Free antiviruses and firewalls (UTM, NGFW) from Sophos

I would like to talk about the free products of Sophos, which can be used both at home and at the enterprise (details under the cut). The use of TOP solutions by Gartner and NSS Labs will significantly increase the personal level of security. Free solutions include: Sophos UTM, XG Firewall (NGFW), Antivirus (Sophos Home with web filtering for Win/MAC; for Linux, Android) and malware removal tools. Next, we will look at the high-level functionality and steps for obtaining free versions.

Today, many people have several laptops, tablets, phones at home, there are remote sites (homes of parents, relatives), there are children who need to be protected from unwanted content, and computers need to be protected from ransomware/ransomware. All this essentially comes down to the tasks of a small company - with a distributed IT infrastructure and high security requirements. Today we will talk about products that allow you to solve these problems for free at home.

Lyrical digression about Sophos

Sophos was founded in 1985 as an antivirus company and remained so until the early 2000s. From that moment on, Sophos actively began to develop in other directions: with the help of its own expertise and laboratories, as well as through the acquisition of other companies. Today the company has 3300 employees, 39000 partners and 300000 customers. The company is public - reports for investors are available open. The company conducts research in the field of information security (SophosLabs) and monitors the news - you can follow the blog and podcast from Sophos - Naked Security.

Mission:
To be the best in the world to provide comprehensive IT security for enterprises of various sizes (from small businesses to international corporations).

Strategy:

• Only safety.
• Make complex security simple.
• Management both completely locally and through the cloud.

The only information security vendor that is a leader in network security and workplace security - the first to come up with their joint work. The company focuses on the corporate sector, so solutions for home users do not contain ads and are fully functional. Keep in mind that most of the solutions below are designed for home use. All Sophos commercial solutions can be tested for 30 days.

Closer to the point or let's start in order

The main page that lists almost all free solutions is the page: Sophos Free Products.

To quickly navigate the solution, I will give a short description. For convenience, quick links to obtain the respective product will be provided.

Basic steps to follow for almost every product:

1. Registration - get a MySophos ID. Everything is standard, as elsewhere.
2. Download request. Fill in the required fields.
3. Export check. A slightly unusual move. Unfortunately, this cannot be avoided (export law requirements). When downloading the product, you must fill in the appropriate fields. This step may take about a day (depending on the number of requests, since it is checked manually). The next time will need to be repeated after 90 days.
4. Download request. Fill in the required fields again. The main thing is to use Email and full name from step #2.
5. Download and installation.

Sophos Home for Windows and Mac OS

Sophos Home - free antivirus and parental control. Keeps all home computers secure with free Sophos Home antivirus. This is the same anti-virus protection and web filtering technology that hundreds of thousands of companies trust, available for home use.

• Track events and change security settings for the whole family centrally from any browser.
• Control access by categories of websites with one click.
• Protection of computers with Windows and Mac OS.
• Free, up to 3 devices per email account.

Sophos Home Premium provides protection against ransomware and exploits for home users, uses technology deep machine learning to detect malware that has not yet appeared = next-generation antivirus (commercial product functionality Intercept X). Increases the number of devices under one account up to 10. The functionality is paid, available for a number of regions in the world, unfortunately not available in Russia - VPN / Proxy to help.

Download link Sophos Home.

Commercial version Sophos Central allows you to manage from a single console:

• Endpoint Protection - antivirus for workplaces.
• Intercept X — antivirus with deep machine learning and EDR for incident investigation. Belongs to the class of solutions: Next Generation Antivirus, EDR.
• server Protection — antivirus for Windows, Linux and virtualization servers.
• Mobile - mobile device management - MDM, containers for mail and data access.
• Email - cloud-based anti-spam, for example for Office365. Sophos also has various options for Local anti-spam systems.
• wireless — management of Sophos access points from the cloud.
• PhishTreat - allows you to conduct phishing mailings, train employees.

A distinctive feature of Sophos antivirus is the high speed of the antivirus engine, combined with the high quality of malware detection. The anti-virus engine is built in by other IS vendors, such as Cisco, BlueCoat, etc. (see. Sophos OEM. In Russia, the anti-virus engine uses, for example, Yandex.

Antivirus is in the top three according to the version Gartner, so the use of a home version of an industrial antivirus will certainly increase the overall level of household information security.

Sophos UTM Home Edition

Class: UTM (Unified Threat Management) - a Swiss knife in the field of information security (all-in-one)
Leader: Gartner UTMsince 2012
Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Amazon), original hardware platform

A demo interface is available at this link.
Download link Sophos UTM Home Edition.

Features and Description:
Sophos UTM provides all the necessary functionality to protect the network: firewall, web filtering, IDS / IPS, anti-spam, WAF, VPN. The only limitation of the home version is 50 protected internal IP addresses. Sophos UTM comes as an ISO image with its own operating system and overwrites data on the hard drive during installation. Therefore, a separate, dedicated computer or virtual machine is required.

Already on Habré article about organizing web filtering based on Sophos UTM (in terms of replacing Microsoft TMG).

The limitation compared to the commercial version is the protection of up to 50 IP addresses. There are no functional restrictions!

As a bonus: the Home Edition has 12 Endpoint Protection antivirus licenses, which means that you can control from the UTM console not only network security, but also workplace security: apply anti-virus filtering rules, web filtering rules, control connected devices - it works even for those computers that are not on the local network.

Steps:

Stage 1 - Get the Software

1. Get MySophos ID - see above.
2. Fill in the required fields and submit the form (divided into multiple screens).
3. Receive an email with links.
4. Make a request to download the ISO image from the links in the email or directly. If necessary, wait for an export control check.
5. Use ISO to install on your x86 server or any virtualization (VMware, Hyper-V, KVM, Citrix).

Stage 2 - Obtaining a License

1. Follow the link from the letter above to activate your account on the portal MyUTM. If you have used mail before, log in or reset your password to gain access to MyUTM.
2. Download the license file in the License Management -> Home Use License section. Click on the license and select Download License File. A text file named "licenseXXXXXXX.txt" will be downloaded.
3. After installation, open the WebAdmin control panel at the specified IP address: for example https://192.168.0.1:4444
4. Upload the license file to the section: Management -> Licensing -> Installation -> Upload.

Getting Started Guide in English.

The license is created for 3 years, after which the license must be generated again according to the steps of Stage 2, after deleting the expired license from the MyUTM portal.

Sophos UTM Essential Firewall

Free firewall for commercial use. To obtain a license, you must fill out the form on this link. A text file-license with a perpetual license will be sent to the mail.

Features: Firewall up to L4, routing, NAT, VLAN, PPTP/L2TP remote access, Amazon VPC, GeoIP filtering, DNS/DHCP/NTP services, Sophos SUM centralized management.

A visual representation of the functions is shown in the figure above. The modules that surround Essential Firewall are separate licensed subscriptions.

Sophos SUM

It is convenient to use Sophos SUM (Sophos UTM Manager) to centrally manage standalone UTMs across sites. SUM allows you to monitor the status of subordinate systems and distribute individual policies from a single web interface. Free for commercial use.

Download link and license request Sophos SUM. The email will include download links (similar to Sophos UTM) and a license file as an attachment.

Sophos XG Firewall Home Edition

Class: NGFW (Next Generation Firewall), UTM (Unified Threat Management) - filtering by applications, users and UTM functions
Leader: Gartner UTM
Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Azure), original hardware platform

A demo interface is available at this link.
Download link Sophos XG Firewall Home.

Features and Description:
The solution was released in 2015 as a result of the takeover of Cyberoam.
The Home Edition of Sophos XG Firewall provides complete protection for your home network, including all the features of the commercial version: virus protection, category and URL web filtering, application control, IPS, traffic shaping, VPN (IPSec, SSL, HTML5, etc.) , reporting, monitoring and much more. For example, XG Firewall can be used to audit the network, identify risky users, and block application traffic.

• Complete protection for home users and home network.
• It comes as a complete ISO image with its own OS based on the Linux kernel.
• Work on Intel-compatible hardware and virtualization.

Not licensed by IP addresses. The limitation compared to the commercial version is up to 4 CPU cores, 6GB RAM. There are no functional restrictions!

Getting Starting Guide for Software version in English и in English.

Sophos XG Firewall Manager

It is an advanced centralized management system for XG Firewall slaves. Displays the security status of connected devices. Allows you to manage the configuration: create templates, carry out mass changes on groups of devices, change any fine-tuning. It can act as a single entry point for a distributed infrastructure. Free for up to 5 managed devices.

A demo interface is available at this link.

Download link Sophos XG Firewall Manager.

Sophos iView

If you have multiple installations of Sophos UTM and/or Sophos XG Firewall and need to have summary statistics, then you can install iView, which is a Syslog collector for Sophos products. The product is free up to 100GB of storage.

Download link Sophos iView.

Sophos Mobile Security for Android

Sophos Mobile Security's award-winning free antivirus for Android protects Android devices without compromising performance or battery life. Real-time synchronization with SophosLabs ensures that your mobile device is always protected.

• Detect malware and block potentially unwanted applications and Internet threats.
• Protect against loss and theft with remote lock, wipe, and location.
• Privacy Advisor and Security Advisor help keep your device even more secure.
• The Authenticator manages one-time passwords for multi-factor authentication.
• Secure QR Code Scanner blocks malicious content that can be hidden behind a QR code.

Download link Sophos Mobile Security for Android.

Commercial Product: Sophos Mobile Control - belongs to the MDM class and allows you to manage mobile phones (IOS, Android) and workstations (MAC OS, Windows) according to the BYOD concept with mail containers and data access control.

Sophos Mobile Security for iOS

The first step in securing your iOS device is to install the latest updates. Sophos Mobile Security for iOS explains how to install updates and provides a collection of handy security enhancements for iOS devices:

• OS Version Advisor explains the security benefits of updating to the latest version of iOS (handy descriptions of updates and fixes).
• Authenticator for managing one-time passwords for multi-factor authentication.
• Secure QR Code Scanner blocks malicious content that can be hidden behind a QR code.

Download link Sophos Mobile Security for iOS.

Malware Removal Tool (HitmanPro)

The Windows Malicious Software Removal Tool scans your entire computer for problems, and if they are found, you get a free 30-day license to remove the threat. Don't wait for an infection to occur, you can run this tool at any time to see how your current antivirus or endpoint protection software is performing.

• Removes viruses, trojans, rootkits, spyware and other malware.
• Without configuration and installation.
• A free independent scanner will point out what has been missed.

Download link Sophos Malware Removal Tool.

Commercial Product: Sophos Clean is included in many commercial products such as Sophos InterceptX.

Virus Removal Tool

The free Virus Removal Tool helps you quickly and easily find and remove threats lurking on your computer. The tool detects and removes viruses that your antivirus may have missed.

• Removal of viruses, worms, rootkits and fake antiviruses.
• Support for Windows XP SP2 and later.
• Works simultaneously with existing antivirus.

Download link Sophos Virus Removal Tool.

Sophos Antivirus for Linux - Free Edition

Protect critical Linux servers and prevent all threats - even those designed for Windows. The antivirus is lightweight and easy to use so that Linux servers can keep up with speed. It runs invisibly in the background and scans in one of the following modes: on-access, on-demand, or scheduled.

• Looks for and blocks malicious files.
• Easy installation and discreet operation.
• Supports a wide range of Linux versions, including customized distributions and kernels.
• The ability to easily upgrade to a commercial version with support and centralized management.

Download link Sophos Antivirus for Linux.

Commercial product: allows you to connect to a centralized management system and supports a wide range of operating systems - Linux and Unix.

Support or help yourself

The single entry window is the Support section on the vendor's website - Sophos Support, with end-to-end search across all resources. Sophos Home has a separate portal.
There are three main ways to find a solution to a problem:

1. Documentation, in many cases it is built into the product itself, but if you want to read PDF before going to bed, there is a section Documentation.
2. Knowledge base, Sophos has it in the public domain. Here you can see the main scenarios of settings and difficult moments. Cm. Knowledge Base.
3. A user community that allows you to find a solution to a problem is located at Community Sophos.

For commercial customers, of course, there is full support, both from the vendor and the distributor. In Russia, the CIS and Georgia - from factor group.

Beware of ransomware!

Finally, you can watch a video about Time Machine to protect against ransomware 🙂

Source: habr.com