Txhawm rau kom muaj txiaj ntsig zoo ntawm cov ntaub ntawv kev ruaj ntseg cov cuab yeej, kev sib txuas ntawm nws cov khoom ua si yog lub luag haujlwm tseem ceeb. Nws tso cai rau koj los npog tsis tsuas yog sab nraud, tab sis kuj muaj kev hem thawj sab hauv. Thaum tsim lub network infrastructure, txhua lub cuab yeej kev ruaj ntseg, xws li antivirus lossis firewall, yog qhov tseem ceeb kom lawv ua haujlwm tsis yog hauv lawv chav kawm (Endpoint security lossis NGFW), tab sis kuj muaj peev xwm sib cuam tshuam nrog ib leeg los koom ua ke tawm tsam kev hem thawj. .
Ib qho kev xav ntawm me ntsis
Nws tsis yog qhov xav tsis thoob tias niaj hnub no cybercriminals tau dhau los ua lag luam ntau dua. Lawv siv ntau lub network thev naus laus zis los kis malware:
Email phishing ua rau cov malware hla qhov pib ntawm koj lub network siv cov kev tawm tsam paub, kev tawm tsam xoom-hnub ua raws li kev tsim nyog nce ntxiv, lossis kev txav mus los ntawm lub network. Muaj ib lub cuab yeej muaj tus kab mob tuaj yeem txhais tau tias koj lub network tuaj yeem siv rau qhov txiaj ntsig ntawm tus neeg tawm tsam.
Qee qhov xwm txheej, thaum nws tsim nyog los xyuas kom meej qhov kev sib cuam tshuam ntawm cov ntaub ntawv kev ruaj ntseg cov khoom, thaum ua cov ntaub ntawv kev ruaj ntseg tshawb xyuas ntawm lub xeev tam sim no, nws tsis tuaj yeem piav qhia nws siv ib qho kev ntsuas uas sib cuam tshuam. Feem ntau, ntau cov kev daws teeb meem thev naus laus zis uas tsom rau kev tawm tsam ib hom kev hem thawj tshwj xeeb tsis muab kev koom ua ke nrog lwm cov kev daws teeb meem thev naus laus zis. Piv txwv li, cov khoom tiv thaiv qhov kawg siv kos npe thiab kev soj ntsuam tus cwj pwm los txiav txim seb cov ntaub ntawv puas muaj kab mob los yog tsis. Txhawm rau kom tsis txhob ua phem rau kev khiav tsheb, firewalls siv lwm cov thev naus laus zis, uas suav nrog web filtering, IPS, sandboxing, thiab lwm yam. Txawm li cas los xij, hauv cov koom haum feem ntau cov ntaub ntawv kev ruaj ntseg no tsis txuas nrog ib leeg thiab ua haujlwm hauv kev sib cais.
trends nyob rau hauv kev siv ntawm Heartbeat technology
Txoj hauv kev tshiab rau cybersecurity suav nrog kev tiv thaiv ntawm txhua qib, nrog rau cov kev daws teeb meem uas siv rau txhua qib txuas rau ib leeg thiab muaj peev xwm sib pauv cov ntaub ntawv. Qhov no ua rau kev tsim ntawm Sunchronized Security (SynSec). SynSec sawv cev rau cov txheej txheem ntawm kev ruaj ntseg cov ntaub ntawv raws li ib tug system. Hauv qhov no, txhua cov ntaub ntawv kev ruaj ntseg tivthaiv tau txuas rau ib leeg hauv lub sijhawm. Piv txwv li, kev daws teeb meem ua raws li txoj cai no.
Kev ruaj ntseg Heartbeat technology enables kev sib txuas lus ntawm kev ruaj ntseg Cheebtsam, enabling system kev sib koom tes thiab saib xyuas. IN cov kev daws teeb meem ntawm cov chav kawm hauv qab no yog kev koom ua ke:
- - classic kos npe antivirus;
- - tshwj xeeb antivirus rau servers;
- - tiam tshiab antivirus (tsis muaj kos npe thiab nrog cov cuab yeej txawj ntse);
- - Lwm tiam Firewall;
- - kev tswj cov cuab yeej txawb thiab kev nkag mus rau kev lag luam xa ntawv thiab cov ntaub ntawv;
- ;
- - cov ntsiab lus nkag tau tswj hwm los ntawm huab thiab hauv zos ntawm Sophos UTM / Sophos XG;
- - ib qho kev daws teeb meem classic rau lim cov tsheb khiav hauv lub vev xaib;
- - huab / hauv zos tiv thaiv spam / tshuaj tiv thaiv kab mob;
- - tsa cov neeg ua haujlwm paub txog, ua kev sim phishing xa ntawv;
- - kev tshuaj xyuas ntawm huab infrastructures.
Nws yog ib qho yooj yim kom pom tias Sophos Central txhawb nqa ntau yam ntawm cov ntaub ntawv kev ruaj ntseg daws teeb meem. Ntawm Sophos Central, SynSec lub tswv yim yog ua raws li peb lub hauv paus ntsiab lus tseem ceeb: kev tshawb nrhiav, kev tshuaj xyuas thiab teb. Txhawm rau piav qhia meej, peb yuav nyob ntawm lawv txhua tus.
SynSec cov ntsiab lus
DEETECTION (nrhiav kev hem tsis paub)
Cov khoom lag luam Sophos, tswj hwm los ntawm Sophos Central, cia li muab cov ntaub ntawv sib koom los txheeb xyuas qhov txaus ntshai thiab tsis paub txog kev hem thawj, uas suav nrog:
- kev txheeb xyuas kev tsheb khiav hauv lub network nrog lub peev xwm los txheeb xyuas cov ntawv thov kev pheej hmoo siab thiab cov tsheb tsis zoo;
- nrhiav pom cov neeg siv khoom pheej hmoo siab los ntawm kev txheeb xyuas kev sib raug zoo ntawm lawv cov kev ua hauv online.
SAIB (instant thiab intuitive)
Kev txheeb xyuas qhov xwm txheej tiag tiag muab kev nkag siab sai ntawm qhov xwm txheej tam sim no hauv qhov system.
- Qhia tag nrho cov xov tooj ntawm cov xwm txheej uas coj mus rau qhov xwm txheej, suav nrog tag nrho cov ntaub ntawv, npe yuam sij, URLs, thiab lwm yam.
teb (automatic xwm txheej teb)
Kev teeb tsa cov cai tswj kev nyab xeeb tso cai rau koj tuaj yeem teb cov kab mob thiab cov xwm txheej hauv ib lub vib nas this. Qhov no yog guaranteed:
- Kev cais tawm tam sim ntawm cov cuab yeej muaj kab mob thiab nres qhov kev tawm tsam ntawm lub sijhawm tiag tiag (txawm tias nyob hauv tib lub network / tshaj tawm xov xwm);
- txwv tsis pub nkag mus rau lub tuam txhab kev pab cuam network rau cov khoom siv uas tsis ua raws li cov cai;
- remotely tso lub tshuab luam theej duab thaum kuaj pom spam.
Peb tau saib cov hauv paus ntsiab lus kev ruaj ntseg uas Sophos Central yog raws. Tam sim no cia peb mus rau qhov kev piav qhia ntawm yuav ua li cas SynSec thev naus laus zis tshwm sim nws tus kheej hauv kev nqis tes ua.
Los ntawm kev tshawb xav rau kev xyaum
Ua ntej, cia peb piav qhia seb cov khoom siv cuam tshuam li cas siv SynSec txoj cai siv Heartbeat technology. Thawj kauj ruam yog sau npe Sophos XG nrog Sophos Central. Nyob rau theem no, nws tau txais daim ntawv pov thawj rau kev txheeb xyuas tus kheej, qhov chaw nyob IP thiab chaw nres nkoj los ntawm cov khoom siv kawg yuav cuam tshuam nrog nws siv Heartbeat thev naus laus zis, nrog rau cov npe ntawm IDs ntawm cov cuab yeej kawg tswj hwm los ntawm Sophos Central thiab lawv daim ntawv pov thawj cov neeg siv khoom.
Tsis ntev tom qab Sophos XG sau npe tshwm sim, Sophos Central yuav xa cov ntaub ntawv mus rau qhov kawg kom pib qhov kev sib cuam tshuam Heartbeat:
- daim ntawv pov thawj tub ceev xwm siv los muab Sophos XG daim ntawv pov thawj;
- ib daim ntawv teev cov cuab yeej ID uas tau sau npe nrog Sophos XG;
- IP chaw nyob thiab chaw nres nkoj rau kev sib cuam tshuam siv Heartbeat technology.
Cov ntaub ntawv no tau muab khaws cia rau hauv lub computer hauv txoj hauv qab no: %ProgramData%SophosHearbeatConfigHeartbeat.xml thiab hloov kho tsis tu ncua.
Kev sib txuas lus siv Heartbeat thev naus laus zis yog ua los ntawm qhov kawg xa cov lus mus rau qhov chaw nyob IP khawv koob 52.5.76.173: 8347 thiab rov qab. Thaum lub sij hawm soj ntsuam, nws tau qhia tias pob ntawv xa nrog lub sijhawm 15 vib nas this, raws li tus neeg muag khoom tau hais. Nws tsim nyog sau cia tias Heartbeat cov lus tau ua tiav ncaj qha los ntawm XG Firewall - nws cuam tshuam cov pob ntawv thiab saib xyuas cov xwm txheej ntawm qhov kawg. Yog tias koj ua pob ntawv ntes ntawm tus tswv tsev, cov tsheb yuav tshwm sim nrog kev sib txuas lus nrog tus IP chaw nyob sab nraud, txawm hais tias qhov tseeb qhov kawg yog kev sib txuas lus ncaj qha nrog XG firewall.
Piv txwv tias ib daim ntawv thov phem tau nkag mus rau koj lub computer. Sophos Endpoint kuaj pom qhov kev tawm tsam no lossis peb tsis tau txais Heartbeat los ntawm qhov system no. Ib lub cuab yeej muaj tus kab mob cia li xa cov ntaub ntawv hais txog lub kaw lus tau kis tus kab mob, ua rau muaj kev ua haujlwm tsis siv neeg. XG Firewall tam sim cais koj lub computer, tiv thaiv kev tawm tsam los ntawm kev sib kis thiab cuam tshuam nrog C&C servers.
Sophos Endpoint tau tshem tawm malware. Thaum nws raug tshem tawm, qhov kawg ntaus ntawv syncs nrog Sophos Central, ces XG Firewall rov nkag mus rau lub network. Kev Tshawb Fawb Txog Kev Tshawb Fawb (RCA lossis EDR - Kev Tshawb Nrhiav Kawg thiab Teb) tso cai rau koj kom nkag siab meej txog qhov tshwm sim.
Piv txwv tias cov peev txheej koom nrog tau nkag los ntawm cov khoom siv txawb thiab cov ntsiav tshuaj, nws puas tuaj yeem muab SynSec?
Sophos Central muab kev txhawb nqa rau qhov xwm txheej no ΠΈ . Cia peb hais tias tus neeg siv sim ua txhaum txoj cai ruaj ntseg ntawm lub xov tooj ntawm tes tiv thaiv nrog Sophos Mobile. Sophos Txawb tau kuaj pom qhov ua txhaum cai ntawm kev nyab xeeb thiab xa cov ntawv ceeb toom mus rau lwm qhov ntawm lub kaw lus, ua rau muaj kev teeb tsa ua ntej rau qhov xwm txheej. Yog tias Sophos Mobile muaj "tsis lees paub kev sib txuas hauv network" txoj cai teeb tsa, Sophos Wireless yuav txwv kev nkag mus rau network rau lub cuab yeej no. Kev ceeb toom yuav tshwm sim hauv Sophos Central dashboard nyob rau hauv Sophos Wireless tab qhia tias lub cuab yeej muaj tus kab mob. Thaum tus neeg siv sim nkag mus rau hauv lub network, lub vijtsam txaws yuav tshwm sim ntawm qhov screen qhia lawv tias kev nkag mus hauv Is Taws Nem yog txwv.
Qhov kawg point muaj ob peb lub plawv dhia: liab, daj, thiab ntsuab.
Cov xwm txheej liab tshwm sim hauv cov xwm txheej hauv qab no:
- active malware kuaj pom;
- kuaj pom tias muaj kev sim tua malware;
- kuaj pom kev ua phem hauv network;
- lub malware tsis raug tshem tawm.
Cov xwm txheej daj txhais tau hais tias qhov kawg tau kuaj pom tsis ua haujlwm malware lossis tau kuaj pom PUP (muaj peev xwm tsis xav tau kev pab cuam). Cov xwm txheej ntsuab qhia tias tsis muaj teeb meem saum toj no raug kuaj pom.
Tau saib ntawm qee qhov xwm txheej classic rau kev sib cuam tshuam ntawm cov cuab yeej tiv thaiv nrog Sophos Central, cia peb mus rau qhov kev piav qhia ntawm cov duab sib cuam tshuam ntawm kev daws teeb meem thiab tshuaj xyuas cov chaw tseem ceeb thiab kev txhawb nqa kev ua haujlwm.
Graphical interface
Cov tswj vaj huam sib luag qhia cov ntawv ceeb toom tshiab kawg. Cov ntsiab lus ntawm ntau yam kev tiv thaiv tseem muaj nyob rau hauv daim duab kos duab. Nyob rau hauv cov ntaub ntawv no, cov ntsiab lus ntawm kev tiv thaiv ntawm tus kheej lub computer yog tso tawm kom pom. Lub vaj huam sib luag no tseem muab cov ncauj lus qhia txog kev sim mus xyuas cov peev txheej txaus ntshai thiab cov peev txheej nrog cov ntsiab lus tsis tsim nyog, thiab kev txheeb xyuas email.
Sophos Central txhawb nqa cov ntawv ceeb toom los ntawm qhov hnyav, tiv thaiv tus neeg siv los ntawm kev ceeb toom kev ruaj ntseg tseem ceeb. Ntxiv nrog rau cov lus qhia ntxaws ntxaws ntawm cov xwm txheej ntawm kev ruaj ntseg, Sophos Central txhawb nqa cov xwm txheej nkag thiab kev koom ua ke nrog SIEM systems. Rau ntau lub tuam txhab, Sophos Central yog lub platform rau ob sab hauv SOC thiab muab kev pabcuam rau lawv cov neeg siv khoom - MSSP.
Ib qho ntawm cov yam ntxwv tseem ceeb yog kev txhawb nqa rau qhov hloov tshiab cache rau cov neeg siv khoom kawg. Qhov no tso cai rau koj txuag bandwidth ntawm kev khiav tsheb sab nraud, txij li qhov hloov tshiab no tau rub tawm ib zaug rau ib tus neeg siv khoom kawg, thiab tom qab ntawd lwm cov ntsiab lus kawg rub tawm los ntawm nws. Ntxiv rau qhov tau piav qhia, qhov kawg xaiv tau tuaj yeem xa cov lus ceeb toom kev nyab xeeb thiab cov ntaub ntawv qhia rau Sophos huab. Cov haujlwm no yuav muaj txiaj ntsig yog tias muaj cov khoom siv kawg uas tsis muaj kev nkag mus rau Is Taws Nem ncaj qha, tab sis yuav tsum muaj kev tiv thaiv. Sophos Central muab ib qho kev xaiv (tamper tiv thaiv) uas txwv tsis pub hloov lub computer kev ruaj ntseg chaw lossis rho tawm tus neeg saib xyuas qhov kawg.
Ib qho ntawm cov khoom tiv thaiv qhov kawg yog lub cim tshiab antivirus (NGAV) - . Siv cov tshuab kev kawm tob tob, cov tshuaj tiv thaiv kab mob tuaj yeem txheeb xyuas cov kev hem thawj uas tsis paub yav dhau los yam tsis siv kos npe. Qhov kev kuaj pom tseeb yog piv rau cov npe analogues, tab sis tsis zoo li lawv, nws muab kev tiv thaiv kev tiv thaiv, tiv thaiv xoom-hnub tawm tsam. Intercept X muaj peev xwm ua hauj lwm ua ke nrog kos npe antiviruses los ntawm lwm tus neeg muag khoom.
Hauv tsab xov xwm no, peb tau tham luv luv txog SynSec lub tswv yim, uas yog siv hauv Sophos Central, nrog rau qee lub peev xwm ntawm cov tshuaj no. Peb yuav piav qhia txog yuav ua li cas txhua yam kev ruaj ntseg koom ua ke hauv Sophos Central ua haujlwm hauv cov lus hauv qab no. Koj tuaj yeem tau txais qhov demo version ntawm kev daws teeb meem .
Tau qhov twg los: www.hab.com