We’re pleased to announce the latest release of Sophos Web Appliance 4.3, which adds improved Sophos Sandstorm capabilities and completely updates the underlying Sophos Web Appliance operating system to a new improved kernel.
If you’re not familiar with Sophos Sandstorm, it gives your organization an extra layer of security to defend against fast-moving, targeted attacks, like ransomware, Advanced Persistent Threats (APTs) and newer, unknown malware.
Since its release, Sandstorm has become immensely popular with our customers, so we’re pleased to announce new features that makes Sandstorm even more powerful.
Submit suspicious files to Sandstorm through the Sophos Web Appliance dashboard
In response to customer requests, Sophos Web Appliance (SWA) 4.3 now has a file submission feature. With this, a SWA administrator can quickly and easily submit a suspicious file to Sandstorm using the SWA dashboard, just by uploading the file or submitting a URL. A valid Sandstorm license is required for file submission.
Here’s how easy it is:
Submit your file to Sandstorm in the dashboard:
You’ll then see a Sandstorm file submission confirmation page:
You’ll then see the Sandstorm activity result:
Comply with data residency requirements by choosing your Sandstorm data center location
In addition to the new file submission feature, you can also select the data center where you want to send files for analysis via Sandstorm to ensure that any data residency compliance requirements you may have are met.
- Administrators can receive email notifications if a Sandstorm submission turns out to be malicious after a user has downloaded it.
- Removal of redundant support for YouTube for Schools, which Google has recently disabled.
- Policy-based blocking of additional potentially dangerous file types, including Windows Scripts, Windows System Files, HTML applications.
- Numerous performance, stability and security fixes as part of the core OS upgrade.
- Support for using TLS 1.2 for all Sandstorm communications.
Please note: Soon Sandstorm reports will only be able to be retrieved via TLS 1.2. If you are running Sandstorm on V4.2.x, you should upgrade as soon as available to prevent loss of access to the Sandstorm reports through the dashboard. A valid full or trial Sandstorm license is required to enable Sandstorm in Sophos Web Appliance.
There’s lots to see in the new release of Sophos Web Appliance and Sandstorm. You can find out more here.