In the previous couple of articles on the subject of our newest Sophos Firewall launch, we’ve mentioned the significance of Safe by Design and coated one of many highlights of this launch: the brand new Well being Verify function. There are additionally quite a lot of different necessary enhancements to Safe by Design in Sophos Firewall v22. Let’s have a look.
Subsequent-Gen Xstream Structure
Sophos Firewall launched the Xstream Structure as a key part of v18, enabling XGS Sequence home equipment to take full benefit of the added processing energy and capabilities it supplied. Since then, Sophos Firewall’s Xstream Structure has been always scaling and adapting to convey further efficiency to buyer networks.
That is all because of the programmable nature of Sophos Firewall’s Xstream Structure that’s NOT depending on customized silicon ASICs – and in reality works equally effectively on general-purpose CPUs, digital CPUs, and our XGS Sequence fashions which have devoted movement processors.
Sophos Firewall v22 introduces our next-generation Xstream Structure, which has an all-new management aircraft re-architected for max safety and scalability to take us into the long run. The brand new management aircraft allows modularization, isolation, and containerization of providers like IPS for instance, to run like “apps” on the firewall platform. It additionally allows full separation of privileges for added safety.
The web result’s an ultra-secure, scalable, and streamlined structure constructed for the long run. This next-gen Xstream Structure lays a basis for extremely safe, scalable, and modular containerized providers, n-node clustering, and full RESTful APIs for high-performance distant administration and automation.
Excessive-availability self-healing
As well as, this Subsequent-Gen Xstream Structure provides a brand new self-healing functionality to high-availability deployments that’s constantly monitoring system state and fixes deviations between gadgets mechanically.
Hardened kernel
The subsequent-gen Xstream Structure in Sophos Firewall OS is constructed upon a brand new hardened kernel (v6.6+) that gives enhanced safety, efficiency, and scalability to maximise present and future {hardware}. The brand new kernel presents tighter course of isolation and higher mitigation for side-channel assaults in addition to mitigations for CPU vulnerabilities (Spectre, Meltdown, L1TF, MDS, Retbleed, ZenBleed, Downfall). It additionally presents hardened usercopy, stack canaries, and Kernel Handle Area Structure Randomization (KASLR).
Distant integrity monitoring
Sophos Firewall OS v22 now integrates our Sophos XDR Linux Sensor that allows real-time monitoring of system integrity, together with unauthorized configuration, rule exports, computer virus execution makes an attempt, file tampering, and extra.
This helps our safety groups who’re always monitoring our total Sophos Firewall buyer base to higher determine, examine, and reply extra rapidly to any assault. That is an added safety functionality that no different firewall vendor gives.
New anti-malware engine
Sophos Firewall OS v22 integrates the most recent Sophos anti-malware engine with enhanced zero-day, real-time detection of rising threats utilizing international popularity lookups. That is doable thanks to an enormous cloud database of identified malicious information, which is up to date each 5 minutes or much less.
It additionally introduces AI and ML mannequin detections and delivers enhanced telemetry to SophosLabs for accelerating their rising menace detection evaluation.
Get began right now
Remember to get entangled within the Sophos Firewall v22 Early Entry Program to higher safe your and your clients’ networks and assist make this launch the perfect it may be. Additionally you’ll want to evaluation the What’s New Information for a full listing of all the brand new capabilities in Sophos Firewall v22.
