Sophos Brings Lateral Movement Protection to XG Firewall to Prevent Cyberattacks

Carmel Miguel
A global leader in network and endpoint security, Sophos has updated its next-generation Sophos XG Firewall to include lateral movement protection to prevent targeted manual cyberattacks or exploits from spreading further into a compromised network.

Sophos Brings Lateral Movement Protection to XG Firewall to Prevent Cyberattacks
Sophos Brings Lateral Movement Protection to XG Firewall to Prevent Cyberattacks

According to Sophos Senior Vice President and General Manager of Products, many organizations are prepared for attacks from automatic bots but not interactive, human-driven attacks.

“If active adversaries get into a system they can ‘think laterally’ to troubleshoot roadblocks, evade detection and move around. It is hard to stop them unless the right security measures are in place. Most lateral movements happen on the endpoint, which is why synchronizing security is important. Attackers will attempt to advance using non-malware techniques, such as exploits, Mimikatz and privilege escalation. The network needs to know to respond and automatically shut down or isolate infected machines before anyone or anything spreads further.”
“Stopping lateral movements – from active adversaries or worm-type exploits – by sharing intelligence between the firewall and endpoints, and automatically isolating infected systems is critical for every organization today,” said Schiappa. “Unfortunately, many business environments could have blind spots on their network switches or LAN segments, and these can become secret launch pads for attacks. The new features in Sophos XG Firewall prevent threats from spreading, even where the firewall does not have direct control over traffic.”

The Sophos XG Firewall automatically interacts with Sophos’ endpoint products, including its new Intercept X Advanced with Endpoint Detection and Response (EDR), to deliver this new layer of protection. These essential security anchors connect via the Security Heartbeat in Sophos’ Synchronized Security technology. This creates an intelligent solution that can proactively predict and protect against threats, detect and prevent further infection by automatically isolating machines, and remediate the infection. Security Heartbeat technology enables the automatic isolation of high-risk endpoints from other endpoints on the same broadcast domain or network segment.

See Also: Sophos Rolls Out New Email Advanced Feature with Deep Learning Capability

Additional new and enhanced features in Sophos XG Firewall include protection enhancements (deeper, broader IPS coverage with increased granularity in patterns, JavaScript cryptojacking protection), sandstorm sandboxing enhancements, networking enhancements, and education features.

Sophos XG Firewall is available from registered Sophos partners worldwide. No hardware is required for a free trial of XG Firewall, available at

Post a Comment


Post a Comment (0)