What’s new in Sophos UTM Accelerated (9.2): #7 – Safer Web Application Firewall

UTM-9.2-saferThis blog post continues our series introducing the great features you can look forward to in the upcoming UTM Accelerated (9.2) release. I’ll explain how we’re making the web application firewall safer, all in the name of keeping your web services safe from hackers.

A web application firewall (WAF) is a critical defense against the ballooning problem of web-based malware. Hackers are taking over legitimate websites and services at an unprecedented pace to host botnets or distribute malware. Where do you think they find all these websites and services that are ripe for exploitation? I hate to say this, but it’s not always “the other guy’s company” that gets hacked.

If you’re hosting any kind of web-facing server or service that can be accessed by users, partners, or the Internet public, you really need a WAF to protect it (you also need secure coding practices). The good news is, if you have a Sophos UTM, you’re only a few clicks away from gaining some much needed protection.

If you’re already using the WAF in your UTM to protect your Internet facing web applications and services, that’s great, because we’ve got a few enhancements in this new release you’ll want to hear about.

Web Application Firewall Engine Enhancements

In UTM Accelerated (9.2) we made a number of enhancements to the WAF engine. We added a variety of new threat protection patterns in new categories that go well beyond SQL Injection detection. For example, the WAF can now identify and block attempts to use protocol violations and cross-site scripting techniques to hack your servers. The full list of new threat categories is shown in the screen-shot from the UTM console below. And starting with UTM Accelerated (9.2), SophosLabs will provide ongoing updates to the attack patterns, so you always have the latest threat intelligence at your WAF gateway.

WAF-Categories

Reverse Proxy Authentication

We’ve also added new reverse proxy authentication capabilities, also known as “Authentication Offloading.” This allows your Internet users to securely authenticate against the UTM and have the credentials forwarded to back-end services like Exchange Outlook Web Access. It adds a layer of security between the Internet and your DMZ servers to prevent them from being directly exposed to attack.

Maybe you’ve been using Microsoft Forefront TMG for this? Well now you have a great upgrade replacement that integrates with the rest of your network security. It offers both customizable forms-based authentication as well as basic browser-based authentication.

WAF-Form

Other Enhancements

To accommodate ever increasing storage and file size limits, we’ve also taken this opportunity to extend the file size limit on uploads to company servers to 1GB. There’s also been a number of other minor user interface tweaks and improvements to make working with the Web Application Firewall simpler and easier.

Check out our other posts in this series to get insights on all the great new features in UTM Accelerated (9.2). And, as usual, should you have any questions, we’re only an email or a phone call away.

If you’re currently using Microsoft Forefront TMG, see how Sophos UTM can be the ideal upgrade for this discontinued firewall product.

3 thoughts on “What’s new in Sophos UTM Accelerated (9.2): #7 – Safer Web Application Firewall

  1. Pingback: RSA Rewind: All the buzz from Sophos at RSAC in San Francisco (Podcast) | Sophos Blog

  2. Pingback: The wait is over: Introducing Sophos UTM Accelerated (9.2), our best UTM release ever | Sophos Blog

  3. Pingback: Sophos in the news: UTM Accelerated 9.2, APTs, and the NSA’s blurred lines | Sophos Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s