A new Up2Date package for Sophos UTM is available as of today.
This update will disable SSLv3 support for many services to eliminate the risks from CVE-2014-3566 (POODLE).
Furthermore, we have introduced some additional fixes and improved the Up2Date client in anticipation of the ucoming 9.3 release.
We’re pleased to announce the availability of Sophos iView, our new reporting appliance add-on for UTM. Sophos iView extends and enhances the Sophos UTM’s already outstanding on-box reporting, adding consolidated reporting across multiple UTMs, compliance reporting, and long-term log storage.
Back in the summer we ran a little survey on SpiceWorks and almost 400 Small and Medium Business IT managers gave us their view on the main challenges they have with their current firewall. But some of the results weren’t exactly what we were expecting.
The #1 rated issue was the lack of reporting options
35% of respondents said their firewall provides insufficient reporting and 22% also cited lack of visibility into infected machines which speaks to a lack of useful insight too. Users are hungry for bandwidth and regulatory compliance is becoming increasingly important so it’s not really surprising that IT managers crave a better view into what’s happening on their network.
What is surprising is that so few firewall vendors offer their users what they need. Compare the leading UTM/Firewall vendors and you’ll find just one who has over 1000 reports available built-into the appliance. I’ m sure you can guess who check here if you can’t! At Sophos we prioritize reporting and in addition to the on-box reports we also offer Sophos iView our dedicated virtual reporting appliance for those that simply need more reports or want to correlate reporting across multiple appliances.
Today we made available a new Up2Date package for Sophos UTM which will introduce a security fix for CVE-2014-6271 .
Please note, that to date we are not aware that the Sophos UTM is exposed to the described vulnerabilities and this release is a precautionary update.
Please read on to see the full details of this release.
Last time we talked about how to set up your firewall. This week we’ll continue looking at some other things that happen in the background but that you can also control and benefit from.
When you set up the UTM for the first time you may have chosen not to enable DHCP, or Dynamic Host Configuration Protocol. You may have chosen not to enable it because you already have a DHCP server on your network or you just don’t know what it is.
In layman’s terms, a DHCP server manages the handing out of IP addresses to devices as they come and go on your network.
Shellshock, a serious vulnerability affecting Linux, UNIX and OS X computers, is making life difficult for IT admins, as vendors rush out patches to stay ahead of the cybercriminals trying to exploit this bug.
Like the Heartbleed bug in OpenSSL, Shellshock has a nasty-sounding name, far-reaching impact, and major consequences for security. Yet Shellshock is worse than Heartbleed in one important way — it could allow an attacker to take complete control of vulnerable machines.
If you’re looking for a little tutorial on Shellshock, we’ve created a simple infographic to explain the bug, how an attacker might exploit it, and what you can do to stay safe.
A while back we talked about how you can upgrade your network security with a Sophos UTM for free as a home user.
Here we will explain the basic premise of firewalls and at the same time tell you how you can build one to suit your network.
The firewall is your gatekeeper, your first line of defense, shielding you from the outside world also known as the Internet. The firewall stops unsolicited traffic from the Internet from accessing your network and only allows responses to traffic originating from the inside back through.