SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Packet Inspection of TCP UDP like Palo Alto does - Application Based Inspection

That ones those spent time with that stuff already know how easy it it, to open connections with BotNet Servers or with any other device just by opening an mos likely "common opened" port. BotNet Control, WebFilter, AV.... cant detect those traffic in most cases. We tested it ourselfs and were wondering that those old well known metasploit traffic is not detected.
Only the https connection made by metasploit was detected (aprox after 10 seconds) and was terminated. But could be endless reopened for 10 additional seconds and so on.

Its much more than easy to overcome an Sophos UTM / XG / SG whith hightest secure configuration to get that traffic trough the Firewall.

The only solution is to inspect not only HTTPS traffic like the WebFilter does with WebTraffic, instead inspecting all Ports, regardless of the port or connection type. A bit like the UTM/XG/SG Application control already does. But Application control is like nothing because the less implementations of Applications.

Just lets say.. if Sophos is build this into their Firewalls, its also wonderful for doing VLAN Segmentation. And the Appliance would detect almost any bad traffic going trough it. And also because the pricing of Sophos, compared with paloalto, it would be an giant selling possibility for Sophos.

At this time, it's almost equal "bad" than on other SMB vendors like Fortinet. - Sadly. I like Sophos Firewalls, but i really miss that forward-looking feature

5 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Stefan H shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.