Free antiviruses and firewalls (UTM, NGFW) from Sophos

I would like to talk about free Sophos products that can be used both at home and in the enterprise (details under the cut). The use of top solutions Gartner and NSS Labs will significantly improve the personal level of security. Free solutions include: Sophos UTM, XG Firewall (NGFW), Antivirus (Sophos Home with web filtering for Win / MAC; for Linux, Android) and malware removal tools. Next, we look at the high-level functionality and steps to get free versions.

Today, many homes have several laptops, tablets, phones, there are remote sites (at home of parents, relatives), there are children who need to be protected from unwanted content, to protect computers from cryptographers / extortionists. All this essentially boils down to the tasks of a small company - with a distributed IT infrastructure and high security requirements. On products that allow you to solve these problems for free at home - we'll talk today.

Lyrical digression about Sophos

Sophos was founded in 1985 as an antivirus company, and remained as such until the early 2000s. Since then, Sophos has been actively developing in other areas: through its own expertise and laboratories, as well as through the acquisition of other companies. Today the company has 3,300 employees, 39,000 partners and 300,000 customers. The company is public - reports for investors are available openly . The company conducts research in the field of information security (SophosLabs) and tracks the news - you can follow the blog and podcast from Sophos - Naked Security .

Mission:
To be the best in the world to provide comprehensive IT security for enterprises of various sizes (from small businesses to international corporations).
')
Strategy:

• Only safety.
• Comprehensive security to make simple.
• Manage both completely locally and through the cloud.

The only information security vendor who is a leader in network security and workplace security was the first to come up with their joint work. The company focuses on the corporate sector, so solutions for home users do not contain advertising, are fully functional. It should be borne in mind that most of the solutions below are intended for home use. All Sophos commercial solutions can be tested for 30 days.

Closer to the point or start in order

The main page that lists almost all free solutions is the page: Sophos Free Products.

To quickly navigate the decision, I will give a small description. For convenience, quick links will be provided to obtain the corresponding product.

Basic steps that need to be done for almost every product:

1. Register - get MySophos ID. Everything is standard, as elsewhere.
2. Request to download. Fill in the required fields.
3. Verify export. A bit unusual step. Unfortunately, this cannot be done without (requirements of export legislation). When downloading a product, you must fill in the appropriate fields. This step may take about a day (depends on the number of requests, since it is checked manually). Next time will need to be repeated after 90 days.
   
4. Request to download. Fill in the required fields again. The main thing to use Email and name from step number 2.
5. Download and install.

Sophos Home for Windows and Mac OS

Sophos Home - free antivirus and parental control. Ensures the security of all home computers using Sophos Home Free Antivirus. This is the technology of anti-virus protection and web filtering that is trusted by hundreds of thousands of companies available for home use.

• Track events and change security settings for the whole family centrally from any browser.
• Access control by categories of websites with one click.
• Protect computers running Windows and Mac OS.
• Free, up to 3 devices per email account.

Sophos Home Premium provides protection against encryption and exploits for home users, uses deep machine learning technology to detect malware that has not yet appeared = next-generation antivirus (functionality of the commercial product Intercept X ). Increases the number of devices under one account to 10. Functionality is paid, available for a number of regions in the world, unfortunately not available in Russia - VPN / Proxy to help.

Link to download Sophos Home .


The commercial version of Sophos Central allows you to manage from a single console:

• Endpoint Protection - antivirus for jobs.
• Intercept X - an anti-virus with deep machine learning and EDR to investigate incidents. It belongs to the class of solutions: Next Genereation Antivirus, EDR.
• Server Protection - antivirus for Windows, Linux and virtualization servers.
• Mobile - mobile device management - MDM, mail and data access containers.
• Email - cloud anti-spam, for example for Office365. Sophos also has various variants of Local anti-spam systems.
• Wireless - manage Sophos access points from the cloud.
• PhishTreat - allows you to conduct a phishing mailing, to train employees.

A distinctive feature of Sophos antivirus is the high speed of the antivirus engine, combined with high-quality malware detection. Antivirus engine is built in by other information security vendors, for example, Cisco, BlueCoat, etc. (see Sophos OEM . In Russia, the antivirus engine uses, for example, Yandex .

Antivirus is in the top three according to Gartner , so using the home version of industrial antivirus will certainly increase the overall level of information security for households.

Sophos UTM Home Edition

Class: UTM (Unified Threat Management) - Swiss knife in the field of information security (all-in-one)
Leader: Gartner UTM , since 2012
Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Amazon), original hardware platform

Demo interface is available at this link .
Link to download Sophos UTM Home Edition .

Features and description:
Sophos UTM provides all the necessary functionality to protect the network: firewall, web filtering, IDS / IPS, anti-spam, WAF, VPN. The only limitation is home version 50 of protected internal IP addresses. Sophos UTM comes as an ISO image with its own operating system and overwrites data on the hard disk during installation. Therefore, a separate, dedicated computer or virtual machine is required.

On Habré, there was already an article about the organization of web filtering based on Sophos UTM (from the point of view of replacing Microsoft TMG).

The limitation compared to the commercial version is the protection of up to 50 IP addresses. There are no functional limitations!

As a bonus: the Home Edition has 12 Endpoint Protection antivirus licenses, which means you can control not only network security from the UTM console, but also the security of workplaces: distribute anti-virus filtering rules, web filtering rules, control plug-in devices to them - it works even for those computers that are not in the local network.

Steps:

Stage 1 - Software Acquisition

1. Get MySophos ID - see above.
2. Fill in the required fields and submit the form (divided into several screens).
3. Get a letter with links.
4. Make a request to download an ISO image via links from a letter or directly. If necessary, wait for export control checks.
5. Use ISO to install on your x86 server or any virtualization (VMware, Hyper-V, KVM, Citrix).

Stage 2 - Obtaining a License

1. According to the link from the letter above - activate an account on the MyUTM portal. If the mail was previously used - enter or reset the password to gain access to MyUTM.
2. Download license file in License Management -> Home Use License. Click on the license and select Download License File. A text file with the name “licenseXXXXXXX.txt” is downloaded.
3. After installation, open the WebAdmin control panel at the specified IP address: for example, https://192.168.0.1:4444
4. Upload the license file to the section: Management -> Licensing -> Installation -> Upload.

Getting Starting Guide in English .

A license is created for 3 years, after which the license must be regenerated step by step in Step 2, after removing the expired license from the MyUTM portal.

Sophos UTM Essential Firewall

Free firewall for commercial use. To obtain a license, you must fill out the form at this link You will receive a text file license with a fixed-term license.

Functions: Firewall to L4, routing, NAT, VLAN, PPTP / L2TP remote access, Amazon VPC, GeoIP filtering, DNS / DHCP / NTP services, Sophos SUM centralized management.

A visual representation of the functions shown in the figure above. The modules that surround Essential Firewall are separate licensed subscriptions.

Sophos SUM

It is convenient to use Sophos SUM (Sophos UTM Manager) to centrally manage isolated UTMs at different sites. SUM allows you to monitor the status of subordinate systems from a single web interface and distribute individual policies. Free for commercial use.

Link to download and request a Sophos SUM license. The letter will contain download links (similar to Sophos UTM) and the license file as an attachment.

Sophos XG Firewall Home Edition

Class: NGFW (Next Generation Firewall), UTM (Unified Threat Management) - filtering by applications, users and UTM functions
Leader: Gartner UTM
Platforms: x86 server, virtualization (VMWare, Hyper-V, KVM, Citrix), cloud (Azure), original hardware platform

Demo interface is available at this link .
Download link Sophos XG Firewall Home .

Features and description:
The decision was released in 2015 as a result of the takeover of Cyberoam.
The Home Edition version of the Sophos XG Firewall solution provides complete protection for your home network, including all the features of the commercial version: virus protection, web filtering by categories and URLs, application control, IPS, traffic shaping, VPN (IPSec, SSL, HTML5, etc.) , reporting, monitoring and more. For example, with the help of XG Firewall, you can conduct a network audit, identify risky users and block traffic by application.

• Full protection for home users and home network.
• Delivered as a complete ISO image with a proprietary OS based on the Linux kernel.
• Work on Intel-compatible hardware and in virtualization.

Not licensed by IP addresses. The limitation compared to the commercial version is up to 4 CPU cores, 6GB of RAM. There are no functional limitations!

Getting Starting Guide for Software version in English and Russian .

Sophos XG Firewall Manager

It is an advanced centralized management system for subordinate XG Firewall. Displays security status on connected devices. Allows you to manage the configuration: create templates, carry out mass changes on groups of devices, change any fine-tuning. It can act as a single entry point for distributed infrastructure. Free up to 5 managed devices.

Demo interface is available at this link .

Link to download Sophos XG Firewall Manager .

Sophos iView

If there are several installations of Sophos UTM and / or Sophos XG Firewall and you need to have summary statistics, then you can install iView, it is the Syslog collector for Sophos products. The product is free up to 100GB of storage.

Download link for Sophos iView .

Sophos Mobile Security for Android

The award-winning free Sophos Mobile Security for Android protects Android devices without sacrificing performance and battery life. Real-time synchronization with SophosLabs provides real-time protection for your mobile device.

• Detection of malware and blocking potentially unwanted applications and Internet threats.
• Protection against loss and theft using remote locking, erasing data and determining location.
• Privacy Advisor and Security Advisor help provide even more protection for your device.
• Authenticator manages one-time passwords for multifactor authentication.
• Secure QR Code Scanner blocks malicious content that may be hidden behind a QR code.

Link to download Sophos Mobile Security for Android .

Commercial product: Sophos Mobile Control - belongs to the MDM class and allows managing mobile phones (iOS, Android) and workstations (MAC OS, Windows) according to the BYOD concept with mail containers and data access control.

Sophos Mobile Security for iOS

The first step in securing an iOS device is to install the latest updates. Sophos Mobile Security for iOS solution talks about the need to install updates, and contains a collection of convenient security enhancements for iOS devices:

• OS Version Advisor explains the security benefits of upgrading to the latest version of iOS (handy descriptions of updates and patches).
• Authenticator for managing one-time passwords with multifactor authentication.
• Secure QR Code Scanner blocks malicious content that may be hidden behind a QR code.

Link to download Sophos Mobile Security for iOS .

Malware Removal Tool (HitmanPro)

The Windows Malicious Software Removal Tool scans your entire computer for problems, and if found, you are given a free 30-day license to remove the threat. Do not wait for infection to occur; you can run this tool at any time to see how your current antivirus or endpoint security software works.

• Removes viruses, Trojans, rootkits, spyware and other malware.
• Without customization and installation.
• A free independent scanner will indicate what was missing.

Link to download Sophos Malware Removal Tool .

Commercial Product: Sophos Clean is included in many commercial products, such as Sophos Intercept X.

Virus Removal Tool

Free Virus Removal Tool helps you quickly and easily find and remove threats hiding on your computer. The tool detects and removes viruses that your antivirus could miss.

• Removal of viruses, worms, rootkits and fake antiviruses.
• Support for Windows XP SP2 and later.
• Works simultaneously with the existing antivirus.

Link to download Sophos Virus Removal Tool .

Sophos Antivirus for Linux - Free Edition

Protecting critical Linux servers and preventing all threats — even those designed for Windows. The antivirus is lightweight and easy to use so that Linux servers can maintain high speed. It runs seamlessly in the background and performs a scan in one of the modes: on access, on demand, or on a schedule.

• Searches for and blocks malicious files.
• Easy installation and inconspicuous work.
• Supports a wide range of Linux versions, including customized distributions and kernels.
• The ability to easily upgrade to a commercial version with support and centralized management.

Link to download Sophos Antivirus for Linux .

Commercial product: allows you to connect to a centralized management system and supports a wide range of operating systems - Linux and Unix.

Support or help yourself

A single login window is the Support section on the vendor's site - Sophos Support , with a through search in all resources. A separate portal has been created for Sophos Home.
There are three main ways to find a solution to the problem:

1. Documentation, in many cases it is built into the product itself, but if you want to read the PDF before going to bed, there is a Documentation section.
2. The knowledge base, at Sophos, it is in the public domain. Here you can see the main scenarios of settings and difficult moments. See Knowledge Base .
3. The community of users that allows you to find a solution to the problem is on Community Sophos .

For commercial customers, of course, there is full support from both the vendor and the distributor. In Russia, the CIS and Georgia - from the factor groups .

Take care of coders!

Finally, you can watch a video about Time Machine for protection from encryptors :)