Sofos has updated Firewall to give him More capacities for protection and incident responses. Sophos Firewall It now includes the NDD Essential functionwhich will be available at no additional cost for clients with Xstream Protection license. Thanks to integration, Firewall incorporates two specialized engines in detecting malware and communications with domain names generated algorithmically.
This function is based on the Sophos Network Detection and Response platform, and is designed to identify malware communications even if they are previously unknown or not registered. In addition, it is a complement to the functions of AA Menazas existing in the Sofos Firewalls.
On the other hand, it now allows you to use Enteroid (Azure AD) to identify users and implement multifactor authentication for Connect Sophos and access to the user portal housed by the Firewall. As for the use interface, the types of connection have changed their name. They have gone from being “site-to-site” to “polycy-base”, and the tunnel interfaces are now called “route-base.” In this way the use of the platform is more intuitive.
The dynamic validation of the IP address pool assigned to VPN connections (SSL VPN, IPSEC, L2TP and PPTP) improves the resolution of possible IP addresses conflicts, and in the IPSEC profiles the predetermined values are now excluded. In this way, algorithms synchronization is guaranteed and the fragmentation of packages is avoided, a phenomenon that can impedite the restoration of vpn site-to-site tunnels.
VPN scalability based on routes and SD-RED make the system admit up to 3,000 tunnels established at the same time. Sofos Firewall can manage up to 1,000 SD-Red-Site-Site tunnels, and up to 650 concurrent SD-Red devices.
Among the management improvements is the greatest flexibility of Delegation of DHCP prefixes (IPV6 DHCP-PD), since it now admits prefixes of /48 A /64, improving compatibility with various Internet service providers. Toure Advertisement (RA) and DHCPV6 Server are also enabled by default.
The We Management Interface is still adapted to large width screens, and many configuration pages now allow the size of the columns to be necessary. On the other hand, the object search function has improved, and the Routing SD-Wan configuration screen search admits more criteria. Local ACL rules also support searches by name, object value and content.
The default firewall rules and the groups of rules that were previously generated during the initial firewall configuration have been eliminated, and only the default network rule and MTA rules are offered during the initial configuration.
Sofos continues like this with his design security approach in his firewalls, which makes him include in them Specific functions and verification of critical files of the operating system through mathematical verification sums. If it detects any discrepancy in them, an alert of possible commitment is activated. In this way, monitoring equipment can proactively identify possible security incidents which may affect the integrity of the Firewall operating system.
