A firewall separates the internet from your private network. It filters traffic in both directions and protects your network from DoS (Denial-of-Service) attacks, viruses, and hacking. Unfortunately, end users are still the biggest security risks and client-side attacks are inevitable. Thankfully, technology such as Security Heartbeat restricts network access to endpoints as soon as they become compromised.
Security Heartbeat provides intelligent communication between Sophos Endpoint Agents and the XG firewall. Traffic is then allowed or denied depending on the agent’s health status. Below you will find the different endpoint health statuses:
- Active malware is detected
- Running malware is detected
- Malicious network traffic is detected
- Communications sent to a known bad host is detected
- Malware was not removed
- Sophos security software is not working correctly
- Inactive malware is detected
- A Potentially Unwanted Application is detected
- Sophos security software is working correctly
- No active malware is detected
- No inactive malware is detected
- No Potentially Unwanted Application is detected
When malware is detected on an endpoint, Security Heartbeat will send information and its new health status to the Sophos XG firewall. The firewall can then prevent the compromised endpoint from connecting to other computers or servers, protecting them from a network-wide outbreak. Once the endpoint returns to a healthy state, Security Heartbeat will once again allow traffic to hosts and networks as normal.
With the help of Sophos, we help businesses like Rincon Technology that don’t have the time or the resources to worry about every red-light threat.