Sophos Aws

Posted on  by admin
Sophos aws marketplace

XG Firewall is now available in the AWS marketplace with two flexible licensing options:

  • Pay-as-you-go (PAYG) license – ideal for short-term use
  • Bring-your-own license (BYOL) – our conventional multi-year term licenses

Amazon Web Services is the leading public cloud platform and Sophos has long been a leader in protecting networks and infrastructure in AWS. The introduction of XG Firewall to AWS brings unmatched visibility, protection and response to Amazon hosted cloud and hybrid networks. AWS customers can now take full advantage of the many innovations XG Firewall has to offer like Synchronized Security with Intercept X for Server, the new Xstream Architecture with high-performance TLS 1.3 inspection, and the latest machine learning Threat Intelligence and sandboxing protection from Ransomware and other advanced threats.

Crucially, it enables customers to manage a multi-cloud security strategy from a single cloud console in Sophos Central; including network security with XG Firewall; cloud workload protection with Intercept X for Server; and cloud security posture management with Cloud Optix.

Sophos provides native integrations with Amazon Web Services (AWS) and Microsoft Azure. Connecting your AWS and Azure accounts with your Sophos Central account provides enhanced management capabilities for Sophos Central Server Protection on AWS Elastic Compute Cloud (EC2) instances and Microsoft Azure Virtual Machines. Configure Sophos SG to Amazon VPC access rules At this stage, you have a tunnel configured to the VPC network and by default, the AWS Network ACLS will allow all in and outbound traffic. The Sophos SG, on the other hand, will need to have some firewall rules added. Sophos Firewall on AWS offers the same features and benefits as Sophos Firewall running on-premises, but you can easily install and run it in the AWS Cloud. Currently, Sophos Firewall on AWS doesn't support high availability and must be deployed as a standalone appliance.

XG Firewall brings full network security and control to AWS integrated into a single solution:

  • Xstream Deep Packet Inspection (DPI)
  • Intrusion Prevention System (IPS)
  • Web filtering, protection and application control
  • AV and AI machine-learning threat protection and sandboxing
  • TLS inspection with native support for TLS 1.3
  • A full-featured Web Application Firewall

In the coming months we will be extending XG Firewall’s integration into AWS with enhancements like auto-scaling, CloudFormation template support, CloudWatch integration and more.

Check out the full FAQ to learn more about XG Firewall on AWS

With XG Firewall now available in AWS as well as Microsoft’s Azure public cloud platform, XG Firewall further extends its industry-leading deployment options with support for any combination of cloud, virtual, software, or XG Series hardware appliances making it able to fit any customer network both now and in the future.

Learn More about XG Firewall protection for your cloud infrastructure.

Getting Started Resources:

Note: The MSP Flex Price List has also been updated to include XG Firewall in AWS

To stop advanced cyber threats targeting public cloud data and workloads, you need to ensure your cloud resources are configured correctly – and importantly, know how they can be accessed.

Cloud Optix has already transformed the way organizations address challenges around public cloud visibility and threat detection. So we’re over the moon to support the latest advancements in public cloud security with the launch of Amazon Detective and AWS Identity and Access Management (IAM) Access Analyzer at AWS re:Invent 2019, which gives you a smart way to further meet these challenges.

If you can’t see it, you can’t secure it


Cloud Optix answers a critical market need for visibility into these long-standing and risky blind spots.

Artificial intelligence is used to automate detection and response of cloud architecture security vulnerabilities and misconfigurations. Security teams gain complete visibility into everything they have in the cloud and the ability to respond and remediate security risks in minutes.

Sophos aws utm

Available in Amazon Web Services (AWS) Marketplace, Cloud Optix provides automatic discovery of an organization’s assets across hybrid cloud environments, including AWS, native and managed Kubernetes clusters (Amazon EKS), and Infrastructure-as-Code environments.

Now, with the latest integrations showcased at AWS re:Invent 2019, Sophos is taking this up a notch, accelerating threat investigation with Amazon Detective, and launching the latest capabilities around IAM Access Analyzer.

Connecting activity to spot threats sooner

Sophos Aws Marketplace

If you’re managing security over separate AWS accounts, you know how hard it is to connect the dots from different security findings. This is one way attackers get in – after all, they only need to get lucky once.

But, this is also where Amazon Detective comes into its own. Identifying activity such as failed logon attempts or suspicious API calls, it connects disparate actions across your AWS accounts with ease and enables rapid investigation of patterns in behavior, which is simply not possible for busy security teams to do manually.

By providing detailed visualizations and analysis, Amazon Detective allows you to understand the root cause of a security finding, as well as the resources affected, so you have the context needed to decide if activities are malicious.

Identify unintended access in seconds

Who has access to my S3 buckets? Can an external account assume my IAM role and access or delete my sensitive data? Good questions… wait a minute, let me check.

Sophos aws

Well, you don’t have time for that, but IAM Access Analyzer does.


It provides a smart approach to the discovery of cross-account and external account S3 access, giving you the power to analyze hundreds or even thousands of policies across AWS environments in seconds within Cloud Optix. This provides you with the detail and context needed to quickly determine if resource policies have been misconfigured to allow unintended public or cross-account access – leaving your valuable resources or data exposed.

Sophos Aws

Secure your cloud with Sophos

As integration launch partner for Amazon Detective and IAM Access Analyzer, Sophos Cloud Optix transforms your AWS security posture.

It delivers the continuous analysis and visibility needed to detect, respond and prevent hidden security and compliance gaps that leave them exposed and provides a single view of security posture across AWS, native and managed Kubernetes clusters (Amazon EKS), and Infrastructure-as-Code environments.

Sophos Aws Pricing

Get the latest Cloud Optix updates at @SophosDevOps.