et de l’heure de l’action.
• Rapport complet de ce qui estautorisé/bloqué, avec la référencede la règle.
Sophos Firewall Manager (SFM)Management centralisé des firewalls XG
• Monitoring et status détaillé
• Organisation et regroupement flexible
• Modèles de configuration (template)pour un déploiement faciilité
• Fonctionnement en modes push et pull
• Traçabilité des modifications
• Backup de configuration
• Mises à jour firmware
• VM gratuite jusqu’à 5 firewalls !
SFM: Historique des sauvegardes
26
SFM: Définition des niveaux d’alerte
27
Push or PULL ?
28
Modèles de provisionnement (template)
29
Gestion des changements: activer
30
Gestion des changements: Visualiser
31
Gestion des changements: informations
32
Liste des changements : Comparer
33
Différences des changements
34
Coming Soon – XG Firewall on Sophos Central
35
A single pane of glass for managing all your IT security
Planned for Launch in Q3
• View status and manage all your Firewalls alongside all your other Sophos products
• Full SSO device management
• Alerting and status for availability, license, performance, and security
• Zero-touch setup of new firewalls
• Manage multi-device firmware updates
• Option to store/maintain backups in Central
Free for partners and customers!
No Additional License Required
Check out the: Sophos Central
Session
6 ans dans le MQ de Gartner UTM
“[Sophos] démontre des forces dans la vision et la realization de la roadmap. execution, en comparaison à certainscompétiteurs.”
“Des part de marches sont gagnées grâce à la facilité d’utilization, la richesse des fonctionnalités et le succès de l’intégration avec la solution Endpoint.”
Licences d’essai
41
• Sophos XG en VM ou image iso (intel) disponible gratuitement 30 jours à l’essai, sans limitations
• Appliance XG en démo disponible chez votre distributeur
• Toutes les solutions Sophos Central softwares disponibles gratuitement 30 jours, sans limitations
• Licences NFR disponibles pour les partenaires Sophos
Sophos Home et outils gratuits
42
• Sophos Home: PC et Mac, Gratuit ou Premium, jusqu’à 10 ordinateurs
• Sophos Mobile Security: Android et iOS
• Sophos XG édition familiale
• Sophos antivirus pour Linux
https://www.sophos.com/fr-fr/products/free-tools.aspx
Questions?
43
Notre équipe répond à vos questions sur le stand Sophos !