Sophos is a great place to work on any day but today is particularly exciting. It’s the day Sophos revolutionizes the IT security industry. Yes, that’s a big claim, and one many security vendors have made over the years.
But the release of Sophos Security Heartbeat™ today means for the first time ever network and endpoint products can talk to each other and share intelligence to improve protection, that’s a very big deal indeed. Let me explain why.
For years, security vendors have responded to increasing threats by sticking Bandaids over new points of infection as they emerge. And when that becomes ineffective, some next-generation Bandaids come along to fix the problem. The industry just kept on asking customers to add more layers of security.
The strategy of adding layer upon layer of disparate security technologies really is no longer practical or effective. It’s costly, complex and out of reach for the vast majority of businesses who simply don’t have the resources to deploy, maintain and coordinate all these products. At best, the result is disjointed security that may defeat separate elements of the threat, but fails to provide the complete visibility and control necessary for rapid response and remediation.
This is where Sophos’s revolution begins. Today we’ve released the world’s first Synchronized Security products. Sophos XG Firewall and Sophos Next-Gen Endpoint with Security Heartbeat™ finally break down the wall between network and endpoint security, allowing independent endpoint and network security products to join forces for the first time.
This synchronized security approach is very definitely “next-generation,” but not as you know it. It’s not another demand for you to add yet another shiny new threat protection object to your already overloaded security strategy. It’s a simple security strategy that gets more out of what you already have in place, your endpoint security agent and network firewall. These are mandatory security products for every business already and when these vital components talk to each other it lets us make them work better together, and that means better protection and less work for IT teams everywhere.
How does Security Heartbeat work?
The communication is made possible by the Sophos Security Heartbeat™ capability of the Sophos XG Firewall. This new technology directly links next-generation firewalls and UTMs with next-generation endpoint security to share threat intelligence.
The Security Heartbeat pulses continuous, real-time information about suspicious behavior between endpoints and the network firewall or UTM, instantly triggering a response to stop or help control a malware outbreak or data breach as it happens. When a new Sophos protected endpoint is added to the network, its Security Heartbeat automatically connects to the local Sophos XG Firewall and the endpoint immediately starts sharing the health status.
If malware is detected on the endpoint, or suspicious traffic is identified by the firewall – such as malware communicating with a cybercriminal’s command and control server – security and threat information is instantly shared securely via the Security Heartbeat. The endpoint reports context-rich information associated with the threat, so the firewall can automatically isolate the endpoint to mitigate risk and prevent data loss. After the threat has been removed, the Security Heartbeat communicates the endpoint’s updated health status back to the network, which then re-establishes normal service to the endpoint.
If that sounds powerful to you take a look at it in action and you’ll see just how powerful yet simple it really is.
Now, we’re calling this a revolution but I’m sure there are a few cynics out there saying we’ve heard it all before from other security vendors. And you’d be right to be suspicious, because many vendors have over-promised and under-delivered when it comes to bringing network and endpoint together.
This time is different, because this time it’s Sophos, a vendor with a long history and proven expertise in both endpoint and network security. A company with a proven reputation in each market, backed up by placement in the Leaders Quadrant of both Gartner’s Endpoint and UTM Magic Quadrant.
But don’t take my word for it, here’s what Jon Oltsik, senior analyst at ESG, said about the XG Firewall:
“Having viewed tests of the Sophos XG Firewall with a Sophos protected endpoint, I have seen how the information passed in the Security Heartbeat can reduce the risk to a business by increasing the speed of detection and response. It is not just management interface integration; the two products share valuable information making each one more effective and efficient. For companies who do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations.”
We’ll be sharing more details about the technology behind synchronized security, and giving you a closer look at the innovative new features in the XG Firewall in the coming days and weeks. If you can’t wait you learn more about Synchronized Security, see it in action, or try it for yourself.
Note: If you’re an existing Sophos UTM customer, learn more about how you can plan your transition XG Firewall in our FAQ.