A Synchronized Approach to Network and Endpoint Threat Intel

Written by

Organizations of every size know they need endpoint security and network security – they are two foundational pillars of any IT security strategy. But they have traditionally remained in separate, siloed systems.

Sophos is looking to change that with a synchronized security protection approach that takes a fresh view of how threat intel can be used.

It works like this: The Sophos Security Heartbeat capability links the Sophos XG series next-generation firewalls and unified threat management (UTM) systems with endpoint security, to create an all-in-one view of the corporate network environment. By giving these traditionally independent products the ability to directly share intelligence, the Security Heartbeat can instantly trigger a response to stop or help control a malware outbreak or data breach as it happens.

Essentially, the Sophos XG Firewall uses data provided by Sophos endpoint protection to isolate and restrict access to and from the affected device, and in parallel, the endpoint protection can remediate the attack.

“No other company is close to delivering this type of synchronized and integrated communication between endpoint and network security products,” said Christian Christiansen, vice president of security products at IDC. “For the midmarket, the time and resource savings will be very compelling as their ability to stay ahead of increasingly sophisticated threats with today’s products will only become more challenging.”

Aside from the holistic awareness that it supports, there’s also a manageability benefit. The offering eliminates the need for additional agents, layers of complex management tools, or maintaining separate logging and analysis tools or expense.

“For too long, these two product segments simply didn’t communicate with each other – they were independent and isolated silos, which limited their effectiveness and their manageability,” said Kris Hagerman, CEO at Sophos. “Only Sophos links leading network security technology with leading endpoint security technology together in a coordinated and integrated approach. This is synchronized security that delivers both better protection – and better manageability – for organizations of any size.”

Jon Oltsik, senior analyst at ESG, viewed tests of the Sophos XG Firewall with a Sophos protected endpoint. “I have seen how the information passed in the security Heartbeat can reduce the risk to a business by increasing the speed of detection and response,” he said. “It is not just management interface integration; the two products share valuable information making each one more effective and efficient. For companies who do not have the luxury of extensive in-house security teams, this new approach can help bolster productivity while streamlining security operations.”

Customers are already putting the system into place. Timothy Speakman, system administrator at Sophos customer Contra Costa Health Services, said that because the XG Firewall integrates the network with the endpoint, it saves the amount of time it typically takes to research threats, act on them and actively manage security for the entire organization. Kerrigan Addicott-Case, system administrator at Office Information Systems, added, “We are extremely excited about the Sophos product roadmap. The Security Heartbeat feature within the XG Firewall is remarkable. This new technology is one of the most interesting features on the market, and we look forward to where this will take us.”

What’s hot on Infosecurity Magazine?