Sophos introduces Synchronized Security, a revolution in advanced threat protection. Synchronized Security is the linking of network and endpoint security to deliver unparalleled protection by automating threat discovery, investigation, and response.
- Accelerated Discovery
Endpoint and network protection combine to identify unknown threats faster.
- Active Identification
Reduces time taken to identify infected or at risk device or host by IP address alone.
- Automated Response
Compromised endpoints can be automatically isolated or restricted by firewall policies based on Heartbeat™ status.
How it works is quite ingenious and simple.
When malicious C&C or botnet traffic is detected on the network, the Firewall can use the Heartbeat connection to let the Endpoint know, which will change it’s status, triggering a notification and possibly changes in policy.
Any network policy can have a heartbeat status attached as we saw earlier, enabling infected machines to be automatically isolated completely in the event of an incident until they can be cleaned up… or at least limit access to compromised machines so they don’t leak data or potentially infect other systems on the network.
Sophos Security Heartbeat™ enables our Next-Gen Endpoint and Next-Gen Firewall to share information and work together.
It delivers unparalleled protection against advanced malware and targeted attacks.
If you’re already using Sophos Endpoint or Sophos UTM, use this chart to ﬁnd your path to Sophos Security Heartbeat™.