Unified Threat Management (UTM) is widely seen as a valuable, but ultimately expensive form of cyber-security, and certainly a tool that the small and medium sized business community would find difficult to justify on cost grounds alone.
With this issue firmly in mind, long-time security specialists, Sophos, has attempted with the latest version of Sophos UTM to bring both the overall panoply of threat defences it provides and the special capabilities of Advanced Threat Protection (ATP), to the small and mid-market.
Developed by SophosLabs, this new Sophos UTM approach brings together multiple technologies to rapidly identify and isolate infected client systems and prevent communication with malicious command and control hosts.
This latest version introduces Botnet protection and cloud-based sandboxing to expand on the Sophos UTM’s existing multi-layer Firewall, Web, Email and Endpoint protection. This extends the Sophos commitment to small and mid-market companies, delivering access to advanced protection without the complexity and cost normally associated with such functionality.
“The initial stages of targeted attacks can often go unnoticed by security systems that don’t control incoming and outgoing traffic. For organisations with limited IT resources, investing time and money in a dedicated ATP solution to detect these early signs is simply not realistic, given how tricky, complex and fast moving this type of traffic is,” says Chris Kraft, vice president, product management, Sophos. “That's what we wanted to change. Today, with a few simple clicks, users get advanced protection without needing to be full-time security experts themselves.”
This new release also significantly enhances speed of security scanning with initial data showing the new performance optimised IPS doubling throughput speed in test environments.
The Email, Web, and Network Protection modules all experience significant enhancements, including simplified email encryption and DLP, with Sophos SPX technology eliminating the need for a separate Public Key Infrastructure, while policy-based DLP can trigger automatic encryption. It also features smarter web control, where a streamlined policy setup enables granular user control, and transparent web filtering of https traffic provides seamless protection.
Mobile access control is provided to enhance WiFi and VPN security by combiningSophos UTM with Mobile Device Management functionality in Sophos Mobile Control, while performance optimised IPS comes from intelligent processes and pattern management, which delivers enhanced scanning speeds to rapidly block network attacks and prevent breaches. Botnet/Command and Control protection comes from the Sophos Advanced Threat Protection, which identifies and blocks infected machines communicating with malware command and control servers.
“Students are smart and always find ways to circumvent security, so schools are always in need of better ways to manage their web access and block inappropriate content,” says Bart Wilson, systems support manager, from Twotrees Technologies LLC, a Sophos partner. “UTM 9.2 is a huge step forward in solving this problem. By adding https traffic to web filtering in transparent mode, Sophos will help our customers to take back control – especially with so many students browsing on mobile devices.“