Astaro II - Sophos Network Protection for Experts UTM 9, Clientless SSLVPN bis hin zu kostengünstigen WLAN. Sascha Paris Presales Engineer Sophos

Größe: px
Ab Seite anzeigen:

Download "Astaro II - Sophos Network Protection for Experts UTM 9, Clientless SSLVPN bis hin zu kostengünstigen WLAN. Sascha Paris Presales Engineer Sophos"


1 Astaro II - Sophos Network Protection for Experts UTM 9, Clientless SSLVPN bis hin zu kostengünstigen WLAN Sascha Paris Presales Engineer Sophos

2 Complete Security Vision

3 UTM 9 Neue Major Features Sophos Corporate UI Clientless HTML5 VPN (Feature Request #1) Hotspot Funktionalität (Feature Request #2) Endpoint Protection

4 UTM 9 Neue Minor Features Network Security 1:1 NAT Rules Reorganize NAT Tab Multiple Objects in firewall rules Make user VPN configs available to admin SSL VPN Client without admin rights Update OpenSSL to > 1.0 UTF8 support SSL-VPN username/password Ship Snort engine as a pattern IPv6 NAT NAT: Show rule numbers for "log initial packets" IPv6 Support for GeoIP Web Security AppAccuracy Program 'Youtube for Schools' Support Mail Security Improve Listbox Widget Notifications for blocked outgoing mail Wireless Security Time Based access Transmit Power Adjustment Added usage and error reporting Web Application Security Site Path Routing Hot-Standby support for backend servers Form hardening: check HTTP request method Logging/Reporting Show license info in Executive Report Improve performance of userlog_read for the Management tab Networking DHCP Options Support DHCP Server "Relay Mode" Network Definition Ranges Export of Netflow/IPFIX Records Interface Groups in Multi-Path rules IPv6 Support for Dynamic Interfaces DHCPv6: Clients with static mappings only Improved 3G Modem Support Load Sharing between multiple BGP uplinks QoS Improvements (Shape downloads) Spanning Tree for Bridge Mode WebAdmin/GUI Customize Title for WebAdmin Add + expanders to customization GUI Add constant Live-Log button to WebAdmin TOP Show active sessions and logged in users Customizable Dashboard Global Object Search LCD4Linux Improvements HA/Cluster Keep unit on old version during Up2Date (Cold-rollback) Sync conntrack node id Kernel Kernel Update Performance: AFC low hanging fruits Performance: MMAPed nfnetlink Drop uniprocessor kernels Installer Improve SSD support Up2Date Support installation of newer revisions of the same version

5 Wireless Protection

6 UTM9 Hotspot Feature Gäste WIFI Funktionalität inklusive Aka Captive Portal 3 verschiedene Modi: Terms of use Password of the day Voucher Individuelle Anpassung der Portal-Sites möglich Teil der Wireless Protection Subscription

7 Wireless Protection Live Demo

8 Sophos Access Points AP 5 AP 10 AP 30 AP 50 Max. User Durchsatz 150 Mbit/s 150 Mbit/s 300 Mbit/s 300 Mbit/s WLAN-Standard IEEE b/g/n Netzwerkanschluss USB-Anschluss über RED IEEE b/g/n 10/100 Base TX IEEE b/g/n 10/100 Base TX IEEE a/b/g/n 10/100/1000 Base TX PoE Nein, USB - IEEE 802.3af IEEE 802.3at Antenne Montage 1 x abnehmbare Dipol-Antenne 2,4G USB Port in RED-10 1 x abnehmbare Dipol-Antenne 2,4G 3 x interne Dipol-Antenne 2,4G Desktop / Wand Desktop / Decke Listenpreis inkl. PoE Injector 2 x abnehmbare Dipol-Antenne 2,4G / 5G Desktop / Wand 485 inkl. PoE Injector


10 Clientless HTML5 VPN Zugriff auf interne Ressourcen via Webbrowser Unterstützt RDP, VNC, SSH, Telnet, HTTP und HTTPS Applikationen Reines HTML5 kein ActiveX oder Java Applet notwendig Nur Bildübertragung, keine Daten auf dem Client Rechner Einsatzgebiet als Fernwartungstool Teil der Network Protection Subscription

11 HTML5 VPN Live Demo

12 Endpoint Protection

13 UTM9.0 Endpoint Features Anti-malware HIPS Windows Tamper Protection Device Control

14 Management via Webadmin

15 Endpoint Protection Live Demo

16 Complete Security Suiten

17 Sophos UTM / SUM Roadmap UTM 9.0 GA July, 2012 The complete security box UTM Endpoint Protection AV & HIPS Device Control HTML5 VPN Portal Hotspot support GUI in Sophos Design SAV Integration Sophos UTM Manager 4.0 Target GA Q3 FY13 Manage multiple UTMs Global management for Endpoints Sophos branded GUI Import of Definitions More efficient bandwidth usage Increased scalability ROADMAP: Alle Angaben sind unverbindlich und können noch ändern. In planning, subject to change UTM 9.1 Target Apr 2013 Mobile/BYOD control Improved Endpoint Protection Web & Application Protection Mac support Wireless Repeater/Bridge MAC Address Filter support OWA Support for Webserver Protection Under consideration UTM 9.2 and beyond Extended Endpoint Protection DLP Patch assessment Mobile Security VPN client WAF compatibility for Wireless and RED improvements

18 Weitere Informationen finden Sie unter