Sophos synchronized security in action @Netpluz CS Event Nov 2017
Download as PPTX, PDF2 likes764 views
Synchronized Security in Action Attacks are becoming more sophisticated while attack surfaces are growing exponentially. Synchronized Security from Sophos coordinates defenses across endpoints, networks, servers and more to stay better coordinated against attacks. It provides unparalleled protection through next-gen endpoint protection and network security working together. Automated incident response leverages technologies like Security Heartbeat to automatically detect, isolate and remediate incidents. Real-time insight and control gives visibility across systems and estates for rapid root cause analysis and response. Customers report that Synchronized Security saves them time through quick threat identification and remediation.
Ad
More Related Content
What's hot (20)
Similar to Sophos synchronized security in action @Netpluz CS Event Nov 2017 (20)
Ad
More from Netpluz Asia Pte Ltd (20)
Ad
Recently uploaded (20)
Sophos synchronized security in action @Netpluz CS Event Nov 2017
- 2. Synchronized Security in Action How many customers are using it? Is it delivering on its stated benefits? When are the rest of the products getting a Heartbeat? Who should we be targeting? What does the competitive landscape look like? 2
- 3. Attacks are more sophisticated than defenses Attack surface exponentially larger Increasing attacks, increasing sophistication 3 Laptops/Desktops Phones/Tablets Virtual servers/desktops Cloud servers/storage IoT Syndicated crime tools Zero day exploits Memory resident Polymorphic/metamorphic Multilevel botnets
- 4. Synchronized Security Sophos Central Cloud Intelligence Sophos Labs Analytics | Analyze data across all of Sophos’ products to create simple, actionable insights and automatic resolutions | 24x7x365, multi-continent operation | Malware Identities | URL Database | Machine Learning | Threat Intelligence | Genotypes | Reputation | Behavioral Rules | APT Rules | App Identities | Anti-Spam | DLP | SophosID | Sandboxing | API Everywhere Admin Self Service Partner| Manage All Sophos Products | User Customizable Alerts | Management of Customer Installations Next-Gen Endpoint Mobile Server Encryption UTM/Next-Gen Firewall Wireless Email Web In Cloud On Prem 4
- 5. Customer Deployments Security Heartbeat™ XG Firewall Sophos Central XG Firewall Endpoints Average 154 Typical 1-2 Average Company Size 387 Employees
- 6. Synchronized Security Best of breed security system that enables your defenses to be more coordinated than the attacks. 6 Automated Incident Response Unparalleled Protection Breach Prevention Reduce Breach Impact Simplify IT Management Real-time Insight and Control
- 8. Next-Gen Endpoint Protection Script-based Malware Malicious URLs Phishing Attacks Removable Media .exe Malware Non-.exe Malware Unauthorized Apps Exploits .doc .xls .pdf 8 Synchronized Security Sophos Central Mgmt. Root Cause Analysis
- 9. Synchronized Security Sophos Central Mgmt. Root Cause Analysis Next-Gen Endpoint + Network Protection 9 Script-based Malware Phishing Attacks .exe Malware Non-.exe Malware .doc .xls .pdf Malicious URLs Removable Media Unauthorized Apps Exploits More Coordinated Than Attacks It Just Works Together
- 11. Sophos Central Cloud Intelligence Sophos Labs Analytics | Analyze data across all of Sophos’ products to create simple, actionable insights and automatic resolutions | 24x7x365, multi-continent operation | URL Database | Malware Identities | File Look-up | Genotypes | Reputation | Behavioural Rules | APT Rules Apps | Anti-Spam | Data Control | SophosID | Patches | Vulnerabilities | Sandboxing | API Everywhere Admin Self Service Partner| Manage All Sophos Products | User Customizable Alerts | Management of Customer Installations In Cloud On Prem Next-Gen EndpointUTM/Next-Gen Firewall Security Heartbeat Available Now 11 Server Encryption Security Heartbeat™
- 12. Bad guy’s trilemma 12 Disable Sophos Security Red Health sent through HB FW Isolates Endpoint Disable Heartbeat FW detects Missing Heartbeat FW Isolates Endpoint Leaves Sophos Security alone Sophos sees everything they do Intercept X blocks attack
- 13. Lateral Movement Detection and Prevention Credential Theft Attempt – Detected By Intercept X Security Heartbeat™ Internet XG Firewall Endpoints Servers
- 14. Security Heartbeat™ Lateral Movement Detection and Prevention Security Heartbeat™ Detection and Isolation Internet XG Firewall Endpoints Servers
- 15. Security Heartbeat™ Lateral Movement Detection and Prevention Security Heartbeat™ Detection and Isolation – Endpoint Stonewalling Internet XG Firewall Endpoints Servers
- 16. Security Heartbeat™ Lateral Movement Detection and Prevention Detection and Isolation – Wireless Heartbeat Internet XG Firewall Endpoints Servers Security Heartbeat™ Security Heartbeat™
- 17. Lateral Movement Detection and Prevention Detection and Isolation – Destination Based Rules Internet XG Firewall Endpoints Servers Security Heartbeat™
- 18. Automated Incident Response 18 Available 2H 2017 • Security Heartbeat • Intercept X • Server Heartbeat • Synchronized Encryption • Wireless Heartbeat • Synchronized Mobile • Synchronized Email • Endpoint Stonewalling • Credential Theft Detection Isolation Lateral Movement Detection and Prevention
- 19. Real-time Insight and Control
- 20. Real-time Insight and Control Available Now 20 Security Heartbeat Active Threat ID Machine, Process, User Threat chain visibility Root Cause Analysis Infrastructure visibility
- 21. Dynamic Application Control 21 • Automatically identifies unknown app traffic • Better visibility than any other Firewall on the market o Risk Reduction - Morphing Apps attempting to avoid Firewalls/Sandboxing - Suspicious Applications o Performance improvement - Bandwidth storms
- 23. Cross-Estate Root Cause Analysis Understanding the Who, What, When, Where, Why and How 23
- 24. Real-time Insight and Control 24 Available 2H 2017 • Security Heartbeat • Active Threat Identification • Root Cause Analysis • Dynamic App Control • RCA Cross-Estate Real-time Visibility, Analysis Security Control
- 25. 25 1.5M Members 7000 Employees 187 Parishes 90 Schools Brooklyn, USA Quote “Sophos saves me time because I can identify threats and remove them quickly.” 1000 Computers Sophos Central Endpoint Advanced, Intercept X 50 Servers Sophos Central Server Advanced Network 3 XG Firewalls, 5 SG UTM 2000 Reflexion licenses Visibility across multiple locations RCA and forensics quickly and easily Unify and simplify endpoint, FW, and cloud security Real-time Insight and Control “The time we save is equivalent to at least one part-time person—that’s huge.” Gus Garcia, Senior Project Manager
- 26. Next-Gen EndpointUTM/Next-Gen Firewall Synchronized Security 2017 26 Mobile Server Wireless Email Web Security Heartbeat™ Encryption “It only took 2 minutes to find out that everything was under control. Sophos XG Firewall detected the threat and Security Heartbeat allowed the infected host to be immediately identified, isolated and cleaned up. Instead of going into fire drill mode, we were able relax and finish our lunch.” DJ Anderson, CTO, IronCloud
Editor's Notes
- #2: 2015 – Launched Sync Sec 2016 – Partner Momentum (New Accounts, Cross-sell NW/End) 2017 – Customer Traction
- #4: Threat landscape is constantly changing Average user had 3 devices and both user and device are mobile Everything will be Cloud Managed IoT Attackers coordinate and combine tecniques to improve thier strike rate. Resuable code, online tools, it’s easy Soccer/Football – Red Cards (7 player minimum)
- #5: How do we solve this issue? Our Vision/Strategy/Ref Architecture All products working together in a system (security services) Best of Breed vs. Integrated System – old thinking Heartbeat, Cloud Intelligence, Analytics – for Action, not Info Managed by Sophos Central (Easy, Scale, Service) Who is using it? POLL
- #6: Cloud Endpoints – over 320,000 Cloud Servers – over 30,000 avg 24 DP safeguard – over 30,000 Synchronized Network licenses 3400 It’s working, so how do we talk about it, how do we pitch it?
- #7: Rest of presentation – IN ACTION Demos Customers How it’s being sold
- #9: Sync Security is broader than Heartbeat Technologies within the Endpoint work together One tech spots suspicious, can kick off another tech to scan
- #10: ATP finds bad URL, bad traffic, but unknown Asks endpoint for detail – run a scan, or give me the process info
- #26: Compelling event – looking for better visibility to scale, save costs 1000 Computers – CEA, CIX 50 Servers - Server Advanced 3 XG Firewalls, 5 SG UTM 2000 Reflexion licenses