Post on 15-Apr-2017
1
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
2
Agenda
• Introduction• Category 1• Category 2• Calculating category 2 funding• How to get started• Sophos overview
3
44
55
66
77
88
99
1010
1111
Sophos Firewalls and Wireless
12
Components available via E-Rate
1) FIREWALL HARDWARE
2) NETWORK PROTECTION – IPS, Pattern updates, DoS/Flood Protection, SSL VPN and remote access, Advanced Routing, WAN Load-Balancing, and Detailed Network Protection Reporting.
3) WIRELESS – Sophos Firewall is the wireless controller. Add wireless APs for coverage. Configure security policies specific to each Zone.
4) SUPPORT – 24/7/365 Support
13
Comprehensive Next-Gen Network
SOPHOS FIREWALLOPERATING SYSTEM
Web Filtering
IntrusionPrevention
SystemRouting
EmailSecurit
y
SecurityHeartbeat
SelectiveSandbox
ApplicationControl
Data LossPrevention
ATPDetectionProxy
ThreatEngine
Firewall
14
Fresh New User Experience
• A fresh ground-up design approach to user interface, navigation, and data presentation that’s engaging and useful
15
Drill-down for DeeperInformation
• Each widget in the control center can be clicked to reveal more in-depth information and quick access to related tools
16
Security Heartbeat
• Accelerates the detection of advanced threats, positively identifies the systems and processes, and automatically respond to isolate infected systems
17
Contextual Documentation
• Provides documentation and visual cues directly in the navigation structure to remind users what that area of the product does
18
Extensive UX Research and DesignMore friendly, inviting, and useful
Fresh New User Experience
• A fresh ground-up design approach to user interface, navigation, and data presentation that’s engaging and useful
19
Built-in DiscoveryLearn-as-you-go with context-aware documentation and visual reminders
Contextual Documentation
• Provides documentation and visual cues directly in the navigation structure to remind users what that area of the product does
20
Built-in Policy TemplatesFor common business applications like Exchange/Mail, SharePoint, Lync, etc.
Business Application Policy Templates
• Provide access to business application servers or services quickly and easily
• Common templates include Exchange, SharePoint, Lync, and others TBD
21
Built for Real PeoplePlain language policy descriptions
Policy in Plain Language
• System automatically generates plain-English description of the policy in real-time as options are selected.
22
Easy evaluation using Discover Mode and Bridge ModeTwo options to produce a comprehensive Security Audit Report
Protected Network
Existing FirewallDiscover Mode
Existing Switch
Mirror Port
Discover Mode – TAP /Mirror• No disruptive changes to the
network• Mirrors traffic through
UTM/NGFW• Monitor only, no enforcement• Visibility (no enforcement) into:
• User Behavior• User-App Risks & Usage• Web Risks & Usage• Intrusion Attacks & ATP
• Client Insights (Heartbeat), Virus, VPN coming post v1
Evaluation using Bridge Mode• Offers extended reporting
insight including Heartbeat• Allows optional policy
enforcement• Traffic is passing through
UTM/NGFW
Bridge Mode
Security Audit Report
Discover Mode
23
Security HeartbeatNetwork and Endpoint share heartbeat and context to work better together
Endpoints
SG Firewall
Server
InternetCompliant
PartiallyCompliant
Non-Compliant
Non-Compliant
Non-compliantEndpoints blockedfrom network andidentified
Partially-compliantEndpoints blockedfrom servers andidentified
1. ATP detects and blocks suspect C&C connection
2. Context requested from Endpoint
3. Connection context provided (user, process, etc.)
4. Admin notified about ATP event including context
Heartbeat & Context
• Devices on the network share heartbeat and context
• Firewall enforces access policy based on level of compliance
• Firewall requests context from Endpoints in the event of suspicious network traffic
• Two products work better together to provide enhanced protection and improve response times to incidents
Access Control
Advanced Threat ProtectionSuspect
Endpoint SG Firewall
24
User Threat QuotientIdentifying potential security issues before they become problems
Risk Meter displays average threat score for the selected user, and compared to other users.
User Risk Analysis
• Behavior-based analysis of• Web behavior • ATP triggers
• Ranks users• Identifies top risks• Enables quick and easy
• policy changes • Broad-based or
individual education• Targeted
intervention
User Risk Quotient Graph (Low, Medium, High-risk)
with pop-over and drill-down options
25
HardwareAppliance SG 85 + w SG 105 /
115 + wSG 125 / 135 + w
SG 210 / 230
SG 310 / 330
SG 430 / 450 SG 550 SG 650 SG 750
Category Small Desktop
SmallDesktop
SmallDesktop
MediumMidrange
1U
MediumMidrange
1U
MediumMidrange
1U
LargeHigh-end
2U
LargeHigh-end
2U
Large High-end
2UNetwork Ports (standard)
4 4 8 6 6 & 2 SFP 8 (FleXi Port)
8 (FleXi Port)
8 (FleXi Port)
8 (FleXi Port)
FleXi Port Expansion Bays
n/a n/a n/a 1 1 3 3 4 6
Redundancy n/a n/a n/a n/a n/a
2 SSD (RAID) &
2nd hot-swap power
optional (SG 450 only)
2 hot-swapSSD (RAID)2 hot-swap
power supplies
2 hot-swapSSD (RAID)2 hot-swap
power supplies
2 hot-swapSSD (RAID)2 hot-swap
power supplies
Software Appliance
Runs on dedicated Intel compatible PCs and servers and within virtual environments like VMware, Citrix, Hyper-V, KVM and other virtual
environments
SG Series ModelsComing Soon Coming Soon
26
• Full central policy management and health monitoring
• Available in Cloud, HW & virtual• SFM 15, 50 & 100 models• Template-based configuration• Free for partners
• Consolidate reporting across UTM v9 & Copernicus firewalls
• In place upgrade to iView 1• >1000 reports and custom views • Available as virtual appliance• Compliance reporting for HIPAA,
PCI DSS, GLBA, and SOX
Central Management
Sophos iView 2 Central ManagementOn prem & Cloud
2727
Switch to Sophos Cloud Endpoint too…Endpoint Protection is already a part of your network. Get better security with Sophos Firewalls and Sophos Endpoint Security.
28
Security is more effective as a systemNew possibilities through technology cooperation
Security can be made simplePlatform, deployment, licensing, user experience
Security must be comprehensiveThe capabilities required to fully satisfy customer need
Integrated technology that enables Context-Aware security
Next Gen Endpoint
Next Gen Network Security
Cloud Managed
Server Lockdown
What we believe
Sophos Confidential
Sophos Product Strategy
29
SOPHOS SYSTEMPROTECTOR
Sophos Cloud
Improved Threat Detection – USE CASE
heartbeat
SOPHOS FIREWALLOPERATING SYSTEM
ApplicationTracking
Threat Engine
Application Control Reputation
EmulatorHIPS/
Runtime Protection
DeviceControl
MaliciousTraffic
Detection
Web Protection
IoCCollector
Live Protection
SecurityHeartbeat™
Web Filtering
IntrusionPrevention
SystemRouting Email
Security
SecurityHeartbeat™
SelectiveSandbox
ApplicationControl
Data LossPrevention
ATPDetectionProxy
ThreatEngine
Lockdown local network accessRemove file encryption keysTerminate/remove malwareIdentify & clean other infected systems
User | System | File
Compromise
Firewall
3030
Remember to request Firewall Hardware, Network Protection, Wireless Software, Wireless APs and Support on your next E-Rate submission.
Contact Pine Cove Consulting for help scoping Sophos Solutions or any other E-Rate related questions bvancleeve@pinecc.com
31© Sophos Ltd. All rights reserved.