Sophos utm-roadshow-south africa-2012

download Sophos utm-roadshow-south africa-2012

If you can't read please download the document

  • date post

  • Category


  • view

  • download


Embed Size (px)



Transcript of Sophos utm-roadshow-south africa-2012


UTM meets EndpointDu Preez van WykNetXactics Sales Consultant

1Market response4Praise for our latest innovations

Best of Interop 2010 FinalistRecognizes exhibitors that have made significant technological advancements in specific category areas.

SC Magazine - Best SME Security Solution 2010Very responsive and strong appliance. Contains all the necessary security and content management features.

SC Magazine - 5 Star Rating"A great product at a highly competitive price. Overall a great value for the money."

WINMAG Pro - MKB Best Choice For platform flexibility, the amount of features available and ease of use.

VAR Business 2009 Partner Program Guide - 5 Star RatingAnalyzed were 130 vendor programs in elements like sales and marketing support, partner profitability and channel operations.

Business Solutions Magazine - Best Channel VendorBased on surveys of Value Added Resellers.

Astaro 2008Astaro Overview Page 4Astaro has won numerous industry awards.

Technology and innovation is key in our market. The threat scenarios becoming more and more complex. A security solution needs to be simple and easy to manage. The technology needs to reduce the complexity and not increase it. Our aim is to de-mystify IT Security and educate the market on the issues as well as on the solutions.TOLLY Up-to-Spec CertifiedCertificated by an independent test lab.

IPv6 ReadyCertificated by an independent test lab.

FSTEKCertfication of products for information security required by the Russian government. Product certifications5Approved security

VMware ReadyRecognizes solutions that are interoperable and optimized for VMware platforms.

ICSA Labs Firewall CertificationSecurity industry's central authority for research, intelligence, and certification testing of products.

Common Criteria EAL 4+First Unified Threat Management appliance to receive the coveted Common Criteria certification.The Astaro Security Gateway has received many important certifications:

- VMware Ready- ICSA Common Criteria Tolly

Astaro 2008Astaro Overview Page 5Network Security references6Satisfied customers

As you can see different businesses trust the protection of Astaro. You find global brands as well as thousands of mid size companies6Unified Threat ManagementCrackers Botnets Spam Phishing Scam Hoax Viruses Spyware Gray ware Intrusions Denial of Service Distributed Denial of Service Ping floods Eavesdropper Script Kiddies Espionage Malware Root kits Adware P2P File sharing Trojans Spit Bots Backdoors Buffer Overflows Hackers Malcode Bugs Key loggers Crime ware Pharming Competitors Identity theft Exploits DNS poisoning Snarf attacks Spam bots Spy bots Trap doors War driving Ransomware ASCII bombs Bluesnarfing Worms Decrypting Reverse engineering Phreaking Port ScanningInternet threats on the increase8

8The different threat scenarios for a company's IT infrastructure has heavily evolved over the past 10 years, to the point where new technology updates are constantly required for sufficient protection. This is partly due to the continuous increase in complexity of the IT landscape. The threats themselves are also rapidly evolving and can often only be fought through a combination of different technologies. CostTime InvestmentNetwork security solutions today9Router



SSL VPN Gateway

Email/Spam Filter

Anti Virus Filter

Web Filter

WAN Link Balancer

Load Balancer


Lets first have a look into the challenges of deploying Network Solutions today. This is the focus of the Astaro Network Security group as of today. At the end well give a future outlook of how we are going to address the additional challenges of managing endpoint security and mobile control products.

The number and complexity of the tools, which are required for providing complete IT security is on the rise. Firewalls and VPN gateways no longer provide sufficient protection. The use of Intrusion Detection and Prevention Systems (IPS) has become a mandatory asset and the demand for tools which check e-mails and web downloads for dangerous content such as spam, viruses, spyware, phishing is also on the rise.

With every additional tool employed in your IT security infrastructure, the costs, expenditure of time for installation, training and maintenance will also increase.

As a result, many company's today cannot cover this requirement.RoadwarriorModern IT-Security challenges (1)10Protect internet communication with office computers and servers

InternetCentral office

Branch office


Network SecurityOne of the biggest challenges for every organization is to protect their office computers and servers while communicating with the internet. There are many solutions available offering various types of Network Security to keep your network infrastructure safe and to securely connect branch offices and roadwarriors via VPN tunnels. Typically those solutions are deployed as gateway products at the perimeter of the network, for instance as Firewalls, VPN gateways, Intrusion Protection Systems, Email- and Web Filter. All of those are required and need to be managed by an organization.10

Modern IT-security challenges (2)11Protect communication with endpoints and endpoints itself

InternetCentral officeRoadwarrior

Branch office

Mobile user

Endpoint Security & Mobile ControlHowever more and more users are now using mobile (even private) devices to access the corporate network and it gets ever easier to transfer data between computers through USB-sticks, CD-ROMs or wireless connections. Hence new challenges arise as these data circumvent the security measures of the gateway. Therefore organizations are forced to install and manage additional security products for Endpoint Security and Mobile Control 11Sophos UTM v9 Unified threat management appliances


Our all-in-one approach13Complete protection for your network Central, browser-basedmanagement & reporting of all applications

VPN & wirelessextensions

Software Appliance

Flexible DeploymentVirtual Appliance

Integration of complete email, web& network protectionNetworking features for high availability and load balancing

Endpoint Security& Mobile Control

UTM v9 Astaro 2008Astaro Overview Page 13Through the Astaro Security Gateway (ASG) family, we are able to provide an integrated complete solution for e-mail, web and network security.

The browser-based management interface allows for easy configuration of all functions with just a few mouse-clicks - also without vast knowledge of technical IT know-how. The Astaro Command Center enables a central establishment and overview for larger and more wide-spread installations of up to hundreds of Astaro Security Gateways.

ASG provides the same functions on all appliance models: hardware, software and virtual, allowing for more flexible deployment scenarios.

The Gateways are supported by tools which help extend your functionality for smooth daily business operations:

Astaro RED offers complete and centrally administered VPN connectivity and UTM security for remote offices and can be configured in minutes - without the need of local IT personnel.

With Astaro Wireless Security, you are able to easily connect our Access Point devices with your ASG's security features.

Astaro VPN Clients provide mobile employees with secure and easy to administer remote access to the corporate network.

The Astaro Smart Installer is a bootable USB device, with which you are able to easily install the latest version of Astaro Security Gateway software.

Networking features such as high-availability (HA), clustering, server and WAN link balancing provide constant reliability and scalability for your deployment, usually available only to enterprise solutions.

Endpoint Security & Mobile Control are future options for protecting communication and data directly at the endpoint

Device ControlAntiVirus Endpoint Protection

optionalSecurity features14Enterprise-class security for small and mid-size businessesWireless Controller forAstaro Access PointsMulti-Zone (SSID) supportCaptive Portal/Voucher Wireless Protection

optionalURL FilterAntivirus & AntispywareApplication ControlWeb Protection

optionaloptionalReverse ProxyWeb Application FirewallAntivirusWeb Server Protection

Anti Spam & PhishingDual Virus ProtectionE-Mail EncryptionMail Protection

optionalStateful FirewallNetwork Address TranslationPPTP/L2TP Remote Access

Essential Firewall

Network Protection

optionalIPS incl. MAPPIPSec/SSL/RED VPNWAN Link BalancingSSL Portal (HTML5) Astaro 2008Astaro Overview Page 14For every Astaro Security Gateway, a free Essential Firewall license is available. This license provides the base functionality with fundamental security features activated for the protection of company networks. This basis can also be flexibly extended through optional subscriptions for Astaro Network, Web, Mail, Web Application and Wireless Security. You can also add an option for the Log Management service.

Many providers of UTM solutions list in their datasheets a large number of functions. Often enough however, certain product features are only rudimentarily implemented. For example, some manufacturers talk about spam protection when they only employ a single mechanism such as RBL lists. Effective spam protection is only reached however through a combination of different techniques, which are specialized in recognizing certain spam meth