1. UTM meets Endpoint
Du Preez van Wyk
NetXactics – Sales Consultant

3. At a glance: Network Security Group
The Network Security Group of Sophos
(formerly Astaro) is Europe’s market leader
for Unified Threat Management (UTM).
• The Astaro business was founded in
2000 and is since 2011 part of Sophos
• Constantly gaining market share
• Common Criteria and ICSA
certified products
• Received more than 120
product awards
• Approximately 65.000 installations
• Design and engineering
made in Germany
3

4. Unified Threat Management

5. Internet threats on the increase
Crackers Botnets Spam Phishing Scam Hoax Viruses Spyware Gray ware
Intrusions Denial of Service Distributed Denial of Service Ping floods Eavesdropper Script
Kiddies Espionage Malware Root kits Adware P2P File sharing Trojans Spit Bots Backdoors
Buffer Overflows Hackers Malcode Bugs Key loggers Crime ware Pharming Competitors
Exploits
Identity theft DNS poisoning Snarf attacks Spam bots Spy bots Trap doors
War driving Ransomware ASCII bombs Bluesnarfing Worms Decrypting Reverse engineering
Phreaking Port Scanning
8

6. Network security solutions today
Cost Time Investment
Router
Firewall
IPS
SSL VPN Gateway
Email/Spam Filter
Anti Virus Filter
Web Filter
WAN Link Balancer
Load Balancer
Total:
9

7. Modern IT-Security challenges (1)
Protect internet communication with office computers and servers
Branch office
Internet
VPN
VPN
Roadwarrior
Central office
10

8. Modern IT-security challenges (2)
Protect communication with endpoints and endpoints itself
Branch office
Mobile user Internet
Roadwarrior
Central office
11

9. Sophos UTM v9
Unified threat management appliances

10. Our all-in-one approach
Complete protection for your network
Endpoint Security
& Mobile Control
Integration of
Networking features complete email, web
for high availability & network protection
and load balancing
Flexible Deployment
VPN & wireless Software Appliance Central, browser-based
extensions management & reporting
of all applications
Virtual Appliance
13

11. Security features
Enterprise-class security for small and mid-size businesses
Endpoint
Protection
 Device Control
 AntiVirus
Wireless Network
Protection optional Protection
• Wireless Controller for Essential • IPS incl. MAPP
Astaro Access Points Firewall • IPSec/SSL/RED VPN
• Multi-Zone (SSID) • WAN Link Balancing
support • Stateful Firewall • SSL Portal (HTML5)
• Captive Portal/Voucher • Network Address Translation
• PPTP/L2TP Remote Access
Web Server Web
Protection Protection
optional
• Reverse Proxy • URL Filter
• Web Application Firewall Mail • Antivirus & Antispyware
• Antivirus Protection • Application Control
• Anti Spam & Phishing
• Dual Virus Protection
• E-Mail Encryption
14

12. Management made easy
Intuitive Dashboard Individual UserPortal Comprehensive Reporting
15

13. Sophos UTM
Hardware Multiple
110/120 220 320 425 525 625
Appliance + RED
Small Medium Medium Large Large Large Large networks
Environment
network network network network network network + branches
Network ports 4 8 8 6 & 2 SFP 10 & 4 SFP 10 & 8 SFP Multiple
Max.
recommended 10/80 300 800 1.500 3.500 5.000 10.000+
firewall users
Max.
recommended 10/35 75 200 600 1.300 2.000 5.000
UTM users
Software
Appliance * Runs on Intel-compatible PCs and servers
Virtual VMware Ready & Citrix Ready certified
Appliance * Runs in Hyper-V, KVM, and other virtual environments
*Pricing based #IPs/Users
16

14. Branch Office Security
Securely connect branch offices

15. Branch Office Security - challenges
Businesses with many small branch offices need an easy and affordable way to
connect them back to the headquarter location and keep their Internet access secure.
18

16. Available solutions
Routers for private users
Low-end UTM appliances
MPLS and managed VPN services
19

17. Sophos RED
The easiest and most economic way to secure your branch offices in a few
minutes – without the need for technical personnel at the remote site!
20

18. Deployment scenario
Sophos Branch Office Security
21

19. Sophos Provisioning Service
3. Connect RED Device 1. Enter RED name & ID
Remote Office Central Office
5. Establish Tunnel
RED Internet Router
Sophos UTM
Ship the RED without configuration

20. Sophos RED 10
Technical information
• Solid steel chassis
• No moving parts
• 1 WAN port
• 4-Port LAN switch
• 1 USB 3G/UMTS modem port
• 30 Mbit/s VPN-throughput
• <7 Watt power consumption
• Unrestricted users
• No buttons, no GUI
23

21. Wireless Protection
Secure wireless networks for businesses

22. Wireless networks – challenges
Businesses need an easy-to-use, secure and reliable possibility to integrate
wireless devices into their business networks.
25

23. Available solutions
Access points for private users
Low-end UTM appliances with integrated Wi-Fi
Enterprise wireless solutions
26

24. Deployment scenarios
Sophos Wireless Protection
27

25. Easy installation
Guest
Sophos UTM
Finance
Internet
28

26. Hotspot aka Captive Portal
Secure Internet access for guests in companies, hotels & other typical hotspot areas
• Wireless and wired
• Operating-Modes
• Disclaimer-Page
• Password of the Day
• Vouchers with time/data quota
• Guest-Registration within the
Enduser-Portal
• Customization of the Portal-Site
• Part of the Wireless Subscription
#2 Feature Request on
http://feature.astaro.com
29

27. Sophos Access Points
AP 10 AP 30
• Up to 10 users • Up to 30 users
• 150 Mbit/s throughput • 300 Mbit/s throughput
• 1 x 10/100 Base TX • 1 x 10/100 Base TX
• IEEE 802.11 b/g/n • IEEE 802.11 b/g/n
• Power over Ethernet (IEEE 802.3af)
AP 50
• Up to 50 users AP 5
• Dual-band/dual-radio • Up to 7 users
• 2.4Ghz and 5GHz • USB Access Point
• IEEE 802.11 a/b/g/n • Wifi extension for RED10 rev.2/3
• 300 Mbit/s throughput
• PoE+ (IEEE 802.3at)
30

28. Additional Feature Examples
Always State-of-The-Art

29. Application Control aka Next Generation Firewall
• Patterns for ~600 relevant applications
• Deep Layer-7 inspection for true application
identification (Next Generation Firewall)
• Unclassified application feedback
• Complete control to block, allow, shape, and prioritize
• Detailed real-time reporting and forensic history
• Graphical flow-monitor shows everything as it happens

30. Clientless SSL VPN
HTML 5 VPN Portal
• Browser based VPN without additional
software
• IE > v10, Firefox > v6, Google Chrome
• No Java / ActiveX or Flash!
• Applications:
• Remote Desktop
• VNC
• Telnet
• SSH
• Webapp (HTTP / HTTPS)
#1 Feature Request on http://feature.astaro.com

31. Endpoint Protection
Complete Security – Better Together!

32. UTM Endpoint Protection
Always connected and up-to-date – everywhere
UTM 9.1
Live Connect Policies, Events,
Service Updates
Branch Office
Mobile User Policies, Events,
Updates Policies
Internet
Roadwarrior
Central Office
35

33. Endpoint Management
36

34. Sophos UTM 9 - Roadmap
2012 2013
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun
UTM 9.0 UTM 9.1 UTM 9.2
UTM 9.0 UTM 9.1 UTM 9.2
GUI in Sophos Design Extended Endpoint Protection Extended Endpoint Protection
SAV Integration • Web Filtering (policy sync.) • App.Ctrl (client/UTM comm.)
UTM Endpoint Protection • Client Firewall (policy sync.) • Device & Media Encryption
• Device Control • DLP • VPN client
• AV & HIPS • Full Disk Encryption
Clientless SSL VPN • MAC OS support TBA
Hotspot support • …
• “Captive Portal” Extended Wireless Protection .
• Repeater, Wireless IDS,
Rogue AP detection
UTM Mobile Control
• Remote Lock & Wipe
• Central App. Mgmt.
• Email Access Mgmt
37

35. Conclusion
Sophos UTM v9
Complete Security
• UTM with the most comprehensive feature set on the market
• UTM meets endpoint – full integration of endpoint security
Without Complexity
• Single intuitive GUI for all functionalities
• Unique plug`n`play Wifi and VPN technology
Let s cut the costs
• All-In-One vs. bunch of point solutions
• Tailor made subscription plan
• “Keep things simple”
38

36. Thank you very much!
Questions?
Sophos UTM Contact: dupreezvw@netxactics.co.za