New versions of the Endian and Sophos UTM solutions

Warhorses

Web Application Firewall

The Web Application Firewall (WAF) in the Sophos UTM Firewall provides an Apache web server-based reverse proxy to protect its own web server against SQL injections, cross-site scripting attacks, and other web-based attacks. Furthermore, it scans connections to the web servers in both directions for viruses and blocks clients with a bad reputation. In version 9.2, WAF also gets a new engine and a new pattern recognition feature, which Sophos promises to update continuously via Up2Date.

The new version of Sophos additionally extends the maximum file size for uploads from 128MB to 1GB. Also new is a function for reverse authentication. The Web Application Firewall then handles authentication for web applications, to protect the latter. After successful authentication in basic or form mode, the firewall then passes on the results to the configured back-end servers. This function is clearly targeted at customers of the now-defunct Microsoft TMG (Threat Management Gateway) product, which offered similar functionality.

Conclusions: Sophos UTM 9.2

The new version of Sophos sets standards in the UTM landscape in terms of functionality and usability. New features, such as two-factor authentication and SPX encryption, have been at the top of customer and partner wishlists for some time. Botnet detection, advanced threat protection, and the new DLP functions help Sophos make life a little easier for security admins. These requirements are part of everyday life in medium-sized companies and can be quickly and easily implemented with version 9.2. It's a pity, however, that the DLP functions so far only protect email messages against accidental and deliberate information leakage. A function that also searches outgoing HTTP(S) connections for sensitive data and blocks messages where appropriate is still missing.

Something for Everyone

The new versions of the Endian and Sophos UTM firewalls provide much that is new. With the HTTPS proxy, the revised VPN GUI, application identification, and the new ntopng live network monitoring, Endian catches up to other providers. Sophos is again innovative in this price range with two-factor authentication, SPX email encryption, botnet detection, and optimized WAF.

Whether you prefer the feature-rich Sophos UTM or the leaner Endian firewall depends not only on your own individual security requirements, but also on the type of deployment  – physical or virtual. Endian offers support for VMware, Xen and KVM; Sophos additionally supports Microsoft's hypervisor Hyper-V.

The Author

Thomas Zeller is an IT consultant and has been involved with IT security and Open Source for 15 years. He is the author/co-author of the books OpenVPN Compact and Mind Mapping with Freemind . In real life, he is an IT entrepreneur and managing director of an IT system provider. Among other things, he is responsible for the company's IT security business.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Guacamole: Remote Desktop

    HTML5 offers a range of new features, such as audio and video support, without needing plugins like Flash or Java. This opens up completely new options in terms of content delivery via the web – and for mobile access to applications on the LAN.

  • Fedora Server 26 and Endian Firewall 3.2.4
    Fedora Server 26 is a Red Hat-sponsored, community-based distro that serves as a test bed for technologies. Endian Firewall 3.2.4 gives you all you need to turn your own computer into a firewall appliance.
  • Tested: Barracuda firewall X201
    With a number of new firewalls, Barracuda seeks to expand its portfolio to include small and medium-sized companies. We take a closer look at the Barracuda firewall X201.
  • Protect yourself from infected MS Office files
    Attacks on Microsoft Office files are increasing. A multilayered approach is your best protection against this malware.
  • Advanced Security in Windows Firewall

    Windows Firewall with Advanced Security was introduced in Vista/Windows Server 2008. Compared with the old Windows Firewall, it offers many new features and possibilities.

comments powered by Disqus