Sophos unveils web filtering appliance

Sophos launches content security, application control and URL filtering in one box.

Security company Sophos has launched a Web filtering appliance offering content security, application control and URL filtering to small and medium-sized businesses.

The WS1000 is aimed at SMEs of between 100 and 1,000 users, and the appliances can be clustered to support greater numbers. The company also plans to launch a corporate version in the future.

It sits at the network edge, checking both the pages requested by users, and the pages returned to them for malicious threats, unsavoury content or simply blocking access to sites that are unnecessary for staff to view, such as gambling or sports sites.

The appliance replaces the more common approach of employing discrete security solutions that check URL requests and incoming pages with a single box and assesses the risk of each page to determine the level of scrutiny each page is put under.

While some page requests might be blocked, other URLs can be set at different levels of risk, and the data sent back from them scanned at either a basic level for HTML, executable and generic phish threats or analysing everything include images and other elements. This helps prevent any latency issues arising from every page being fully scanned.

The Internet has become the medium of choice for online attacks in recent times. A year ago, malicious email accounted for 1 in 12 of all email, according to Sophos. Currently it accounts for just one in 300. 'We've seen a drop in email-borne attacks,' said Graham Cluley, senior technology consultant at Sophos. 'Attackers don't use email to attach malicious executables so much these days.'

IDC claims some 30 per cent of companies with 500 or more employees have become infected because of Internet surfing.

Even so, Sophos' selling point for this appliance is its anti-malware pedigree. 'One of the huge advantages of our solution is that we are adding 7,000 new pieces of malware to our database every day,' said Cluley. 'Most of these are Trojan downloaders, which download malicious code onto infected PCs. Each time we see a new piece of malware with a new URL in it we chuck it into our [web appliance] filter ... Here we can block access to sites without needing to see it.'

Of the 7,000 new malware elements discovered by Sophos each day, some 5,000 feature a URL in some form. Much of the malicious code hosted at these addresses is changed regularly - the code downloaded by the Tbspk Trojan was changed seven times a day, for example - meaning that antivirus companies have to keep their software up to date to handle this.

But, even if an attacker hasn't uploaded malicious code to a URL, once Sophos has recognised a 'bad' URL it can block access without having to analyse the data made available there.

The URL filtering of the WS1000 is also augmented with technologies from Sophos' industry partners, including a deal with SurfControl to feed in data from its web categorisation database that classifies more than 21 million web pages.

So confident is Sophos of the new appliance, it is hoping to use its success in identifying and blocking threats as a means to show up the deficiencies of desktop security solutions. Cluley told us that if the WS1000 picks up outgoing packets that are destined to 'bad' URL - perhaps as the result of a keylogging Trojan sending out passwords to an online criminal - the sysadmin will be notified that a desktop PC within the network is infected. 'The eventual aim is to chuck out those guys there (on the desktop) and replace them with Sophos,' he said.

Cluley said the appliance is designed to complement Sophos' existing security appliance and endpoint solutions.

The WS100 costs 2,750 for the hardware plus a licence fee, which varies according to user numbers and period. A typical company with between 1,000 and 1,999 users will pay from 5.90 per user for a year to 17.70 for five years.

For more information, visit the Sophos website.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Best free malware removal tools 2021
Security

Best free malware removal tools 2021

5 May 2021
Acuant acquires identity verification provider Hello Soda
mergers and acquisitions

Acuant acquires identity verification provider Hello Soda

4 May 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021