Sophos Launches Xstream

1 April 2020 IT infrastructure

Sophos has introduced a new ‘Xstream’ architecture for Sophos XG Firewall with high performance Transport Layer Security (TLS) traffic decryption capabilities that eliminate significant security risk associated with encrypted network traffic, which is often overlooked by security teams due to performance and complexity concerns. XG Firewall now also features AI-enhanced threat analysis from SophosLabs and accelerated application performance.

The SophosLabs Uncut article, ‘Nearly a quarter of malware now communicates using TLS’, explains how 23% of malware families use encrypted communication for Command and Control (C2) or installation. The article details, for example, three common and ever-present Trojans – Trickbot, IcedID and Dridex – that leverage TLS during the course of their attacks. Cybercriminals also use TLS to hide their exploits, payloads and stolen content and to avoid detection. In fact, 44% of prevalent information thieves use encryption to sneak hijacked data, including bank and financial account passwords and other sensitive credentials, out of organisations.

“As SophosLabs’ research demonstrates, cybercriminals are boldly embracing encryption in an attempt to bypass security products. Unfortunately, most firewalls lack scalable TLS crypto capabilities and are unable to inspect encrypted traffic without causing applications to break or degrade network performance,” said Dan Schiappa, chief product officer at Sophos. “With the new Xstream architecture in XG Firewall, Sophos is providing critical visibility into an enormous blind spot while eliminating frustrating latency and compatibility issues with full support for the latest TLS 1.3 standard. Sophos’ internal benchmark tests have clocked a two-fold performance boost in the new XG TLS inspection engine as compared to previous XG versions.”

Latency too often deters IT admins from using decryption, as seen in an independent Sophos survey of 3100 IT managers in 12 countries. The survey white paper, The Achilles Heel of Next-Gen Firewalls, reports that while 82% of respondents agreed TLS inspection is necessary, only 3.5% of organisations are decrypting their traffic to properly inspect it.

Key new features of XG Firewall include:

• Inspection of TLS 1.3 to detect cloaked malware: New port-agnostic TLS engine doubles crypto operation performance over previous XG versions.

• Optimised critical application performance: New FastPath policy controls accelerate performance of SD-WAN applications and traffic, including Voice over IP, SaaS and others, to up to wire speed.

• Adaptive traffic scanning: The newly enhanced Deep Packet Inspection (DPI) engine dynamically risk-assesses traffic streams and matches them to the appropriate threat scanning level, enhancing throughput by up to 33% across most network environments.

• Threat analysis with SophosLabs intelligence: Provides network administrators with the SophosLabs AI-enhanced threat analysis needed to understand and adjust defences to protect against a constantly changing threat landscape.

• Comprehensive cloud management and reporting in Sophos Central: Centralised management and reporting capabilities in Sophos Central provide customers with group firewall management and flexible cloud reporting across an entire estate without additional charge.

• Integration with Sophos Managed Threat Response (MTR) service: Customers of XG Firewall who also subscribe to the Sophos MTR Advanced service will have deeper actionable intelligence to prevent, detect and respond to threats, as a result of the integration.

Watch the video, TLS Encryption Explained (https://vimeo.com/392040023), to see how attackers are using TLS encryption to commit cybercrime https://vimeo.com/392040023




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Integrated facilities management solutions
Issue 2 2021 , IT infrastructure
Tsebo Facilities Solutions provides a smart remote monitoring solution that will increase efficiency and, most importantly, mitigate risk.

Read more...
Creating hyper-aware industrial facilities
Issue 2 2021 , IT infrastructure
Jacob Chacko expands on what a cognisant industrial site is and why edge technology and the Industrial Internet of Things (IIoT) are relevant to it as well as hyper-aware industrial facilities.

Read more...
Cisco and AMD improve performance, security and hybrid cloud operations
Issue 2 2021 , IT infrastructure
Cisco has announced?an expanded engagement with AMD?to help businesses?accelerate advanced digital experiences?and improve hybrid cloud operations

Read more...
GJD unveils new Network Bridge product
Issue 2 2021 , IT infrastructure
GJD has announced the launch of its new Network Bridge, designed to easily connect GJD IP devices with third-party video management software and network compatible products, including Avigilon and other proprietary CCTV systems.

Read more...
Backup servers with free Altaro software
Issue 2 2021 , IT infrastructure
Altaro Physical Server Backup enables you to easily restore a physical server on your network and access it on your existing virtual environment, as a virtual disk or fully functional virtual machine.

Read more...
Vehicle-to-office connectivity
Issue 2 2021 , IT infrastructure, Mining (Industry)
A large coal and heavy minerals mining company in South Africa is rolling out a mine-wide wireless digital connectivity networking solution that interconnects the various employees’ mobile devices to monitoring systems on vehicles, mining equipment and conveyor belts throughout the mine.

Read more...
Introducing Video Storage Solutions
Issue 1 2021 , Integrated Solutions, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Video Storage Solutions (VSS) was formed with the single objective of providing system integrators who are part of the Milestone Community with verified video recording and storage appliances. VSS is distributed in South Africa by First Distribution.

Read more...
Used electronics present security concerns
Issue 1 2021 , IT infrastructure
Employers have a legal obligation to clean old IT devices professionally and ensure that all data is erased from them prior to decommissioning and disposal or redistribution.

Read more...
CAPEX vs OPEX
Issue 1 2021 , IT infrastructure
With the rapidly accelerating pace of digital transformation last year, many organisations were forced to invest in data storage infrastructure, however, these businesses often face the dilemma of whether to opt for a solution acquired as a capital expense or operating expense.

Read more...
How technology enables better healthcare
Issue 1 2021 , IT infrastructure
With the need for digital acceleration to support the healthcare landscape since the onset of the COVID-19 global pandemic, technology has played a critical role to improve the standards of patient healthcare and enable health workers.

Read more...