We’re pleased to announce the latest release of Sophos Web Appliance 4.3, which adds improved Sophos Sandstorm capabilities and completely updates the underlying Sophos Web Appliance operating system to a new improved kernel.
If you’re not familiar with Sophos Sandstorm, it gives your organization an extra layer of security to defend against fast-moving, targeted attacks, like ransomware, Advanced Persistent Threats (APTs) and newer, unknown malware.
Since its release, Sandstorm has become immensely popular with our customers, so we’re pleased to announce new features that makes Sandstorm even more powerful.
On June 5th, 2014 a vulnerability (CVE-2014-0224) was found in OpenSSL that impacts our network security products. Fortunately, as of the publication of this article, there are no known in-the-wild attacks. Of course, as you’ve come to expect from Sophos, we’ve wasted no time in getting to work on patches to fix this vulnerability.
The vulnerability exists in OpenSSL and can allow an attacker using a man-in-the-middle attack to decrypt and modify traffic between a vulnerable client and server. Both client and server must be vulnerable for this exploit to work. OpenSSL versions 1.0.1 and 1.0.2-beta are affected.
We’ve recently added a couple of great new features to the Sophos Web Appliance. Enforcement of quota time policies is perhaps one of the most requested features of all time, and like everything else in the Web Appliance, you’ll love how easy it is to manage.
We’ve also recently introduced Advanced Threat Protection (ATP) to quickly identify potentially infected hosts on your network before they can become more of a problem. These new features are included in the latest versions of the Sophos Web Appliance which you’ll receive automatically during your specified update window.