Introducing Lateral Movement Protection
XG Firewall v17.5 is now available, bringing new Synchronized Security features, new options for education institutions, and more of your top requested features.
As outlined in our 2019 Threat Report, the rise in targeted ransomware and other active adversary attacks makes rapid identification and response critical to contain these threats and prevent them from moving laterally across your network. Lateral Movement Protection, a new Synchronized Security feature, builds on the success of Security Heartbeat™ in providing an automated response to the presence of a threat. It not only isolates the compromised system from accessing network resources at the firewall, but also now enlists the aid of all healthy endpoints on the network to synchronize a defense. All healthy Sophos endpoints will isolate any compromised system, providing isolation at the endpoint level, preventing any threat from moving laterally, even on the same broadcast domain or network segment.
We will be diving into this and other Synchronized Security features in more detail in the days ahead.
In addition to Lateral Movement Protection, there’s a variety of new features focused on protection, flexibility, networking and management. Watch this short five-minute overview of the release highlights, review a summary below, or get the full list of What’s New in XG Firewall v17.5.
What’s new in XG Firewall v17.5
Here’s a quick overview of the key new features in v17.5:
- Synchronized Security: lateral movement protection extends our Security Heartbeat™ automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same subnet. The firewall instructs all healthy endpoints to completely isolate any unhealthy endpoints.
- Synchronized User ID utilizes Security Heartbeat™ to greatly streamline authentication for user-based policy enforcement and reporting in any Active Domain network by eliminating the need for any kind of server or client agent.
- Education features: such as per-user policy-based control over SafeSearch and YouTube restrictions, teacher enabled block-page overrides, and Chromebook authentication support.
- Email features now include Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim, which closes a couple of top requested feature differences with SG Firewall.
- IPS protection has been enhanced with greatly expanded categories, enabling you to better optimize your performance and protection.
- Management enhancements include enhanced firewall rule grouping with automatic group assignment, and a custom column selection for the log viewer.
- VPN and SD-WAN failover and failback, including new IPSec failover and failback controls and SD-WAN link failback options.
- Client authentication gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing.
- Sophos Connect is our new IPSec VPN Client, free for all XG Firewall customers. It makes remote VPN connections easy for users, and supports Synchronized Security.
In addition, coming in a following maintenance release we have:
- Wireless APX access point support which provides support for the new Wave 2 access points, providing faster connectivity and added scalability.
- Airgap support for deployments where XG Firewall can’t get updates automatically via an internet connection (due to an “airgap” or physical isolation). XG Firewall can now be updated via USB.
Sophos Central management of XG Firewall
With v17.5, XG Firewall is also joining Sophos Central. The early access program for Sophos Central Management of XG Firewall is now available.
You will be able to manage XG Firewall from within Sophos Central along with all your other Sophos Central products. And there’s a few great new features coming along with Sophos Central management of XG Firewall that will be introduced over time:
- Secure access and management with single sign-on through Sophos Central from anywhere
- Backup management and storage for your regularly scheduled firewall backups
- Firmware update management to make multiple firewall updates easy
- Light-touch deployment to enable easy remote setup of a new firewall
Get it now!
The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through Sophos.com/MySophos. Watch this video for instructions on how to update your XG Firewall firmware.
Questions? Get in touch now