Inside every business are multiple endpoints and potential attack surfaces that represent areas of security risk. As an Oxford IT company, we are well aware that for a long time endpoints and networks have operated separately as point solutions, even if they were part of the same vendor’s portfolio. However, in today’s world of growing security threats, this is not considered to be an effective approach anymore. So, Sophos decided it was time for a security revolution.

Their synchronised security initiative, called Sophos Security Heartbeat, contains both hardware and software to enable a full security system capability. The basic aim of this new system is to provide an insight into the current state of businesses security, based on intelligence from various sources, including endpoints and next-generation firewalls. The system does this by sending a constant stream of information from the endpoints to the network devices.

To put it simply, let’s look at an example of a malware attack. As a company who provide network support, we have seen many advanced malware attacks, which are able to slip by security systems easily without being detected. Most businesses multiple endpoint set-ups mean that their defences are not co-ordinated. So, it can take up to two hours for the vendor threat and infected machine to be identified, the affected user to be tracked down and the remediation process to begin. Two hours is a long time in security terms and could mean that the virus has enough chance to spread through your whole network, which could, in turn, have devastating effects for your business.

What Sophos Security Heartbeat does is turn that two-hour window into an 8-second one (approximately). This is because of its real-time pulsing intelligence between your firewall and endpoints at all times, meaning it is constantly co-ordinating your defences, closing any gaps it sees in your security and automatically responding to any security attacks instantly. What this gives you is:

Instant Network Visibility

You constantly have a live picture of your entire network with Sophos Heartbeat, as endpoints automatically identify themselves when they connect. The system is designed with a ‘red-yellow-green’ indicator as well so that you can see the health of your network easily and identify which devices are good to go and which need some attention.

Compromised System Identification

Within seconds of an attack, Sophos Heartbeat will provide you with the information you need to identify the affected user, the infected machine and even the file path which may indicate where the malicious traffic came from.

Threat Intelligence

When it identifies that a device is under attack, Sophos Heartbeat will communicate with your firewall and all devices within your network, sharing its real-time threat intelligence. Therefore, allowing each area to enhance their defences.

Automatic Incident Response

If a device gets infected, Sophos Heartbeat will instantly quarantine it from the rest of your network, alert you to the threat and then begin a remediation process. This reduction in incident response time means that you now stand a better chance of preventing the infection from spreading across your entire network.

Cloud-based Security

Sophos Security Heartbeat is built on their cloud platform and integrates endpoint security, mobile device management, server protection, and a secure web gateway into one single management console. The system is also supported by Sophos Lab Network, which means that you have access to real-time security information from around the world and so, can stay one step ahead of the latest threats.

If you want to learn more about Sophos’ new security solution or find out more about the services we offer as an IT support Oxford company, then please contact us.