Sophos Firewall - Network Protection

Overview

Firewall rules

TLS Decryption

Web Server Protection

Intrusion Prevention

Security Heartbeat

Advanced Threat Protection

Firewall rules

Summary

Rules are processed in order from top to bottom

the first rule to match is used

If there's no matching firewall rule, the traffic is dropped

default drop firewall rule doesn't log traffic

Types of Firewall Rule

User / Network Rule
  • Identity based
  • IP / MAC address based
  • Web filtering
  • Application control
  • Traffic shaping
  • Intrusion Prevention
Business Application Rule
  • Web servers with Web Application Firewall (WAF)
  • Email servers with Email Protection
  • Internal servers / services using NAT
  • Template-based configuration.

Icons

  • Disabled User Rule

  • Drop User Rule

  • Allow User Rule

  • Rule Group

  • Disabled Network Rule

  • Reject Network Rule

  • Allow Network Rule

  • Allow Business Application Rule

TLS Decryption

Summary

SSL inspection engine

Befehle

What is TLS Decryption

lorem ipsum dolor

SSL inspection engine

The SSL inspection engine sends decrypted packets to IPS, application control, web filtering and antivirus for checking

SSL policy

lorem ipsum dolor

Default decryption profiles

Maximum compatibility:

  • most relaxed profile
  • trying to ensure restrictions do not cause any unexpected problems

Block insecure:

  • this blocks known weak  protocols and ciphers

Strict compliance:

  • this is for people that must meet more strict compliance standards such as PCI

Web Server protection

Summary

Acts as a reverse proxy

Lorem Ipsum Dolor

lorem ipsum dolor

Intrusion Prevention

Summary

lorem

Lorem Ipsum Dolor

lorem ipsum dolor

Security Heartbeat

Summary

lorem

Lorem Ipsum Dolor

lorem ipsum dolor

Advanced Threat Protection

Summary

lorem

Lorem Ipsum Dolor

lorem ipsum dolor

Scroll to Top