Sophos

02-05-2021
 |  [RAND-100] - Comments



Sophos

The branch office of one

Prior to the pandemic, there was already a shift in networking underway, with an increasing percentage of the workforce beginning to work from home – at least part-time. This trend has dramatically accelerated over the last year, with the vast majority of organizations either mandating their employees work from home, or strongly encouraging it.

The University provides Sophos Security at no cost to all members of the UMass Amherst community. Sophos provides a comprehensive endpoint protection software solution. The university-licensed version includes anti-malware and disk encryption, data loss prevention, and firewalling. For a complete list of the Sophos Intercept X with EDR features, see. Sophos Endpoint. Sophos Intercept X is the world’s best endpoint security, combining ransomware protection, deep learning malware detection, exploit prevention, EDR, and more – all in a single solution. Sophos Anti-Virus is the virus protection software recommended by MIT. This software detects and cleans up viruses, Trojans, worms, spyware, adware and other potentially unwanted applications. Firewall Management in Central.

This has transformed many organizations almost overnight into a highly-distributed model with hundreds, if not thousands, of one-person branch offices. The “branch office of one” has become the new normal for many organizations.

This massive shift has created a similarly massive challenge for many IT organizations, who have been scrambling to implement VPN access for their remote workers. As just one example, utilization of our Sophos Connect VPN client with XG Firewall has shot up over 10x to more than 1.4 Million active clients in recent months.

And while VPN technology has been a savior and has served us well, it was never really designed for this new world. VPN can be difficult to deploy and enroll new staff, it can be challenging for end-users to use and creates unnecessary friction, and it does not provide the kind of granular security that most organizations require.

Gartner’s recent report, Solving the Challenges of Modern Remote Access, also highlights the challenges with VPN: licensing, efficiency, relevancy, and suitability for the task.

Protecting your data

If it wasn’t enough that IT organizations are grappling with this massive shift in remote working, the whole industry has come under siege by bad actors and hackers attempting to take advantage of the current situation with increasing attacks on corporate systems and data. The latest Sophos 2021 Threat Report provides an excellent look at how cybercriminals have upped their game.

With a massive collection of branch offices of one and an ever-increasing need for tighter security that is transparent and frictionless, what are the options?

We’re actively working to get Sophos ZTNA, or zero trust network access, into your hands as fast as possible. To help overcome some of the challenges you’re facing with remote workers, it provides a simpler, better, more secure solution to connect your users to important applications and data.

Zero trust network access

ZTNA is founded on the principle of zero trust and is all about verifying the user. It typically leverages multi-factor authentication to prevent stolen credentials from being a source of compromise, then validates the health and compliance of the device to ensure it’s enrolled, up to date, and properly protected. ZTNA then uses that information to make policy-based decisions to determine access and privilege to important networked applications.

Benefits of ZTNA compared to remote access VPN

While remote access VPN continues to serve us well, ZTNA offers a number of added benefits that make it a much more compelling solution:

  • More granular control: ZTNA allows more granular control over who can access certain applications and data, minimizing lateral movement and removing implied trust. VPN is all-or-nothing: once on the network, VPN generally offers access to everything.
  • Better security: ZTNA includes device and health status in access policies to further enhance security. VPN does not consider device status, which can put application data at risk to a compromised or non-compliant device.
  • Easier to enroll staff: ZTNA is much easier to roll out and is better when it comes to enrolling new employees. VPN involves more challenging and difficult setup and deployment.
  • Transparent to users: ZTNA offers “just works” transparency to users with frictionless connection management. VPN can be difficult and prone to initiating support calls.

Overall, ZTNA offers a welcome solution to connecting the branch office of one.

Sophos ZTNA

Sophos ZTNA is a brand new cloud-delivered, cloud-managed product to easily and transparently secure your important business applications with granular controls.

Sophos ZNTA consists of three components:

  • Sophos Central provides the ultimate cloud management and reporting solution for all your Sophos products, including Sophos ZTNA. Sophos ZTNA is fully cloud-enabled, with Sophos Central providing easy deployment, granular policy management, and insightful reporting from the cloud.
  • Sophos ZTNA Gateway will be available as a virtual appliance for a variety of platforms to secure networked applications on-premise or in the public cloud. AWS and VMware ESXi support will be available initially, closely followed by support for Azure, Hyper-V, Nutanix, and others.
  • Sophos ZTNA Client provides transparent and frictionless connectivity to controlled applications for end users based on identity and device health. It is super easy to deploy from Sophos Central, with an option to deploy alongside Intercept X with just one click or instead work standalone with any desktop AV client. It will initially support MacOS and Windows, and later Linux and mobile device platforms as well.

Coming soon

The early access program (EAP) for the initial version of our ZTNA solution will kick off in the next couple of weeks, so stay tuned for additional news. I hope you will all join us in test-driving Sophos ZTNA to make it the best product it can be for launch!

The University provides Sophos Security at no cost to all members of the UMass Amherst community.

Www.sophos.com

Sophos provides a comprehensive endpoint protection software solution. The university-licensed version includes anti-malware and disk encryption, data loss prevention, and firewalling. For a complete list of the Sophos Intercept X with EDR features, see: https://www.sophos.com/en-us/products/intercept-x/tech-specs.aspx.

Install Sophos:

Sophos.com

  • For university-owned devices managed by IT, check with your IT support administrator.
  • For university-owned devices that are not managed by IT, download and install Sophos with full disk encryption. Full disk encryption is a foundational security control required for computers that house university data.
    • If you have problems with installing the version of Sophos with full disk encryption, you can install a version of Sophos without encryption. Encryption will need to be enabled on your computer at a later date.
  • For personal devices, follow these instructions to access the Sophos home use portal at home.sophos.com/edu/umass.

About Central Management
Software for university-owned computers connects to UMass Amherst IT's central console and receives software updates, policies, and configurations automatically. The central console also enables UMass Amherst IT to locate and respond to security threats and incidents more effectively and efficiently.

Note: Running more than one anti-virus software on your computer can cause serious conflicts. Before installing Sophos Security, make sure you do not have other anti-virus applications on your machine.

Note: Under a new university-wide contract, Sophos Intercept X Advanced is replacing McAfee endpoint protection at UMass Amherst. More information will follow.

For questions, contact the IT professional in your department as applicable, or IT User Services.

Sophos Central

Windows