Sophos Security made simple.

Sophos

Security made simple.

Fabio Baldassarre

Sales Engineer

[email protected] Cell: +39 3351294073

Sophos Snapshot

• Founded 1985 in Abingdon, UK

• $450+ million in FY15 billings

• Solid cash EBITDA margin (20%+) and

strong cash conversion

• 2,400 employees

• Over 200,000 customers

• 100+ million users

• 90%+ best in class renewal rates

• 15,000+ channel partners

• SophosLabs: one of world's leading

threat research laboratories

• “Channel first” go to market model

• Key OEM Partners: Cisco, IBM, Juniper,

Citrix, Lenovo, Rackspace

Evolution to complete security

Sophos History

1985 Founded in Abingdon (Oxford), UK Peter Lammer c1985 Jan Hruska c1985 2003 Divested non-core Cyber business Acquired DIALOGS Majority interest sold to Apax Partners Acquired Astaro 2011 2012 2013 2010 Acquired Utimaco Safeware AG 2008 1988 First checksum-based antivirus software 1989 First signature-based antivirus software 1991 Supplied security software to UK forces in 1st Gulf War 1996 US presence established in Boston Voted best small/medium sized company in UK Acquired ActiveState Awarded 3 Queen’s Awards for Enterprise, Innovation and International Trade 2014 Acquired Cyberoam 2002 TA Associates minority investment Acquired Mojave Networks

Magic quadrant for UTM Magic quadrant for endpoint _{protection platform} Magic quadrant for mobile _{data protection}

The only vendor in the leadership quadrants for UTM, endpoint protection and mobile data protection

Source: Gartner (September 2014) Source: Gartner (August 2014) _{Source: Gartner (January 2014)}

Challengers Leaders

Niche players Visionaries

Completeness of vision Microsoft

Center Tools

McAfee Check Point Software

Technologies Symantec Kaspersky Lab WinMagic Dell Digital Guardian Trend Micro Wave System Ab ili ty t o ex ecu te Challengers Leaders

Niche players Visionaries

Completeness of vision Microsoft Eset IBM Webroot F-Secure Bitdefender Symantec Kaspersky Lab Trend Micro LANDesk Ab ili ty t o ex ecu te Panda Security McAfee

Check Point Software Technologies Lumension Security Arkoon Network Security BeyondTrust ThreatTrack Security

Leading Provider of Enterprise IT Security Solutions

Challengers Leaders

Niche players Visionaries

Completeness of vision Cisco

Juniper Networks

Huawei

Check Point Software Technologies Cyberoam gateprotect Clavister Fortinet Dell WatchGuard Stormshield Ab ili ty t o ex ecu te Barracuda Networks Hillstone Networks Aker Security Solutions

Note: Gartner requires special permission for any use of any MQ slide. So this slide is for internal use only. If you’d like to use Gartner MQs in sales or marketing efforts, please use the full Gartner MQ reports. Sophos has purchased distribution rights for all the relevant MQ reports. Thank you.

10,000 Companies WW 20% of Sophos Billings 500,000 Companies WW 57% of Sophos Billings > 5,000 employees 100–5,000 employees

< 100 employees 20 million Companies WW

23% of Sophos Billings • Similar security threats as large enterprises • Limited IT security staff • Need security made simple

Small and mid-market enterprises and “Pragmatic Enterprises” of any size

0 1 3 8 50 0 10 20 30 40 50 60 100-499 Employees 500-999 Employees 1000-4,999 Employees 5000-19,999 Employees 20,000+ Employees Challenged by Complexity Limited by Resources

Most Enterprises Lack IT Security Staff

Average number of People in Organization Dedicated to IT Security

Email Data Endpoint Mobile Web Network

Complete security

Complete security

Email Data

Endpoint Web Mobile Network

Clean up Automation

Visibility Local self-help WiFi security

Keep people working

Technical support Access control

Intrusion prevention

Anti-malware User education Data Control

Stop attacks and breaches

Firewall Email encryption Virtualization Endpoint Web Protection Mobile Control Secure branch offices Encryption for cloud Live Protection Mobile app security Protect everywhere Web Application Firewall URL Filtering

Anti-spam Patch Manager

Application Control

Encryption Device Control

Project Galileo

~ Project Galileo ~

Technology Integration that Enables Context-Aware Security

Next Gen Endpoint

Next Gen Network Security

What We Believe:

Security must be comprehensive

The capabilities required to fully satisfy customer need

Security can be made simple

Platform, deployment, licensing, user experience

Security is more effective as a system

And We’re Just Getting Started…

Project Galileo

Server Lockdown Whitelisting File Reputation Application Reputation Project Galileo Sophos Cloud Encryption Server Freemium Project Galileo Network Security

v10: user-based policy, web + app control Off-box reporting

New network security MSP offering Heartbeat monitoring (Galileo)

Next Gen Endpoint Every Endpoint is an Endpoint Advanced Threat Protection in EP Encryption Everywhere

Project Galileo

Marketing More Leads More Apps More Free Tools

Sophos Home Free tools

Brand recognition Telemetry

Support

New support website NetPromoter focus New pricing/packaging Sophos Labs Emulator Big Data Correlation

Technology Integration that Enables Context-Aware Security

AT HOME AND ON THE MOVE

Mobile Control Endpoint Security

HEADQUARTERS Endpoint Security REMOTE OFFICE 1 NextGen Firewall Secure Wi-Fi Endpoint Security Secure Wi-Fi Secure VPN Client Mobile Control

Complete protection made simple (and fast)

Reputation Data • Active Protection SophosLabs Correlated intelligence • Content Classification

Administration

SOPHOS CLOUD

Mobile Control

Network Storage Antivirus Server Security

Guest Wi-Fi

REMOTE OFFICE 2

Secure Wi-Fi

Endpoint Security Mobile Control

Secure VPN RED

UTM Or RED

•

Complete Network Protection

Our all-in-one approach

VPN & wireless extensions Software Appliance Flexible Deployment Virtual Appliance Networking features for high availability

and load balancing

Endpoint and Mobile integration

Complete email, web & network protection

integrated

Central, browser-based management & reporting

Network Protection

• Intrusion Prevention (IPS)

• Client & Site-to-Site VPN

• Quality of Service (QoS)

• Advanced Threat Prot. (ATP)

 Device Control  AntiVirus

 Web-in-Endpoint

Endpoint Protection

• Wireless Controller for Access Points • Multi-Zone (SSID) support • Hotspot Support Wireless Protection

• Anti Spam & Phishing • Dual Virus Protection •

Mail Protection

• Reverse Proxy

• Web Application Firewall • Antivirus

Web Server Protection

• URL Filtering Policies • Web Threat Protection • Application Control

Web Protection

Modular Security features

Enterprise-class security for small and mid-market organizations

• Stateful Firewall • Object based rules • User self-service portal

Essential Firewall

Choose your modules

FullGuard

(TotalProtect)

Network Firewall Web Protection Web Server Protection Network Protection Wireless Protection Email Protection Endpoint Protection

Either UTM Endpoint or other Sophos Endpoint product

Advanced Threat Protection in UTM

Preventing, Blocking, Identifying, Sandboxing

X X X X X !! !

Block Network Attacks

Firewall and newly optimized IPS block network attacks and prevent breaches at the network gateway

Block Calls-Home

With ATP in 9.2, DNS, App control, and Web proxy work together to identify C&C traffic patterns and block them

Identify Infected Systems

With ATP in 9.2 hosts attempting to communicate with C&C are

immediately identified and contained.

Multi-layered Protection

Sophos Web, Email and Endpoint protection prevent infections from entering the network in the first place

Web Malware Detection

New advanced web malware detection in 9.2 can emulate JavaScript to catch even the most sophisticated obfuscated and polymorphic threats

Selective Sandboxing

Suspicious samples representing potential unknown threats are sent to the SophosLabs cloud for analysis. New threat intelligence is passed back to the UTM. 2 1 3 4 5 6

Network Protection

• Simple and Intuitive Management (Object-based rules)

• Quality-of-Service (QoS) – bandwidth management & traffic shaping

• Intrusion Prevention System (IPS)

• Secure VPN Access (exhaustive choice: IPSec, SSL, HTML5 and many more)

• Site-to-Site VPN (enhanced with unique RED devices)

• Self-Service User Portal (for quarantine, VPN clients, etc.)

New in UTM 9.2

• Advanced Threat Protection (with selective sandboxing)

• Two-Factor authentication (with one-time password solution)

New in UTM 9.3

• One-click secure remote assistance for Sophos Support remote access

Wireless Protection

• Central management

• Plug & play deployment

• Mesh Networking (wireless repeating and bridging)

• Easy hotspot configuration with full customization

New in UTM 9.2

• Fully customizable login pages and vouchers

• Support for backend authentication

• Support for two-factor authentication

New in UTM 9.3

• Hotspot signup and authentication via SMS

• Smart performance optimization (channel selection)

Web protection

• Web threat protection

• URL Filtering Policy for Users/Groups

• Web application control

• Interactive user reporting

New in UTM 9.2

• Web in Endpoint for Sophos Enterprise Console managed clients

• Transparent user authentication with SSO for AD

• Policy setting simplified and enhanced (https, warn, PUAs)

• Device-specific authentication (browser prompt for mobile devices)

• Policy test tool for quick troubleshooting

New in UTM 9.3

• Time quotas, site tagging, and true-file-type detection

• Selective HTTPS scanning

• Updated App Control Engine (for over 1300 Apps)

Web in Endpoint

Features

- Web threat protection and policy enforcement on the endpoint

Benefits

- Users are protected when they leave the network - everywhere - Policy is pushed out and reporting is pulled in

- Admins can manage offsite users the same as onsite - No backhauling, VPN’s, or datacenters involved

Live Connect Web policy Activity Sophos Endpoints (anywhere)

Email protection

• Anti-spam and Anti-virus to stop spam and phishing attacks

• Self-serve Quarantine (users manage their own quarantined mail)

• Standards based TLS, S/MIME and OpenPGP encryption

New in UTM 9.2

• Simple SPX encryption requiring no infrastructure

• Outlook Add-in to force encryption or tag as spam

• DLP for automatic policy-based encryption

New in UTM 9.3

• SPX Self-Registration for Passwords

• Live Anti-Virus Protection

How SPX Encryption Works

Sender

< Sender composes their email exactly the same way as usual < They can force encryption

using the new SPX Encrypt button Add-in for Outlook

Or encryption can happen automatically based on the presence of sensitive data detected by the UTM \/

< The contents of the mail are encapsulated in an encrypted PDF before

How SPX Encryption Works

Recipient

/\

The recipient receives an email with the encrypted PDF attached to their regular inbox

/\

They simply enter the required password to decrypt the contents and view the message and attachments >

How SPX Encryption Works

On any device…

< SPX Encrypted emails are viewable on any device that supports PDFs

< Branding is customizable < A great advantage is

that your encrypted mail is in your inbox with the rest of your mail and can be viewed even when you’re offline

Endpoint protection

• Easy deployment and management from the UTM

• Endpoint anti-virus and malware protection

• Web in Endpoint (policy and protection everywhere)

• Live protection

• Device control (USB devices, Bluetooth, etc.)

New in UTM 9.2

• Integration of Sophos Enterprise Console managed endpoints

• Existing Endpoint customers can use the UTM for Web policy

• Allows larger deployments than UTM integrated Endpoint

• Admin alerts upon infection for UTM Endpoint clients

Mobile NAC

• Only from Sophos: UTM and SMC working better together

• Push WiFi and VPN settings from UTM to SMC

• SMC shared device compliance status with UTM

• Mobile NAC – block non-compliant devices from network access

Integration with Sophos Mobile Control

WiFi & VPN Settings Device Compliance Status Mobile NAC

Web Server Protection

• Web Application Firewall (WAF) protects web servers and applications

• Server Hardening with deep link protection, form hardening

• Cookie tampering protection

• Anti-virus scanning on file uploads

• SSL offloading for added server performance

New in UTM 9.2

• Reverse proxy authentication (offloading) for TMG-like OWA authentication

• More TMG feature parity

New in UTM 9.3

• Persistent web form logins so users are not prompted repeatedly for

credentials

• WAF allow/block lists

Why Sophos for your

Next Firewall

More and more organizations are switching to

Sophos UTM…

1.

We’re simpler

2.

We’re faster

3.

We offer everything in a single box

4.

Including reporting

The key word is ONE

FortiAnlayser for Reporting

FortiMail for Encryption/DLP

FortiWeb for WAF

All-in-One… includes Reporting

Complete on-box reporting – Standard!

It makes a difference

0 5 10 15 20 25 30 35 40 45

Firewall Rule App Control Policy Email Activiation HTTPS Filtering Sophos UTM Competitor Firewall

UTM Deployment &

Licensing

Deployment models

SG Series Appliance Portfolio

Hardware Appliance SG 105 / 115 SG 125 / 135 SG 210 / 230 SG 310 / 330 SG 430 / 450 SG 550 SG 650 Category Small Desktop Small Desktop Medium Midrange 1U Medium Midrange 1U Medium Midrange 1U Large High-end 2U Large High-end 2U Network Ports

(standard) 4 8 6 8 & 2 SFP 8 (FleXi Port) 8 (FleXi Port) 8 (FleXi Port) FleXi Port

Expansion Bays n/a n/a 1 1 2 3 4

Redundancy n/a n/a n/a n/a

2 SSD (RAID) & 2nd _hot-swap power optional (SG 450 only) 2 hot-swap SSD (RAID) 2 hot-swap power supplies 2 hot-swap SSD (RAID) 2 hot-swap power supplies Software Appliance

Runs on dedicated Intel compatible PCs and servers

and within virtual environments like VMware, Citrix, Hyper-V, KVM and other virtual environments Available Now Available Now Available Now

Sophos UTM Hardware Appliances

Entry-level

Desktop Models

SG 105/115/125/135 1U performance Desktop form factor and price

Plus models with integrated WiFi coming later this year

Entry-level Desktop Models

SG 105/115/125/135 1U performance Desktop form factor and price

Plus models with integrated WiFi coming later this year

Mid-range 1U Rackmount Models SG 210/230/310/330/ 430/450 Unrivalled performance Unmatched flexibility Top-of-the-line 2U Rackmount Models SG 550/650

Ultimate connectivity and performance

High Availability Options

• Unique zero configuration plug-and-play

hot-standby high availability

• Clustering support for up to 10 appliances.

• WAN link balancing and multi-path routing across

any mix of 3G, UMTS or Ethernet services

• Support for 802.3ad (LACP) link aggregation