How to solve bandwidth blindness on your network
Credit to Author: Sally Adam| Date: Thu, 28 Nov 2019 16:57:51 +0000
Can you see all your network traffic? If not, you’re not alone.
In a vendor-agnostic survey of 3,100 IT managers across 12 countries, commissioned by Sophos, a huge 96% acknowledged that they lack visibility into their network traffic.
Diving deeper into the scale of the issue, it was also revealed that just under half (43%) of all network traffic cannot be identified by the firewall. Instead it falls into a generic bucket such as uncategorized, unknown, unclassified, insufficient data, HTTP, HTTPS, SSL, UDP, TCP, internet, web browsing, etc.
Unsurprisingly, this bandwidth blindness leads to multiple areas of concern, with security topping the list:
The scale of this issue becomes fully apparent when you learn that better threat visibility is now the single biggest improvement IT managers want from their firewall, knocking ‘better security’ from the top spot.
What’s hiding in your traffic?
Unidentified traffic is an eclectic mix. Some is custom apps that the organization has invested in but whose signatures are not recognized.
Others are potentially unwanted apps (PUAs) that are not required by the organization and which try to fly under the radar. Social messaging apps often fall into this category.
And then there are the malicious apps which bring malware into your organization.
If you can’t see it, you can’t control it. Without visibility into your network traffic you can’t control who and what is using your bandwidth. You can’t prioritize the custom apps, limit the non-essential apps or block the malicious apps.
See everything with Synchronized Security
The solution to bandwidth blindness is to enable your endpoint protection and firewall to work together. Even if the firewall can’t identify the app, the endpoint protection can; by working together they can share and act on this information.
Synchronized Security is Sophos’ award-winning cybersecurity system where XG Firewall and Sophos Intercept X share app, threat, and health data in real time through our revolutionary Security Heartbeat™. Together they enable you to see all apps and processes using your bandwidth.
If XG Firewall can’t identify an app, Intercept X provides the missing information. XG Firewall then automatically classifies the app, applying the necessary traffic rules. We call this Synchronized Application Control.
Watch this short video for a step-by-step guide to setting it up:
Try Synchronized Application Control for yourself
If you already have XG Firewall and Intercept X, you are all set.
- No need to do anything! Simply follow the instructions in the video to see all your traffic.
If you’re already using XG Firewall
- Activate a free 30-day trial of Intercept X*
- Register your XG Firewall in Sophos Central
- Use the XG Firewall reporting to see all apps and processes
If you’re already using Sophos Intercept X
- Activate a free 30-day trial of XG Firewall**
- Register your trial license of XG Firewall in Sophos Central
- Set your firewall rules
- Use the XG Firewall reporting to see all apps and processes
If you are new to XG Firewall and Intercept X
- Start a free trial of both products
- Follow the above steps
Speak to your Sophos representative or contact your local Sophos partner to learn more about Synchronized Security, and to discuss how it can help you.
*Intercept X can run alongside your existing endpoint protection, so you don’t need to uninstall your current product.
**XG Firewall can run alongside your existing firewall, so you don’t need to uninstall your current product.