Sophos Network

Security

Sophos Confidential
 Top Problems with Network
Security

Sophos Confidential
 Too Many Products

The Top Problems with Complexity with Remote Workers, Offices, Devices
Network Security Today
Performance vs Protection – Can’t have both

Lack of visibility and no action when there’s a threat

Networking products have become way too complex

3
 Cybersecurity is so complex, so difficult, and
moves so fast that most organizations simply
can't manage it effectively.

4
 Sophos Network Security – Our Value Proposition

SOPHOS NETWORK SECURITY Full suite of products - uniquely integrated

Solving today’s top problems
with Network Security Works with what you have – extensible and scalable

The best protection and performance at every price

Unmatched visibility, protection, and response

Making complex network management easy

5
Sophos Network Security Suite of Products

Sophos Confidential
 Sophos Firewall
(Next-Gen Firewall)

Sophos Confidential
Sophos Firewall
Full Next-Gen Firewall Protection
 Includes all the modern protection technology an
organization needs
 Encrypted traffic inspection, intrusion prevention, web and
application control, and zero-day threat protection with
machine learning file analysis and dynamic sandboxing

Visibility and Insights

 Includes a rich traffic-light style dashboard that surfaces
risks and threats
 Includes free reporting on-box and across the entire
network thanks to Sophos Central Reporting

Sophos Central Management

 Manage all firewalls from Sophos Central
 Group management capabilities and central orchestration of
SD-WAN VPN makes managing complex networks easy

Sophos Confidential
Sophos Firewall - Unique Capabilities You Can’t Get Anywhere Else

Automatic response to threats

 Synchronized Security
 Active Threat Response

Easily enabling users to work from anywhere

 Integrated ZTNA
 Easy remote-access VPN
 Support for Sophos SASE Services such as DNS Protection

The most powerful protection and performance

 Dual processor architecture
 No need to compromise on protection for performance

Single Management Console

 Powerful but easy unified cloud management
 Group firewall management, SD-WAN orchestration, reporting
 Single agent for remote clients (EP, ZTNA, SWG, etc.)
Sophos Confidential
Flexible Deployment

XGS Series Virtual or Software Public Cloud

hardware appliances appliance

Sophos Confidential
Sophos Firewall: XGS Series Appliances

From the “office of one” to Dual processor architecture Adapt connectivity if

the campus edge Combines a high-performance CPU requirements change
Sophos appliances offer powerful with a programmable Xstream Flow A wide range of built-in and add on
protection and no-compromise Processor for hardware acceleration connectivity options provide the
performance to scale for networks of flexibility to adapt to infrastructure
all sizes. changes
Powered by Xstream
Puts trusted traffic and applications
Unmatched value on the FastPath to reduce latency and Business continuity
Our highly competitive Price Per improve overall performance in every From redundant power options to
Protected Megabit per second new software release. keep the lights on, a second SSD on
(PPPMbps) and energy efficiency high-end models, or fallback
provide great value for money at connectivity for SD-WAN, we have
every price point. you covered.
Powerful Protection and Performance

LEADING FASTPATH LEADING LEADING ZERO-DAY

ACCELERATION TLS INSPECTION THREAT PROTECTION
Policy-based traffic selection Higher performance TLS inspection with Added performance headroom for the best
with hardware acceleration TLS 1.3 and unmatched intelligence & visibility zero-day protection in the industry
Unmatched Visibility and Easy Management
Threats & Systems at Risk

Unknown Apps

Risky Downloads

Risky Users

Advanced Threats

Encrypted Traffic

Risky Apps

Objectionable Websites

Intrusion Attacks
ZTNA Gateway on Sophos Firewall
All Sophos Firewalls are now a ZTNA Gateway
Making the transition to Zero Trust easier than ever

• Integrated Zero Trust Connector

• Zero Touch Deployment
• No added infrastructure required
• Every Firewall is now a ZTNA Gateway
• Every form-factor supported
• XGS Series
• Cloud
• Virtual/Software appliance
• Single Console Management via Sophos
Central

Zero Touch - Zero Trust

Sophos Confidential
 Synchronized Security – Cross-Product Automation

Instantly Identify Threats

 Whether the threat is first detected by the firewall or the
endpoint, the health status (or Heartbeat status) is shared
Synchronized Security across Sophos products and clearly identifies the source of
the threat
24/7 threat monitoring,
investigation, and response Automated Response
 The firewall, wireless access points, and ZTNA all
automatically respond to a compromised host by limiting
access according to policy

More than Just Threat Response

Full-scale incident response  Synchronized Security is also used between Endpoint and
performed in minutes Firewall to share important information about unknown
applications for application control and routing

15
Active Threat Response
Synchronized Security
Extended
Extensible Synchronized Security…
• To Sophos MDR / XDR Threat Hunting
• With Dynamic Threat Feeds
• And Third-Party Threat Feeds (Future)

The Same Automated Response

• Automatically blocks threats from
communicating out of the network
• Automatically coordinates with managed
endpoints to block traffic from compromised
hosts
• Automatically prevents lateral movement
• ZTNA prevents connections to applications
• Automatically restores all connectivity once
the threat is eradicated

Synchronized Security

Sophos Confidential
Sophos Central Cloud Management For All Your Sophos Products

Easy group firewall management that

replicates changes automatically
Easy point-and-click SD-WAN VPN
orchestration
Zero-touch deployment, firmware
update scheduling, and more
Sophos Firewall: XGS Series Appliance Portfolio

SMB AND BRANCH OFFICE DISTRIBUTED EDGE ENTERPRISE and CAMPUS EDGE

DESKTOP 1U RACKMOUNT 2U RACKMOUNT

XGS 87, 87w, 107, 107w XGS 2100, XGS 2300, XGS 3100, XGS 3300 XGS 5500
XGS 116, 116w, 126, 126w, 136, 136w XGS 4300, XGS 4500 XGS 6500
XGS 7500
XGS 8500
 Protection Subscriptions Xstream Standard Available
Protection Protection Separately

Base License (Stateful Firewall, Networking and SD-WAN, Wireless, VPN)

Network Protection (Xstream TLS, DPI, IPS, ATP, Security Heartbeat, SD-RED Management)

Web Protection (Xstream TLS, DPI, Web security and Control, Application Control)

Zero-Day Protection (Static ML-based and dynamic (sandboxing) file analysis, reporting)

Central Orchestration (SD-WAN Orchestration, Central Reporting Adv (30-day), MTR/XDR)

Enhanced support (24x7 phone/email support, Advance RMA, required for firmware updates)

Sophos Central Email Advanced (Sophos Central antispam, AV, DLP, encryption)

Firewall Email Protection (on-box antispam, AV, DLP, encryption)

Firewall Web Server Protection (web application firewall)

Sophos Central Reporting Advanced (additional longer-term storage)

Enhanced Plus Support Upgrade (VIP support, warranty for add-ons, TAM option)

Additional options are available for MSPs

19
 What’s New in SFOS v20
Automated Threat Response Network Scalability and Resiliency Remote Worker Protection
Integration with Sophos MDR and XDR to stop active adversaries Networking enhancements for distributed enterprises Enabling new SASE (secure access service edge) capabilities

Active Threat Response (ATR) IPv6 ZTNA Gateway Integration

Automatically blocks traffic related to dynamic Several enhancements to IPv6 support including A Sophos ZTNA gateway is now integrated with
threat feeds to shut-down any new active threats on DHCPv6 and BGPv6 routing that enable improved Sophos Firewall to enable easy and secure remote
the network IPv6 interoperability and IPv6 Ready certification access to on-premise applications

Dynamic Threat Feeds 3rd Party SD-WAN Integration

A new source of threat intelligence that the firewall SD-WAN
Enables smooth and easy traffic on-ramping to
uses to automatically block threat related traffic. Improved scalability for SD-WAN deployments
CloudFlare’s, Akamai’s or Azure’s high-
The first threat feed support is for Sophos MDR, with support for up to 1024 profiles and 3072
performance global backbone network.
with future support for 3rd party threat feeds to gateways.
follow
Synchronized Security IoC Telemetry Site-to-Site VPN Sophos DNS Protection
Any Sophos managed endpoint attempting to Several enhancements to VPN including IPsec A new domain name system resolution service with
communicate with a host blocked by ATR will be connection stateful HA failover, SNMP status compliance and security features that is fully
queried using Synchronized Security for insights visibility, and FQDN support for SSL VPN. supported by Sophos Firewall is available for early
access.

Streamlined Management
Making complex network management easier than ever

Object Reference Lookup Azure AD Single Sign On Network Interface Enable/Disable

To quickly identify where network objects are used Adding easy user authentication on the captive portal Quickly and easily disable or enable interfaces on
in rules and policies and new group import options for group policies the firewall without losing configuration

And more!
 Sophos Firewall
Much more than a firewall
Services | Solutions | SASE

Automatic response to threats

Work from anywhere – safely and securely
Powerful Protection and Performance
Managed through a single console
 Sophos ZTNA
(Secure Application Access)

Sophos Confidential
 Sophos Zero Trust Network Access (ZTNA)
No Agent – or Single Agent - Integrated with Intercept X
 Single light-weight endpoint agent for both ZTNA and next-gen
endpoint protection on Windows and Mac
 No agent required for web-based applications (browser access)
 Synchronized Security health status is shared between Intercept X,
ZTNA, Firewalls, and MDR/XDR

Single Console Management – Sophos Central

 Manage ZTNA, Endpoints, Firewalls (and other products) all from
Sophos Central
 No added management consoles for ZTNA

Single Vendor
 Simpler licensing, no hidden costs
 Gateways are free – as many as you need
 Easier support

23
Sophos ZTNA

SOPHOS CENTRAL

CLOUD APPLICATIONS

DATA CENTER APPLICATIONS

SINGLE AGENT ZERO TRUST as a SERVICE

Or Agentless Multi-tenant
Simple-deployment SIMPLE LICENSING
Per-user, No tiers, No GW license

Single Agent | Single Console | Single Vendor

Sophos Confidential
Transparent Secure Zero Trust Application Access

LOGIN ANYWHERE
USING REGULAR
CREDENTIALS

VERIFY IDENTITY
AND DEVICE HEALTH

ACCESS APPLICATION
Sophos ZTNA

ZTNA Agent Sophos ZTNA ZTNA Connectors or Gateways

Integrated with Intercept X Managed from Sophos Central Run on popular Virtual/Cloud platforms
Windows or macOS Simple per-user license (VMware, Hyper-V, AWS)
No agent required for web apps Free – No Charge
Sophos Switch and Wireless
(LAN Connectivity)
 Sophos Switch

Flexible Connectivity
 8, 24, and 48 port models with 1GE or 2.5GE

Power Over Ethernet

 Provides power and connectivity over a single cable for
devices like wireless access points, security cameras, etc.
 Greatly simplifies cable management and makes wireless
deployments much easier

Single Console Management - Sophos Central

 Manage all your network security from Sophos Central
 Can also be managed locally or via CLI, if desired
 Granular controls over switch features and capabilities

28
Flexible Deployment Options

SOPHOS SWITCH INTERNET

SWITCH

Firewall
LAN Connectivity FIREWALLS
Workstations | Wireless | Servers
Switch
Connecting Firewalls
in High Availability

Segmenting Networks
to reduce risk of lateral movement LAN

Typical Small Office Solution

Sophos Confidential
29
Flexible Deployment Options

INTERNET
SOPHOS SWITCH SWITCH

Switch
FIREWALLS
LAN Connectivity
Workstations | Wireless | Servers
Firewall SWITCHES
Firewall

Connecting Firewalls
in High Availability Switch Switch

Segmenting Networks
to reduce risk of lateral movement
LAN DMZ

High Availability and Segmentation Example

Sophos Confidential
30
 Sophos Switch Models
8-Port Switches 24-Port Switches 48-Port Switches
Sophos Switch – 100 Series

CS110-48
CS101-8 CS110-24 Ports: 48 x 1GE, 4 x SFP+
Ports: 8 x 1GE, 2 x SFP Ports: 24 x 1GE, 4 x SFP+ Power over Ethernet: No
Power over Ethernet: No Power over Ethernet: No

CS110-48P
Ports: 48 x 1GE, 4 x SFP+
Power over Ethernet: 802.3af/at (410W)
CS101-8FP CS110-24FP
Ports: 8 x 1GE, 2 x SFP Ports: 24 x 1GE, 4 x SFP+
Power over Ethernet: 802.3af/at (110W) Power over Ethernet: 802.3af/at (410W)
CS110-48FP
Ports: 48 x 1GE, 4 x SFP+
Power over Ethernet: 802.3af/at (740W)

Sophos Switch – 200 Series

CS210-8FP CS210-24FP CS210-48FP

Ports: 8 x 2.5GE, 4 x SFP+ Ports: 16 x 1GE, 8 x 2.5GE, 4 x SFP+ Ports: 32 x 1GE, 16 x 2.5GE, 4 x SFP+
Power over Ethernet: 802.3af/at/bt (240W) Power over Ethernet: 802.3af/at (410W) Power over Ethernet: 802.3af/at (740W)

Sophos Confidential
 Sophos Wireless
Simple and Scalable
 Simple three-step setup in Sophos Central
 Uses the scalability of the cloud to grow with you as you
extend your network

Synchronized Security
 APX access points integrate with Intercept X and Sophos
Mobile for device compliance
 Unhealthy or non-compliant devices can be denied access
to sensitive wireless networks

Single Console Management - Sophos Central

 Simple setup, management, troubleshooting, and
diagnostics

32
New AP6 Series – Model Overview

AP6 420 AP6 420E AP6 840 AP6 840E AP6 420X

Dual Radio Tri-Radio Dual Radio Tri-Radio Dual Radio

2.4 GHz, 5 GHz 2.4 GHz, 5 GHz, 6 GHz 2.4 GHz, 5 GHz 2.4 GHz, 5 GHz, 6 GHz 2.4 GHz, 5 GHz
2x2:2 2x2:2 4x4:4 4x4:4 2x2:2

1G interface 2.5G interface 2.5G interface 2 x 2.5G interface 2.5G interface

802.3at/PoE+ 802.3at/PoE+ 802.3at/PoE+ 802.3bt/PoE++ 802.3at/PoE+

Indoor Outdoor
Sophos APX Series
Models to Suit Many Scenarios

APX 120 APX 320 APX 530 APX 740 APX 320X
2x2:2 Dual radio 2x2:2 Dual radio 3x3:3 Dual radio 4x4:4 Dual radio IP 67 Rated
2x2:2 Dual 5 GHz 2x2:2 Dual radio
Dual 5 GHz*

INDOOR Indoor OUTDOOR Outdoor

*Regional restrictions may apply
 Sophos SD-RED
(SD-WAN Remote Ethernet Device)

Sophos Confidential
 Sophos SD-RED

Affordable
 More affordable than small firewalls since there’s no
recurring license for each SD-RED - only requires a
Network Protection license on the main firewall for
management.

Zero-Touch Deployment
 Drop-ship to remote locations and it will automatically
connect back to the Sophos Firewall once plugged in
 Set and forget – it becomes an extension of the firewall
 Managed from Sophos Firewall

Robust and Dependable

 Uses a light-weight but robust VPN tunnel connection that
has proven to work in the most demanding and hostile
environments
36
Distributed Organizations Need SD-RED
SD-RED extends the network via a secure VPN Tunnel to any location or device…

Unlimited Applications
RETAIL BIOGAS CONSTRUCTION TURBINES EMERGENCY

HOMES CCTV TRANSIT OBSERVATORIES SHIPS

Sophos Confidential
Sophos SD-RED

SD-RED 20 SD-RED 60
250 Mbps 850 Mbps
Four LAN Ports Four LAN Ports
Single WAN Port Dual WAN Ports
Expansion Slot 2 PoE Ports
(Optional Wi-Fi or 3G/4G) Expansion Slot
(Optional Wi-Fi or 3G/4G)
Synchronized Security
 Synchronized Security – Cross-Product Automation

Instantly Identify Threats

 Whether the threat is first detected by the firewall or the
endpoint, the health status (or Heartbeat status) is shared
Synchronized Security across Sophos products and clearly identifies the source of
the threat
24/7 threat monitoring,
investigation, and response Automated Response
 The firewall, wireless access points, and ZTNA all
automatically respond to a compromised host by limiting
access according to policy

More than Just Threat Response

Full-scale incident response  Synchronized Security is also used between Endpoint and
performed in minutes Firewall to share important information about unknown
applications for application control and routing

40
Active Threat Response
Synchronized Security
Extended
Extensible Synchronized Security…
• To Sophos MDR / XDR Threat Hunting
• With Dynamic Threat Feeds
• And Third-Party Threat Feeds (Future)

The Same Automated Response

• Automatically blocks threats from
communicating out of the network
• Automatically coordinates with managed
endpoints to block traffic from compromised
hosts
• Automatically prevents lateral movement
• ZTNA prevents connections to applications
• Automatically restores all connectivity once
the threat is eradicated

Synchronized Security

Sophos Confidential
Summary
 Sophos Network Security – Our Value Proposition

SOPHOS NETWORK SECURITY Full suite of products - uniquely integrated

Solving today’s top problems
with Network Security Works with what you have – extensible and scalable

The best protection and performance at every price

Unmatched visibility, protection, and response

Making complex network management easy

43
Accolades for Sophos Network Security
“Sophos Firewall has been a major security
gateway for us. It is our first line of defense
against any outside attacks and it is as useful
and compatible with our ICT infrastructure as
ever.”
Customer review from Gartner Peer Insights

“Sophos Firewall is an enterprise-class

product priced better than the competition.”
Customer review from Gartner Peer Insights

“The Sophos Firewall is my go-to

recommendation for network security since it
is a strong and all-encompassing solution that
thoroughly filters each message and more
effectively detects each access to discover the
underlying reason and causative agent.”
Customer review from Gartner Peer Insights

Sophos Confidential
 Among the Top-Rated Vendors
for the second consecutive year…
Network Firewalls
4.7/5
Gartner® and Peer Insights™ are trademarks of Gartner, Inc. and/or its affiliates. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users
based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor,
product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of
merchantability or fitness for a particular purpose.​

45
 Firewall Customer Reviews : A Leader in G2 Ratings
Sophos

Check Point
Fortinet

SonicWall

Palo Alto Networks

WatchGuard
pfSense
Sophos Firewall is a Leader in the Overall,
Zscaler
Mid Market, and SMB segments

Market Presence
Huawei
Azure Firewall
Juniper
Cisco Palo Alto Networks
Rated the Top Vendor in the 2023 G2
Forcepoint Cisco Check Point Grid® for Network Firewalls
Barracuda Arista
Fortinet
Comodo Avast

2023 G2 Grid® for Firewall Software - Overall

Check Point
GlassWire
CrowdSec

Satisfaction

46