Sophos launches ‘Xstream’ version of XG Firewall

By SokoDirectory Team / February 20, 2020 | 10:00 am




SophosLabs Research Indicates 44% of Prevalent Information Stealers use Encryption to Hide Stolen Data

Sophos has introduced a new “Xstream” architecture for Sophos XG Firewall with high performance Transport Layer Security (TLS) traffic decryption capabilities that eliminate significant security risk associated with encrypted network traffic, which is often overlooked by security teams due to performance and complexity concerns. XG Firewall now also features AI-enhanced threat analysis from SophosLabs and accelerated application performance.

Sophos today also published the SophosLabs Uncut article, “Nearly a Quarter of Malware now Communicates Using TLS,” which explains how 23% of malware families use encrypted communication for Command and Control (C2) or installation. The article details, for example, three common and ever-present Trojans – Trickbot, IcedID and Dridex – that leverage TLS during the course of their attacks. Cybercriminals also use TLS to hide their exploits, payloads and stolen content and to avoid detection. In fact, 44% of prevalent information stealers use encryption to sneak hijacked data, including bank and financial account passwords and other sensitive credentials, out from under organizations.

“As SophosLabs’ research demonstrates, cybercriminals are boldly embracing encryption in an attempt to bypass security products. Unfortunately, most firewalls lack scalable TLS crypto capabilities and are unable to inspect encrypted traffic without causing applications to break or degrade network performance,” said Dan Schiappa, chief product officer at Sophos. “With the new Xstream architecture in XG Firewall, Sophos is providing critical visibility into an enormous blind spot while eliminating frustrating latency and compatibility issues with full support for the latest TLS 1.3 standard. Sophos’ internal benchmark tests have clocked a two-fold performance boost in the new XG TLS inspection engine as compared to previous XG versions. This is a game changer.”

Latency too often deters IT admins from using decryption, as seen in an independent Sophos survey of 3,100 IT managers in 12 countries. The survey white paper, The Achilles Heel of Next-Gen Firewalls, reports that while 82% of respondents agreed TLS inspection is necessary, only 3.5% of organizations are decrypting their traffic to properly inspect it.

Key new features of XG Firewall include:

  • Inspection of TLS 1.3 to detect cloaked malware: New port-agnostic TLS engine doubles crypto operation performance over previous XG versions
  • Optimized critical application performance: New FastPath policy controls accelerate the performance of SD-WAN applications and traffic, including Voice over IP, SaaS and others, to up to wire speed
  • Adaptive traffic scanning: The newly enhanced Deep Packet Inspection (DPI) engine dynamically risk-assesses traffic streams and matches them to the appropriate threat scanning level, enhancing throughput by up to 33% across most network environments
  • Threat analysis with SophosLabs intelligence: Provides network administrators with the SophosLabs AI-enhanced threat analysis needed to understand and adjust defenses to protect against a constantly changing threat landscape
  • Comprehensive cloud management and reporting in Sophos Central: Centralized management and reporting capabilities in Sophos Central provide customers with group firewall management and flexible cloud reporting across an entire estate without additional charge
  • Integration with Sophos Managed Threat Response (MTR) service: Customers of XG Firewall who also subscribe to the Sophos MTR Advanced service will have deeper actionable intelligence to prevent, detect and respond to threats, as a result of the integration

“Sophos’ new XG Firewall offers a wide array of enterprise-caliber features, with a growing installed base that is now one of the industry’s most widely deployed next-generation firewalls,” Eric Parizo, senior analyst for enterprise IT strategy, Omdia[1]. “XG Firewall can win against industry competitors in large part because of Sophos Central, its SaaS-based, single-pane-of-glass management system for overseeing the deployment, management, policy, updates, and response, with optional log management and analytics. This cloud management platform with the Firewall Management and Reporting feature, plus the TLS inspection, position Sophos XG Firewall as a compelling option for a wide variety of organizations.”

“At Convergent Information Security Solutions, we are engaged in the management and monitoring of both perimeter and internal cybersecurity for our customers, and until now we were somewhat limited in our ability to monitor SSL/TLS encrypted data streams. Sophos XG Firewall helps us solve this problem efficiently and affordably with the new accelerated DPI engine in the latest version. This, combined with new automatically-managed custom IPS rule sets, gives us much more visibility into encrypted traffic going through the network than we ever had before. This feature will immensely improve our customers’ security and we consider this to be critical, based how broadly cybercriminals are capitalizing on TLS encryption to cover-up and carry out their attacks,” said Bruce Kneece, CTO of Columbia, S.C.-based Convergent Information Security Solutions. “We’re also aware of how fast cyberattacks are morphing. With the ability to scan for potentially dangerous files transported inside of SSL/TLS tunnels, in addition to the zero-day detection engine of Sandstorm, we can provide better, faster customer protection, detection and service.”

Sophos XG Firewall is available in the cloud-based Sophos Central platform alongside Sophos’ entire portfolio of next-generation cybersecurity solutions. Sophos’ unique Synchronized Security approach empowers these solutions to work together for real-time information sharing and threat response.

[1] Omdia, Enterprise Decision Maker, January 2020. Results are not an endorsement of Sophos or SophosLabs. Any reliance on these results is at the third-party’s own risk.







More Articles From This Author







Trending Stories










Other Related Articles










SOKO DIRECTORY & FINANCIAL GUIDE



ARCHIVES

2020
  • January 2020 (272)
  • February 2020 (310)
  • March 2020 (390)
  • April 2020 (322)
  • May 2020 (336)
  • June 2020 (36)
  • 2019
  • January 2019 (253)
  • February 2019 (216)
  • March 2019 (285)
  • April 2019 (254)
  • May 2019 (272)
  • June 2019 (251)
  • July 2019 (338)
  • August 2019 (293)
  • September 2019 (306)
  • October 2019 (313)
  • November 2019 (362)
  • December 2019 (320)
  • 2018
  • January 2018 (291)
  • February 2018 (219)
  • March 2018 (278)
  • April 2018 (225)
  • May 2018 (238)
  • June 2018 (178)
  • July 2018 (256)
  • August 2018 (249)
  • September 2018 (256)
  • October 2018 (287)
  • November 2018 (284)
  • December 2018 (185)
  • 2017
  • January 2017 (183)
  • February 2017 (194)
  • March 2017 (207)
  • April 2017 (104)
  • May 2017 (169)
  • June 2017 (205)
  • July 2017 (190)
  • August 2017 (195)
  • September 2017 (186)
  • October 2017 (235)
  • November 2017 (253)
  • December 2017 (266)
  • 2016
  • January 2016 (165)
  • February 2016 (165)
  • March 2016 (190)
  • April 2016 (143)
  • May 2016 (245)
  • June 2016 (182)
  • July 2016 (271)
  • August 2016 (248)
  • September 2016 (234)
  • October 2016 (191)
  • November 2016 (243)
  • December 2016 (153)
  • 2015
  • January 2015 (1)
  • February 2015 (4)
  • March 2015 (166)
  • April 2015 (108)
  • May 2015 (116)
  • June 2015 (120)
  • July 2015 (148)
  • August 2015 (157)
  • September 2015 (188)
  • October 2015 (169)
  • November 2015 (173)
  • December 2015 (207)
  • 2014
  • March 2014 (2)
  • 2013
  • March 2013 (10)
  • June 2013 (1)
  • 2012
  • March 2012 (7)
  • April 2012 (15)
  • May 2012 (1)
  • July 2012 (1)
  • August 2012 (4)
  • October 2012 (2)
  • November 2012 (2)
  • December 2012 (1)
  • 2011
    2010
    2009
    2008
    2007
    2006
    2005
    2004
    2003
    2002
    2001
    2000
    1999
    1998
    1997
    1996
    1995
    1994
    1993
    1992
    1991
    1990
    1989
    1988
    1987
    1986
    1985
    1984
    1983
    1982
    1981
    1980
    1979
    1978
    1977
    1976
    1975
    1974
    1973
    1972
    1971
    1970
    1969
    1968
    1967
    1966
    1965
    1964
    1963
    1962
    1961
    1960
    1959
    1958
    1957
    1956
    1955
    1954
    1953
    1952
    1951
    1950