Sophos
Solutions for network, end-user and server security.
DDoS Protection
DDoS protection can be used to protect against so-called distributed denial-of-service (DDoS) attacks, in which a large number of infected systems are maliciously used to attack a single target. The target system is usually unable to handle the large amount of requests and is therefore no longer accessible to its users; the flood of incoming messages forces a shutdown of the system and therefore also of the services provided to legitimate users via this system.
Network Access Control (NAC)
Network Access Control (NAC) is a technology that supports the defence against viruses, worms and unauthorised access from the network. With NAC, end devices are checked for policy compliance during authentication. If, for example, the virus scanner is not up to date or the client operating system is missing the latest security patch, the affected end device is quarantined and provided with the latest updates until it once again complies with the applicable security guidelines. Initially, the functions required for this were distributed across network components such as routers, switches and firewalls. In addition, a certificate can be used to verify whether or not a user or device attempting to connect to the network is authorised to do so. This allows better control over which people or devices are granted access to certain networks.
Advanced Threat Detection
Advanced Threat Detection is a broad term for solutions that use certain types of analysis to increase the security of systems. Among other things, these solutions can analyse and evaluate downloads or other user activities from various systems risk-free in a sandbox.
Application Layer Gateway
Application layer gateways are placed between the secure and insecure network; a proxy server is set up on them for each service to be monitored, which, unlike packet filtering, can be used to monitor the content. In this way, active content such as ActiveX controls or Java applets can be filtered out of HTML pages or the e-mail can be scanned for viruses.
Data & Device Encryption
Data & device encryption refers to the encryption of data (such as folders, files, databases, etc.) and devices (such as hard drives, USB sticks, cloud storage, etc.). The aim of encryption is to subject the data to a mathematical transformation so that it is not possible for an attacker who gains possession of the data to extract the original data from the transformed data.
Data Loss Prevention (DLP)
“Data loss prevention” and “data leakage prevention” are usually used synonymously, but some specialists also differentiate between them in technical discussions: “Data loss prevention” is protection against the unwanted outflow of data that causes damage and is also noticed, while “data leakage prevention” stands for protection against the suspected but unmeasurable and sometimes undetectable passing on of information to unwanted recipients.
E-Mail Encryption
Email encryption is used to send confidential information by email from the sender to the recipient in such a way that no-one other than the sender and recipient can access this information (end-to-end encryption).
E-Mail Security
Email security refers to solutions for protecting emails against spam, viruses and malware. These are placed in the network as a gateway solution or in the cloud as hosted solution.
Endpoint Security-Firewall
Modern firewall systems now offer a much broader range of integrated features in addition to the conventional functions of a firewall; firewalls provide everything a security expert needs: Firewall, anti-virus, filter functions for web content and emails, application control and network functions (e.g. routing and load balancing) in just one appliance.
Firewall (inkl. UTM & NG)
Modern firewall systems now offer a much broader range of integrated features in addition to the conventional functions of a firewall; UTM firewalls provide everything a security expert needs: Firewall, anti-virus, filtering features for web content,emails, application control and network functions (e.g. routing and load balancing) in just one appliance.
Network Infrastructure
All solutions required to set up a physical network are summarised under Network Infrastructure; this primarily includes switches and routers. The purpose is, for example, to connect various areas within a building and thus grant network access. Solutions for setting up a wireless network are included in the separate Wireless Infrastructure category.
Network IPS
Intrusion prevention systems (IPS for short) are intrusion detection systems (IDS for short) that go beyond the mere generation of events to provide functions that can also block a detected attack. Network IPS includes all solutions that can provide centralised protection for the company network.
Risk Management & Reporting
Risk Management & Reporting can be used to uncover and visualise risks in the corporate network in order to derive countermeasures.
Mobile Device Security (MDM, MAM)
Mobile device security summarises a wide range of solutions for securing mobile devices in companies and is becoming increasingly important due to trends such as BYOD. While mobile device management (MDM) focuses on the activation of mobile devices, the roll-out and controlled provision of smartphones and tablets in the company and the implementation of guidelines, mobile application management (MAM) deals with the provision, licensing, configuration, application lifecycle management (ALM) and usage tracking of mobile applications.
Threat & Attack Management
Under Threat & Attack Management, we offer products for the centralised and automated analysis and handling of security problems. In contrast to SIEM, these solutions can not only recognise trends and deviations, but also take active action against threats
VPN / SSL / ZTNA
A conventional VPN is a virtual, self-contained communication network that uses an existing communication network as a transport medium. It is used to connect participants in the existing communication network with another network. In addition to traditional networking via VPN gateways, SSL VPN is also increasingly being used to connect individual end devices. With ZTNA administrators can granularly control access to internal resources and restrict access based on the client’s health state.
Web Security
Web security solutions protect end devices from infections and implement company guidelines by using the following technologies: URL filtering, blacklisting, whitelisting, detection and filtering of malicious content, application control of known applications such as Skype.
Wireless Infrastructure
Wireless infrastructure, refers to the hardware, software and protocols that make up a wireless network. It includes devices such as routers, access points and other devices that enable wireless devices (such as smartphones) to communicate with each other and with wired networks. Wireless infrastructure is typically used to provide connectivity and access to the internet or other networks without the need for cables or wires. In addition to connectivity, wireless infrastructure can often provide other services such as security and location tracking. Wireless infrastructures are used in a variety of environments, from homes and offices to public spaces such as airports and shopping centres.
Managed MDR (Managed Detection Response)
Managed Detection and Response (MDR) is a security service that prioritises the handling of detection and response capabilities on behalf of a customer. MDR enables companies to operate a turnkey Security Operations Centre (SOC) at a low percentage of the cost of building their own programme.