Sophos Updates Its Sophos Firewall Software to Enhance Protection and Incident Response Capabilities

Sophos, a global leader of innovative security solutions for defeating cyberattacks,, announces an update to its Sophos Firewall, now including Sophos NDR Essential, which is free for all customers with an XStream Protection license for Sophos Firewall.With this integration, Sophos Firewall leverages two dedicated artificial intelligence engines to detect malware communications and communications using algorithmically generated domain names. This new feature, stemming from the Sophos Network Detection and Response probe, aims to identify malware communications even when they are previously unknown or not yet indexed. It complements the Active Threat Response capabilities already implemented in Sophos firewalls.According to Chris McCormack, Senior Product Marketing Manager at Sophos, 'NDR traffic analysis requires substantial processing power. That's why we've adopted a new approach by deploying an NDR solution in Sophos Cloud to offload the heaviest tasks from the firewall.'Sophos Connect now integrates EntraID for SSOThis new feature of the VPN client bundled with Sophos Firewall enhances both security and user experience for SSL and IPSEC VPN connections. It is now possible to use EntraID (Azure AD) to authenticate users and implement multi-factor authentication for Sophos Connect and access to the user portal hosted by the firewall.Other VPN-related improvements include:• Improved user interface and usability: Connection types have been renamed from 'site-to-site' to 'policy-based', and tunnel interfaces have been renamed 'route-based' to make them more intuitive.• Dynamic validation of the IP address pool allocated to VPN connections (SSL VPN, IPsec, L2TP, and PPTP) to better resolve potential IP address conflicts.• Strict profile enforcement: In IPsec profiles, default values are now excluded to ensure algorithm synchronization, thereby eliminating possible fragmentation of session negotiation packets that could otherwise prevent site-to-site VPN tunnels from being established.• Route-based VPN and SD-RED scalability: The system now supports up to 3,000 simultaneously established tunnels. Sophos Firewall solutions can now handle up to 1,000 SD-RED site-to-site tunnels and up to 650 concurrent SD-RED devices.Additional management improvements include:• More flexible DHCP Prefix Delegation (IPv6 DHCP-PD): Now supports /48 to /64 prefixes, improving compatibility with certain internet service providers.• Router Advertisement (RA) and DHCPv6 server: Now enabled by default.• Resizable table columns: The web admin interface continues to adapt to ultra-wide screens, and many configuration pages now allow column resizing as needed.• Enhanced object search functionality: The search field in the SD-WAN routing configuration screen now supports more criteria (route name, ID, objects, object values such as IP addresses and domains, among others). Local ACL rules now also support object name and value searches, including content-based searches.• Default configuration changes: Default firewall rules and rule groups previously created during new firewall setups have been removed. Only the default network rule and MTA rules are now provided in the initial configuration. The default firewall rule group and the default gateway probe for custom gateways are both now set to 'None' by default.Secure by DesignSophos continues to enhance the intrinsic design of its firewalls. The secure-by-design approach includes containerization of specific features and integrity checks on critical operating system files using mathematical checksums. Any checksum mismatch triggers a potential compromise alert, allowing monitoring teams to proactively identify possible security incidents affecting the firewall OS integrity. Incident response and development teams are then able to react swiftly to critical incidents.Availability
Customers can now manually download and deploy this update on any Sophos Firewall equipped with a valid license.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Al Bawaba

a day ago

• Al Bawaba

Iran hacks Israeli home security cameras in intelligence operation

Published June 20th, 2025 - 06:26 GMT ALBAWABA - Bloomberg reported that Iran has been breaking into private home security cams all over Israel to get real-time information. The war between Iran and Israel is now in its second week. The story makes me worry again about how protection holes are being used during current Franco, who used to be the deputy head of Israel's National Cyber Directorate, went on public radio to tell people: "Shut down your home security cameras or change your passwords immediately." This was in response to recent Iranian ballistic missile attacks that damaged several high-rise buildings in Tel who is now the CEO of cybersecurity crisis company Code Blue, said that Iranian agents have been trying to get into internet-connected surveillance systems over the past few days to check how accurate rocket hits are and make plans for future attacks. The conflict between Israel and Iran has spread to online, where attacks are getting stronger along with real attacks. A group of hackers supporting Israel called Predatory Sparrow said they were behind recent hacks that shut down a major Iranian bank and got into a local bitcoin exchange. In reaction, IRIB, Iran's state television, said that Israel had started a large-scale hack on Iran's most important assets. As part of Iran's strategy operations, the National Cyber Directorate of Israel stated that there have been more efforts to break into linked devices, especially security cams. A spokesman said, "These attempts have been going on all through the war and are happening more often now." 🚨🇮🇷💥🇮🇱 Iran has reportedly hacked internet-connected home security cameras across Israel to conduct surveillance and gather intelligence. — Defense Intelligence (@DI313_) June 20, 2025 Israel has officially banned the sharing of video of rocket impacts for security reasons, but some pictures are still making the rounds on social the meantime, Iran has started a campaign against what it sees as sabotage networks inside the country that it says are linked to Israel's Mossad intelligence agency. The Iranian government recently said that they had seized 14 drones, found secret companies that made drones, and stopped cars carrying robotic aircraft in several people were arrested in Lorestan Province on suspicion of working as Mossad spies. They were accused of sharing anti-government material online and stirring up Iranian intelligence broke up what they thought was an explosives production cell that was working in Alborz and Isfahan Provinces. The cell was apparently led by a Mossad agent who was caught in with its military and defense measures, Iran has had strict rules on the internet ever since the fighting started. Access to a lot of websites has been blocked in whole or in part. The government has told people to use connected gadgets less and be aware of possible digital weaknesses. These events show that the online aspect of the conflict between Iran and Israel is getting worse. The two countries are now at war on physical, digital, and mental fronts. © 2000 - 2025 Al Bawaba (

Al Bawaba

2 days ago

• Al Bawaba

Gartner Predicts 75% of Analytics Content to Use GenAI for Enhanced Contextual Intelligence by 2027

Seventy-five percent of new analytics content will be contextualized for intelligent applications through generative AI (GenAI) by 2027, enabling composable connection between insights and actions, according to Gartner, Inc.'We're moving from an era where analytic tools help business people make decisions, to a future where GenAI-powered analytics becomes perceptive and adaptive,' said Georgia O'Callaghan, Director, Analyst at Gartner. 'This will enable dynamic and autonomous decisions that have the potential to transform enterprise and consumer software, business processes and models.'A Gartner survey of 403 analytics or AI leaders, conducted between October and December 2024, revealed over 50% report their organizations use AI tools for automated insights and natural language queries (NLG) for analytics or AI development. Even with these capabilities, the static nature of current analytics often falls short of delivering in a truly dynamic and automated predicts augmented analytics capabilities will evolve into autonomous analytics platforms by 2027, which will fully manage and execute 20% of business processes. The perceptive future of analytics will deliver benefits by being proactive, collaborative, connected, contextual and continuous (see Figure 1).Figure 1: AI-Powered, Perceptive AnalyticsSource: Gartner (June 2025)'Perceptive analytics will use AI agents and other GenAI-fueled technologies to continuously monitor evolving conditions and perceive the target environment, such as market shifts, customer behavior changes or supply chain disruptions,' said O'Callaghan.'Guidance and analysis can then be autonomously adjusted in response, creating a more resilient and responsive analytical infrastructure. As these capabilities emerge and be adopted by organizations, their potential to reshape business operations and drive growth will only continue to expand.'Perceptive Analytics Overarching RiskAccording to Gartner research, the overarching risk that applies to perceptive analytics is the over reliance on autonomous actions without sufficient validation, which could result in unintended negative consequences, reputational damage and regulatory risk of "agent drift" is a serious concern, where a system's perceptions and actions gradually deviate from desired outcomes due to evolving data or unforeseen interactions. Guardian agents are emerging to deal with this inherent issue in AI systems, according to Gartner. These agents are specifically tasked with monitoring and enforcing policies and rules to ensure the systems operate within a set of guardrails. 'Building guardian agents will need to be a key focal point of new governance initiatives for data and analytics leaders, as agentic and perceptive analytics become the standard way of insight delivery across platforms,' said O'Callaghan.

Al Bawaba

3 days ago

• Al Bawaba

IT Leaders optimistic on Agentic AI, but Concerned by Organizational Readiness, Research Reveals

As AI adoption accelerates and cyber threats increase, nearly 8 in 10 IT security leaders recognize their security practices need transformation. Salesforce's latest State of IT data also reveals unanimous optimism about AI agents, with 100% of security leaders identifying at least one security concern that could be improved by despite this hope, the global survey of over 2,000 enterprise IT security leaders highlights significant implementation challenges ahead. Nearly half (48%) worry their data foundation isn't set up to get the most out of agentic AI, and over half (55%) aren't fully confident they have the appropriate guardrails to deploy AI it matters: Both the professionals charged with protecting a company's data and systems and the bad actors looking to exploit vulnerabilities are increasingly adding AI to their toolkits. Autonomous AI agents, which help security teams cut down on manual work, can free up humans' time for more complex problem solving. However, agentic AI deployments require robust data infrastructure and governance to be perspective: 'Trusted AI agents are built on trusted data. IT security teams that prioritize data governance will be able to augment their security capabilities with agents while protecting data and staying compliant,' said Alice Steinglass, EVP & GM, Salesforce Platform, Integration and Alkhotani, SVP and GM, Salesforce Middle East, said: 'The latest State of IT report is a cause for both optimism and concern, and also aligns with the concerns we see among organizations in the Middle East. While the research underscores the confidence that organizations have in agentic AI to improve key aspects of their operations and processes, it also reveals significant concerns that must be addressed: It is clear that many IT security leaders are concerned about issues including the readiness of their organization's data foundation for AI, the state of their guardrails to deploy AI agents, and the potential for compliance challenges stemming from AI. Amid these anxieties, it is vital that organizations in the Middle East work with a trusted partner such as Salesforce, enabling them scale up agentic AI quickly, effectively, and ethically.'Security budgets ramp up as threats evolveIn addition to a familiar slate of risks like cloud security threats, malware, and phishing attacks, IT leaders now cite data poisoning — in which malicious actors compromise AI training data sets — among their top concerns. Resources are rising in response: 75% of organizations expect to increase security budgets over the coming regulatory environments add a wrinkle to AI implementationWhile four-fifths of IT security leaders believe AI agents offer compliance opportunities, such as improving adherence to global privacy laws, nearly as many (79%) say they also present compliance challenges. This may stem in part from an increasingly complex and evolving regulatory environment across geographies and industries, and is hampered by compliance processes that remain largely unautomated and prone to error.• Just 47% are fully confident they can deploy AI agents in compliance with regulations and standards.• 83% of organizations say they haven't fully automated their compliance is a cornerstone of successful AI, yet confidence is nascentA recent consumer study found that trust in companies is on a precipitous decline, and three-fifths (60%) agree that advances in AI make a business's trustworthiness more critical. Furthermore, only 42% of consumers trust companies to use AI ethically, a decrease from 58% in 2023. IT security leaders see work to be done in earning this critical trust.• 57% aren't fully confident in the accuracy or explainability of their AI outputs.• 60% don't provide full transparency into how customer data is used in AI.• 59% haven't perfected their ethical guidelines for AI governance is a linchpin in enterprises' agentic evolutionNearly half of IT security leaders aren't sure they have the quality data to underpin agents, or that they could deploy the technology with the right permissions, policies, and guardrails, but progress is being made. A recent survey of CIOs found that four times as much budget was allocated to data infrastructure and management than AI, a signal that organizations were smartly laying the right groundwork for broader agents offer a salve as adoption ramps upAccording to the State of IT research, over 40% of IT security teams already use agents in their day-to-day operations — a figure that's anticipated to nearly double over the next two years. IT security leaders expect a range of benefits as their use of agents ramps up, ranging from threat detection to sophisticated auditing of AI model performance. Three quarters (75%) expect to use AI agents within two years — up from 41% overhauls are on tapIn addition to the steps these teams must take to shore up their data foundations for the agentic era, over half admit they have work to do to bring their overall security and compliance practices up to par. Forty-seven percent believe their security and compliance practices are fully prepared for AI agent development and customer view: Arizona State University (ASU) is among the first universities to leverage Agentforce, Salesforce's digital labor platform for augmenting teams with trusted autonomous AI agents in the flow of work. ASU stresses the need for data relevancy, especially as the university advances its AI initiatives. ASU implemented Salesforce-acquired Own backup, recovery, and archiving solutions, providing ASU with a comprehensive approach to data management, addressing their needs for backup, recovery, compliance, and innovation deeper:• Read the full State of IT: Security report• Learn how Salesforce is powering a smarter agentic future with new governance enhancements• Discover additional State of IT insights from the developer perspective• Read more on why trust and guardrails are even more critical in the age of AIMethodology: Data is sourced from a security, privacy, and compliance leader segment of a double-anonymous survey of IT decision-makers conducted from December 24, 2024 through February 3, 2025. Respondents represented Australia, Belgium, Brazil, Canada, Denmark, Finland, France, Germany, India, Indonesia, Ireland, Israel, Italy, Japan, Mexico, the Netherlands, New Zealand, Norway, Portugal, Singapore, South Korea, Spain, Sweden, Switzerland, Thailand, the United Arab Emirates, the United Kingdom, and the United States.