Sophos Firewall

Sophos Firewall distributor Kenya

Sophos firewall in Kenya

Every corporate organization should have a network firewall that guarantees protection and high performance. Apart from, the mandatory protection modules such as Intrusion prevention, anti-Spam, Web security, application control, the network firewall should have an architecture that delivers increased visibility. Forty Servers is an installer of Sophos Firewall in Kenya. Besides cybersecurity consultancy, we also supply and install Sophos XGS 126 firewall for companies with more than 100 users in Kenya. This network firewall solution costs KES 349,900. The package include Sophos Appliance, One year Xstream protection license, and setup and training. And, we assure our clients of the best after-sales support. Also installers of IP PBX system.

Sophos firewall supplier in Kenya

Indeed Sophos incorporates very innovative network protection features. For instance, the Sophos Security Heartbeat technology enables endpoints to share health status with the firewall. This seamless interaction leads to faster malware detection, device isolation, and application cleaning without affecting the healthy endpoints. Still, there is the Lateral Movement Protection feature. Now, this feature stops all traffic coming from compromised endpoints from reaching healthy computers. In so doing, affected files and applications will be stopped from spreading further into the entire network. As a matter of fact, Sophos is the best next-gen firewall that will guarantee unified protection.

Sophos Firewall Price in Kenya

Firewall SolutionPrice (KES)
Sophos XGS 107 firewall complete with one year standard protection licenseKES 215,500
Sophos XGS 116 firewall complete with one year standard protection licenseKES 285,800
Sophos XGS 136 firewall complete with one year standard protection licenseKES 498,500
Sophos XGS 2100 firewall complete with one year Xstream protection licenseKES 982,800

Key features of the Sophos XGS firewall

  • Network protection (intrusion prevention system)
  • Email protection (anti spam)
  • Web and application security
  • Internet security
  • Anti malware
  • Proactive threat detection and response
  • Centralized management of devices

see; biometric access control system

Features of the Network Firewall

Network protection

This module includes the Intrusion Prevention System (IPS). It uses deep packet inspection technology for maximum network security and protection. The network protection module has the ability to detect and block malicious traffic entering a network. This happens by continuously monitoring all endpoints. When malicious activity is detected, the compromised endpoint will be identified and isolated automatically. 

The advanced threat protection and security heartbeat technology will not only identify the affected endpoint but also the application process compromised. Furthermore, Sophos security heartbeat will capture incident count including the time attack happened.

network security providers in Kenya

The isolated endpoint computer will not be able to communicate with the rest of the computers within the network until all processes have been cleaned and restored. Through lateral movement protection technology, the healthy computers will automatically reject traffic from the infected computers stopping further spreading of the malware. All these happen in a matter of seconds without human intervention. An activity log will be kept for system audit and analysis.

See also: best structured cabling and networking company in Kenya

Web protection

The web protection module acts as a proxy for anti-malware. This module also provides a web filtering service. More importantly, this subscription will lead to pharming protection, web content caching, and web malware protection. Potentially unwanted applications can be easily be scanned and blocked including web malware, spyware on FTP, and HTTP protocol using this service.

The web protection and control subscription enable the network security manager to create and implement web surfing quotas for internet users. Therefore network manager will create user access policies and apply them. Another set of policies will be created to set a limit for download and upload speeds for specific applications. Hence, the IT manager can limit bandwidth for social media applications. On the other side, web traffic can be guaranteed for critical business applications such as the call center software and the CRM.

see; call center software

Email protection

Be that as it may, network spamming and malware attacks tend to be spread through unsecured email gateway. The email protection subscription will activate automated scanning for all emailing protocols e.g. IMAP, POP3, and SMTP. In fact, the email protection and control module use recurrent pattern detection technology to gauge the reputation of the sender’s domain.

The anti-spam live engine looks up the threat intelligence database before accepting emails. The real-time email protection service has the ability to detect phishing links with an email. The email protection and control module can also detect corrupted email attachments and the affected email dropped. At the end of the day, a list of allowed senders will be updated. Likewise, a list of blocked senders’ domains will be maintained in the email protection engine.

Web server protection

Server protection remains a key consideration in a corporate network. Web server security is a web firewall application protection module that helps in hardening the server engine. When the webserver is hardened, the database will be protected against SQL injection attacks. This is because the webserver protection subscription activates reverse proxy, cross-site scripting protection, and even server abstraction. More importantly, the integrated load balancer will be able to spread visitors across various servers, whether virtual servers and physical servers.

see; best payroll software Kenya

Sandstorm protection module

When integrated into the Sophos security platform, sandstorm cloud sandbox protection scans document files and blocks affected .doc, .docx, and PDF files. Also, it scans executable files, particularly, those files with .exe and .dll extensions. Thus, no corrupted file will be allowed into the corporate network. This service includes Cryptoguard protection technology that enhances network and application security.

best network firewall in Kenya

Be that as it may, file compression tools such as RAR and ZIP play a very important role when used responsibly. However, these tools can also be used by cybercriminals to spread to launch a malware attack. Sophos protection uses machine learning technology to scan all foreign files and only allows those files labeled as clean. As a matter of fact, users can be provided with one time secure download links powered by Sophos.

see; time attendance system

Central orchestrated reporting dashboard

Sophos has a cloud-based central firewall reporting dashboard that enables viewing of all events at a glance. Once logged in, the dashboard presents the user with system health information, synchronized apps, blocked apps, etc. Also, the user will be able to see information about users e.g. live users, live connections, remote users, wireless clients, etc. The network security admin can drill down further to reveal more information about a particular report. All firewall reports can be downloaded in various formats such as HTML, PDF, and Excel. Moreover, the network security administrator can download logs and back them up for future audit requirements.

Contact us today for the best Sophos firewall price in Kenya.

Standard versus Xtream protection license subscription

Sophos firewall Xstream architecture unlocks accelerated performance from various applications. Hence critical services such as SIP Trunk, video conferencing and call center software will be allocated adequate resources. When it comes to licensing, customer can either go for standard subscription or Xstream protection licensing.

We advise our clients to subscribe to Xstream protection which comes with enhanced support, zero day protection, central orchestration in addition to web and network protection. However, if budget Standard protection will still work since it comes with network and web protection. Zero day protection and central orchestration can only be found in the Xstream protection bundle.

Firewall protection features

The network protection module offers important services such as intrusion prevention service, VPN to remote sites and security heartbeat. Security heartbeat is a feature for synchronized protection across the network allowing all endpoints to share activity updates with the firewall.

Web protection module offers web security and control and application control. Moreover, the powerful Deep Packet Inspection (DPI) engine which stops attacks before being executed in the network.

Zero day protection module offers machine learning and sandboxing

Central orchestration offers centralized network administration. Includes centralized reporting of firewall activities.