The latest update, v21.5, for Sophos Firewall brings noteworthy advancements aimed at improving both security and user experience. This release introduces several new features designed to streamline administration, enhance network protection, and simplify remote access. By addressing common user requests and integrating advanced technologies, Sophos Firewall v21.5 sets a new standard for next-generation firewall solutions.
Enhanced Network Security
Sophos Network Detection and Response (NDR) Essentials
One of the major highlights in the v21.5 update is the integration of Sophos NDR Essentials. This AI-powered feature enhances network security by detecting adversaries using advanced convolutional neural networks. Hosted on the cloud, NDR Essentials does not require additional hardware investment, making high-level security accessible and efficient for all users. The convolutional neural network (CNN) effectively analyzes encrypted traffic without needing Transport Layer Security (TLS) decryption. This innovative approach significantly reduces the risk of blind spots in network security, offering comprehensive monitoring and protection against sophisticated threats.
Sophos NDR Essentials also excels in identifying domain generation algorithms (DGAs) commonly used by advanced persistent threats (APTs) to avoid detection by traditional DNS and web filters. By detecting these algorithms, NDR Essentials can thwart attempts to establish communications with malicious command and control (C2) servers. With its proactive threat detection capabilities, Sophos NDR Essentials provides robust, cloud-based protection that ensures the integrity of network security without compromising performance.
DNS Protection Integration
Another significant security enhancement in v21.5 is the integration of the DNS Protection service. Formerly a standalone offering, this service is now unified within the firewall, adding an extra layer of security. The introduction of detailed logging, notifications, and a guided tutorial ensures administrators can efficiently monitor and troubleshoot DNS-related issues. This integration means that administrators can now benefit from streamlined protection against DNS-based attacks, including malware, phishing, and data exfiltration attempts, all within the consolidated management console of the Sophos Firewall.
The unified platform offers new widgets in the control center that display real-time status updates of the DNS Protection service, allowing for quick identification of potential issues. These enhanced logging capabilities provide in-depth insights into DNS traffic, making it easier to spot anomalies and respond to threats swiftly. The guided tutorial feature is a user-centric addition, offering step-by-step instructions on setting up and managing DNS Protection, which significantly lowers the learning curve and helps administrators optimize their network defenses efficiently.
Improved Remote Access VPN
Simplified VPN Management
Sophos Firewall v21.5 addresses top user requests by simplifying remote access VPN management. Users can now leverage corporate network credentials for the Sophos Connect client and firewall VPN portal. This change supports seamless and secure single sign-on, enhancing the remote user experience. The incorporation of Entra ID (Azure AD) single sign-on under the industry-standard OAuth 2.0 and OpenID Connect protocols facilitates a smooth and secure authentication process. By allowing remote users to employ their existing corporate credentials, the update reduces the complexity and administrative overhead associated with managing multiple login credentials.
Additionally, this streamlined VPN management system increases user adoption by decreasing the barriers to accessing the network remotely. Employees can securely connect to the corporate network with ease, ensuring that critical business operations continue uninterrupted, regardless of their location. The simplified setup and management process also empowers IT administrators to efficiently deploy and support remote access solutions, contributing to improved organizational productivity and flexibility.
Terminological and Functional Enhancements
In line with the goal of simplifying VPN management, the update includes terminological adjustments in the user interface. Connection types are renamed for clarity, and improvements in IP lease pool validation and profile enforcement stabilize VPN connections. The firewall now supports a higher number of VPN and RED tunnels, making it more scalable for growing networks. For instance, connection types have been renamed from “site-to-site” to “policy-based,” and tunnel interfaces from “site-to-site tunnels” to “route-based,” which reflects a more logical and intuitive organization of VPN configuration options.
This reorganization not only aids in the clarity of the interface but also helps administrators quickly identify and configure the appropriate options for their network’s specific needs. Enhancements in IP lease pool validation prevent conflicts by ensuring that IP address allocations are correctly managed and do not overlap, thereby increasing the reliability of VPN connections. The stability and scalability improvements are critical for large enterprises and organizations that rely on extensive VPN deployments, enabling them to handle a greater number of concurrent connections without performance degradation.
Usability and Management Enhancements
Resizable Table Columns
Administrators will find the v21.5 update to be more user-friendly with the introduction of resizable table columns. This functionality is extended across various configuration screens, such as SD-WAN, NAT, and policy-based VPN. The ability to adjust and retain column widths improves visibility and usability, making network management more efficient. This seemingly minor enhancement addresses a core usability issue by allowing personalized configurations that cater to individual user preferences.
Adjustable column widths ensure that admins can focus on the most relevant information without being constrained by fixed layouts. This feature is particularly useful in scenarios involving complex configurations and extensive rule sets, where the ability to expand and view full entries can significantly reduce administrative errors and enhance productivity. Furthermore, these adjustments are persistent, meaning that once set, the user’s preferences are retained throughout sessions, which streamlines the workflow and saves time.
Extended Free Text Search
Enhancements to the search functionality further streamline management tasks. Administrators can now perform comprehensive searches across SD-WAN routes and ACL rules by multiple parameters. This expanded free text search capability allows for quick and accurate navigation through complex configurations. For example, admins can now search by route name, IDs, objects, and IP addresses in SD-WAN routes, and ACL rules support searching by both object name and value.
Such enhancements lead to a more intuitive and efficient configuration process, enabling network admins to swiftly locate and modify specific entries. This is particularly beneficial in large-scale deployments where numerous rules and routes may be in place, and manual navigation would be both time-consuming and prone to errors. The extended free text search feature is an appreciable advancement, exemplifying a user-centric approach that significantly bolsters operational efficiency by providing rich content-based search results.
Performance and Readability Improvements
Default Configuration Changes
Sophos Firewall v21.5 simplifies the initial configuration process by removing outdated default firewall rules and rule groups. This change reduces setup complexity, leaving only the essential primary network and MTA rules for a cleaner initial configuration. This improvement underscores the user-centric approach of the latest update. By removing unnecessary default rules, the firewall setup becomes more straightforward, minimizing the potential for configuration errors and enhancing operational efficiency from the outset.
The streamlined configuration process saves valuable time for IT administrators, allowing them to focus on customizing the setup to meet specific organizational needs rather than wading through obsolete rules and groups. This practical approach aligns with the broader objective of enhancing user experience and making network management more accessible even for those with limited firewall administration experience. The elimination of unnecessary defaults provides a cleaner, more intuitive entry point for new users while ensuring that all critical security protocols are maintained.
Enhanced UI Readability
Sophos Firewall has released its latest update, v21.5, bringing significant improvements aimed at boosting both security and user experience. This new version offers a range of features designed to simplify administration, enhance network security, and streamline remote access. By addressing common user feedback and incorporating cutting-edge technologies, Sophos Firewall v21.5 establishes itself as the new benchmark for next-generation firewall solutions.
Among the highlights, the update introduces refined access controls, more intuitive management interfaces, and stronger threat detection capabilities. These changes not only make it easier to manage and configure the firewall but also provide robust protection against emerging cyber threats.
Additionally, v21.5 includes enhancements to VPN connectivity, making remote work more secure and efficient. The focus on user-centric improvements ensures that administrators can navigate and utilize the firewall with greater ease. By continuously evolving its offerings, Sophos Firewall demonstrates its commitment to innovation and user satisfaction, reinforcing its position as a leader in cybersecurity solutions.
