Tue, Mar 26 2019, 12:16 am

Sophos adds lateral movement protection feature to its NGFWs

By Digital Edge Bureau, 14.12.2018, 01:36
 
Sophos_Dan_Schiappa_1

Adding lateral movement protection functionality to its XG NGFW systems: Dan Schiappa, Senior VP & GM of products at Sophos

Sophos, a leading player in the network and endpoint security products & solutions space, has announced that its next-generation Sophos XG Firewall now includes lateral movement protection to prevent targeted, manual cyberattacks or exploits from infiltrating further into a compromised network.

“Many organizations are set up to protect against automatic bots, but not interactive, human-driven attacks. If active adversaries get into a system they can ‘think laterally’ to troubleshoot roadblocks, evade detection and move around. It’s hard to stop them unless the right security measures are in place,” said Dan Schiappa, Senior VP & GM of products at Sophos. “Most lateral movements happen on the endpoint, which is why synchronizing security is important. Attackers will attempt to advance using non-malware techniques, such as exploits, Mimikatz and privilege escalation. The network needs to know to respond and automatically shut down or isolate infected machines before anyone or anything spreads further”, added Schiappa.

The SophosLabs 2019 Threat Report discusses a rise in targeted ransomware. With the SamSam ransomware campaign estimated to have earned more than $6.5 million, it is not surprising that criminals are attracted to this method. In these attacks, cybercriminals target weak entry points and brute-force Remote Desktop Protocol (RDP) passwords. Once in, they move laterally, working one step at a time to steal domain admin credentials, manipulate internal controls, disable back-ups and more. By the time most IT managers notice what’s happening, the damage is done.

Similar cybercat-burglar-like attacks, such as BitPaymer, Dharma and Ryuk, use a similar lateral movement playbook to hand deliver ransomware. These attacks are very different from Ransomware-as-a-Service (RaaS) toolkits sold on the dark web. Sophos expects manual control attacks to continue into 2019.

Schiappa further said that Stopping lateral movements – from active adversaries or worm-type exploits – by sharing intelligence between the firewall and endpoints and automatically isolating infected systems was critical for every organization. “Unfortunately, many business environments could have blind spots on their network switches or LAN segments, and these can become secret launch pads for attacks. The new features in Sophos XG Firewall prevents threats from spreading, even where the firewall doesn’t have direct control over traffic”, explained Schiappa.

The Sophos XG Firewall automatically interacts with Sophos’ endpoint products, including its new Intercept X Advanced with Endpoint Detection and Response (EDR), to deliver this new layer of protection. These essential security anchors connect via the Security Heartbeat in Sophos’ Synchronized Security technology. This creates an intelligent solution that can proactively predict and protect against threats, detect and prevent further infection by automatically isolating machines, and remediate the infection. Security Heartbeat technology enables the automatic isolation of high-risk endpoints from other endpoints on the same broadcast domain or network segment.

0 comments

Add your comment

Nickname:
E-mail:
Website:
Comment:


+ seven = 8

Other articlesgo to homepage

*astTECS to showcase UC&C solutions at Convergence India

*astTECS to showcase UC&C solutions at Convergence India(0)

*astTECS, the leading provider of Open Source IP PBX and Call Center Dialer, has announced that the company will be showcasing it’s latest enterprise communication solution at Convergence India 2019 (29th January to 31st January). At the show, *astTECS will be demonstrating how communication technologies in the modern connected world is creating a strong ecosystem

Atos to provide BullSequana supercomputers in India

Atos to provide BullSequana supercomputers in India(0)

Atos, a global leader in digital transformation, has signed a HPC agreement with the C-DAC (Centre for Development of Advanced Computing), an organization within the MeitY (Ministry of Electronics & Information Technology of India), in the presence of the French Minister for External Affairs Mr Jean-Yves Le Drian, and the Secretary of the Minister of

HID reaches out to government agencies with mobile IDs

HID reaches out to government agencies with mobile IDs(0)

HID Global, a world’s leading identity solutions provider, has announced that its HID goID solution has been extended to provide an end-to-end system for deploying and managing a mobile citizen ID program, which governments all across the world have ventured into. From issuance through verification, HID goID is backed by the same high security standards

Damson intros new range of CORSECA Bluetooth speakers

Damson intros new range of CORSECA Bluetooth speakers(0)

Damson Technologies, one of the leading makers of computer peripherals, accessories and lifestyle products, has launched three new portable Bluetooth speakers from CORSECA namely Cookie, Dazzle & MuDisc. Users can now enjoy the classic elegance of CORSECA speaker design and sharp electronics expertise brought to them by the house of Damson, the pioneers of Bluetooth

BenQ’s ZOWIE is Official Monitor Partner of Dreamhack 2018

BenQ’s ZOWIE is Official Monitor Partner of Dreamhack 2018(0)

BenQ, carrying ZOWIE brand of eSports related monitors & IT peripherals, has announced the association with the upcoming Dreamhack 2018 as the Official eSports Monitor Partner. The event will take place from 21st December-24th December at Bombay Exhibition Center, Mumbai (NESCO-Hall 4). BenQ would also showcase its ZOWIE’s XL2546 and RL2455S monitors, which are the official

read more
banner









Contacts and information

New Delhi (India)

Social networks

Most popular categories