1

Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help

2

Agenda

• Introduction• Category 1• Category 2• Calculating category 2 funding• How to get started• Sophos overview

3

44

55

66

77

88

99

1010

1111

Sophos Firewalls and Wireless

12

Components available via E-Rate

1) FIREWALL HARDWARE

2) NETWORK PROTECTION – IPS, Pattern updates, DoS/Flood Protection, SSL VPN and remote access, Advanced Routing, WAN Load-Balancing, and Detailed Network Protection Reporting.

3) WIRELESS – Sophos Firewall is the wireless controller. Add wireless APs for coverage. Configure security policies specific to each Zone.

4) SUPPORT – 24/7/365 Support

13

Comprehensive Next-Gen Network

SOPHOS FIREWALLOPERATING SYSTEM

Web Filtering

IntrusionPrevention

SystemRouting

EmailSecurit

y

SecurityHeartbeat

SelectiveSandbox

ApplicationControl

Data LossPrevention

ATPDetectionProxy

ThreatEngine

Firewall

14

Fresh New User Experience

• A fresh ground-up design approach to user interface, navigation, and data presentation that’s engaging and useful

15

Drill-down for DeeperInformation

• Each widget in the control center can be clicked to reveal more in-depth information and quick access to related tools

16

Security Heartbeat

• Accelerates the detection of advanced threats, positively identifies the systems and processes, and automatically respond to isolate infected systems

17

Contextual Documentation

• Provides documentation and visual cues directly in the navigation structure to remind users what that area of the product does

18

Extensive UX Research and DesignMore friendly, inviting, and useful

Fresh New User Experience

• A fresh ground-up design approach to user interface, navigation, and data presentation that’s engaging and useful

19

Built-in DiscoveryLearn-as-you-go with context-aware documentation and visual reminders

Contextual Documentation

• Provides documentation and visual cues directly in the navigation structure to remind users what that area of the product does

20

Built-in Policy TemplatesFor common business applications like Exchange/Mail, SharePoint, Lync, etc.

Business Application Policy Templates

• Provide access to business application servers or services quickly and easily

• Common templates include Exchange, SharePoint, Lync, and others TBD

21

Built for Real PeoplePlain language policy descriptions

Policy in Plain Language

• System automatically generates plain-English description of the policy in real-time as options are selected.

22

Easy evaluation using Discover Mode and Bridge ModeTwo options to produce a comprehensive Security Audit Report

Protected Network

Existing FirewallDiscover Mode

Existing Switch

Mirror Port

Discover Mode – TAP /Mirror• No disruptive changes to the

network• Mirrors traffic through

UTM/NGFW• Monitor only, no enforcement• Visibility (no enforcement) into:

• User Behavior• User-App Risks & Usage• Web Risks & Usage• Intrusion Attacks & ATP

• Client Insights (Heartbeat), Virus, VPN coming post v1

Evaluation using Bridge Mode• Offers extended reporting

insight including Heartbeat• Allows optional policy

enforcement• Traffic is passing through

UTM/NGFW

Bridge Mode

Security Audit Report

Discover Mode

23

Security HeartbeatNetwork and Endpoint share heartbeat and context to work better together

Endpoints

SG Firewall

Server

InternetCompliant

PartiallyCompliant

Non-Compliant

Non-Compliant

Non-compliantEndpoints blockedfrom network andidentified

Partially-compliantEndpoints blockedfrom servers andidentified

1. ATP detects and blocks suspect C&C connection

2. Context requested from Endpoint

3. Connection context provided (user, process, etc.)

4. Admin notified about ATP event including context

Heartbeat & Context

• Devices on the network share heartbeat and context

• Firewall enforces access policy based on level of compliance

• Firewall requests context from Endpoints in the event of suspicious network traffic

• Two products work better together to provide enhanced protection and improve response times to incidents

Access Control

Advanced Threat ProtectionSuspect

Endpoint SG Firewall

24

User Threat QuotientIdentifying potential security issues before they become problems

Risk Meter displays average threat score for the selected user, and compared to other users.

User Risk Analysis

• Behavior-based analysis of• Web behavior • ATP triggers

• Ranks users• Identifies top risks• Enables quick and easy

• policy changes • Broad-based or

individual education• Targeted

intervention

User Risk Quotient Graph (Low, Medium, High-risk)

with pop-over and drill-down options

25

HardwareAppliance SG 85 + w SG 105 /

115 + wSG 125 / 135 + w

SG 210 / 230

SG 310 / 330

SG 430 / 450 SG 550 SG 650 SG 750

Category Small Desktop

SmallDesktop

SmallDesktop

MediumMidrange

1U

MediumMidrange

1U

MediumMidrange

1U

LargeHigh-end

2U

LargeHigh-end

2U

Large High-end

2UNetwork Ports (standard)

4 4 8 6 6 & 2 SFP 8 (FleXi Port)

8 (FleXi Port)

8 (FleXi Port)

8 (FleXi Port)

FleXi Port Expansion Bays

n/a n/a n/a 1 1 3 3 4 6

Redundancy n/a n/a n/a n/a n/a

2 SSD (RAID) &

2nd hot-swap power

optional (SG 450 only)

2 hot-swapSSD (RAID)2 hot-swap

power supplies

2 hot-swapSSD (RAID)2 hot-swap

power supplies

2 hot-swapSSD (RAID)2 hot-swap

power supplies

Software Appliance

Runs on dedicated Intel compatible PCs and servers and within virtual environments like VMware, Citrix, Hyper-V, KVM and other virtual

environments

SG Series ModelsComing Soon Coming Soon

26

• Full central policy management and health monitoring

• Available in Cloud, HW & virtual• SFM 15, 50 & 100 models• Template-based configuration• Free for partners

• Consolidate reporting across UTM v9 & Copernicus firewalls

• In place upgrade to iView 1• >1000 reports and custom views • Available as virtual appliance• Compliance reporting for HIPAA,

PCI DSS, GLBA, and SOX

Central Management

Sophos iView 2 Central ManagementOn prem & Cloud

2727

Switch to Sophos Cloud Endpoint too…Endpoint Protection is already a part of your network. Get better security with Sophos Firewalls and Sophos Endpoint Security.

28

Security is more effective as a systemNew possibilities through technology cooperation

Security can be made simplePlatform, deployment, licensing, user experience

Security must be comprehensiveThe capabilities required to fully satisfy customer need

Integrated technology that enables Context-Aware security

Next Gen Endpoint

Next Gen Network Security

Cloud Managed

Server Lockdown

What we believe

Sophos Confidential

Sophos Product Strategy

29

SOPHOS SYSTEMPROTECTOR

Sophos Cloud

Improved Threat Detection – USE CASE

heartbeat

SOPHOS FIREWALLOPERATING SYSTEM

ApplicationTracking

Threat Engine

Application Control Reputation

EmulatorHIPS/

Runtime Protection

DeviceControl

MaliciousTraffic

Detection

Web Protection

IoCCollector

Live Protection

SecurityHeartbeat™

Web Filtering

IntrusionPrevention

SystemRouting Email

Security

SecurityHeartbeat™

SelectiveSandbox

ApplicationControl

Data LossPrevention

ATPDetectionProxy

ThreatEngine

Lockdown local network accessRemove file encryption keysTerminate/remove malwareIdentify & clean other infected systems

User | System | File

Compromise

Firewall

3030

Remember to request Firewall Hardware, Network Protection, Wireless Software, Wireless APs and Support on your next E-Rate submission.

Contact Pine Cove Consulting for help scoping Sophos Solutions or any other E-Rate related questions bvancleeve@pinecc.com

31© Sophos Ltd. All rights reserved.