Sophos has introduced a new Xstream architecture for Sophos XG Firewall with high performance Transport Layer Security (TLS) traffic decryption capabilities that eliminate significant security risk associated with encrypted network traffic.
This is often overlooked by security teams due to performance and complexity concerns. XG Firewall now also features AI-enhanced threat analysis from SophosLabs and accelerated application performance.
“As SophosLabs’ research demonstrates, cybercriminals are boldly embracing encryption in an attempt to bypass security products. Unfortunately, most firewalls lack scalable TLS crypto capabilities and are unable to inspect encrypted traffic without causing applications to break or degrade network performance,” said Dan Schiappa, Chief Product Officer at Sophos.
“With the new Xstream architecture in XG Firewall, Sophos is providing critical visibility into an enormous blind spot while eliminating frustrating latency and compatibility issues with full support for the latest TLS 1.3 standard. Sophos’ internal benchmark tests have clocked a two-fold performance boost in the new XG TLS inspection engine as compared to previous XG versions. This is a game changer.”
Latency too often deters IT admins from using decryption, as seen in an independent Sophos survey of 3,100 IT managers in 12 countries. The survey white paper, The Achilles Heel of Next-Gen Firewalls, reports that while 82% of respondents agreed TLS inspection is necessary, only 3.5% of organisations are decrypting their traffic to properly inspect it.
Click below to share this article
