Sophos this week rolled out a firewall/end point security package with an eye toward more quickly helping IT detect threats and autonomously isolate infected devices.
The key to the company’s security protection package is Sophos Security Heartbeat endpoint software and the firm’s new XG Firewall family.
According to Dan Schiappa, senior vice president of the end user security group at Sophos, Security Heartbeat sends continuous, real-time health information about the end point. If suspicious traffic is identified by the firewall, or malware is detected on the endpoint, security and threat information -- such as the MAC address, computer name, username and process information associated with the threat -- is instantly shared securely via between endpoints and the XG firewall.
By giving these traditionally separate products the ability to directly share intelligence, Security Heartbeat can trigger a response to stop or help control a malware outbreak or data breach, Schiappa said.
The Sophos XG Firewall can now use data provided by Heartbeat to isolate and restrict access to and from the affected device and endpoint protection can remediate the attack.
The system also has links to SophosLabs for further threat intelligence information.
After a given danger has been removed, the endpoint uses the Security Heartbeat to communicate updated health status back to the network, which then re-establishes normal service to the endpoint.
For IT, they won’t need additional agents or layers of complex management, logging and analysis tools to solve a security problem, Schiappa said.
Security Heartbeat is included as part of the Sophos XG Firewall and Sophos Cloud-managed endpoint protection package.
Sophos says the XG Firewall has a new user interface, improved reporting tools and policy setting support and runs on all Sophos SG Series hardware appliances. The company’s blog says XG Firewall is not currently compatible with Amazon Web Services, but it plans to add support for AWS and Azure cloud deployments soon.
“This is a good step toward synchronized security solutions. Having viewed tests of the Sophos XG Firewall with a Sophos protected endpoint, I have seen how the information passed in the security Heartbeat can reduce the risk to a business by increasing the speed of detection and response,” said Jon Oltsik, a principal analyst at Enterprise Strategy Group in a statement. “It is not just management interface integration; the two products share valuable information making each one more effective and efficient. For companies who do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations.”
Sign up for Computerworld eNewsletters.