Sophos’ new feature offers protection vs malware
For decades, conventional wisdom in information security asserts that an array of excellent products at the endpoint and the network brings the best defense against any intrusion, especially virus attack.
It appears to be a logical strategy except for the equally obvious challenge of managing complexity at two points in an enterprise.
In a recent event at the Marriot Hotel Manila, Sophos, a global leader in endpoint and network security, launched Sophos Central which is a major element of the UK-based company’s synchronized security strategy to enable multiple security products to work together seamlessly with simpler administration and enhanced security.
Sophos Central simplifies the management of various Sophos products leading to a more efficient business management for Sophos partners.
In an exclusive interview, Justin Peters, Technology Solutions director for Asia-Pacific of Sophos, said, “Through synchronized security, we connect the endpoint and network security solutions so they can exchange information between them.
The two points detect and protect against any threat and since they can detect and investigate the threat, they can also automatically remediate the threat. Without synchronized security, the endpoint and the network don’t communicate to each other. They don’t coordinate and work together to address any inbound or internal threats. They are therefore typically blind to what’s happening on either end.
The Sophos security heartbeat is the missing link that synchronizes the endpoint and the network. Peters calls it “the glue” that ties the two security points. It is the communication channel through which the protection points coordinate and collaborate with each other.
With the heartbeat, an endpoint continuously advises and shares its health status with the network firewall in real time. If the firewall detects suspicious traffic or the endpoint identifies malware, the heartbeat allows the threat information to be shared securely between the two points.
The firewall can then use the information to deny or restrict access to and from the affected device while endpoint protection solutions can remediate the threat. It’s an automatic response, mitigating risks and preventing data loss instantaneously without admin intervention.
Synchronized security is a particularly relevant and appropriate response with the release of even more vicious viruses such as ransomware.
Independent research disclosed that synchronized security makes it easier and faster to recover infected systems. Without Sophos’ integrated strategy, it will take a minimum of two hours to restore a Windows machine to its original state. With synchronized security, cleaning the same machine of vulnerabilities will take only eight seconds, Sophos claims.
To avail of these benefits of synchronized security, a customer has to purchase first the Sophos central management endpoint and the network security firewall device. They can then be connected through Sophos Central to create synchronized security that enables Sophos products to communicate to each other.