Sophos has added a zero-trust network access solution to its growing secure access product family.
Called Sophos ZTNA and available now, the new product works in combination with the vendor’s Intercept X product to provide endpoint protection and network access control through a single agent. According to Sophos, those systems are currently the only ones on the market to cooperate in that manner.
“People, applications, devices, and data aren’t constrained to offices anymore—they’re everywhere, and we need more modern ways to secure them,” said Joe Levy, chief technology and product officer at Sophos, in a media statement. “Zero trust is a very effective cybersecurity principle, and ZTNA embodies it in a practical, easy to use way, ensuring that users have secure access to only the resources that they need.”
The new system also provides better network protection than remote desktops, IPsec, and SSL-VPN, all of which rely solely on encryption, Levy says. “We see attackers increasingly exploiting these limitations, stuffing credentials into RDP and VPNs to gain access to victim networks, and then moving freely once inside, all too often culminating in costly data theft and ransomware incidents.”
Separately today, Sophos published research on a new ransomware variant called Midas that capitalized on limited access controls and weak application and network segmentation to go undetected in an unnamed technology vendor’s environment for nearly two months.
“In a ZTNA configuration, properly configured access controls might have prevented the attackers from being able to leverage one compromised server against another, disallowing the hypervisors from interacting with one another and/or using one another as resources,” the report says.
According to Sophos, the integration between its ZTNA solution and Intercept X, which itself integrates with the extended detection and response system Sophos introduced last May, the vendor’s Managed Threat Response service, and other offerings, allows the new product to ease multi-vendor management burdens by collaborating with the entire Sophos security portfolio.
The system also shares real-time threat intelligence with third-party participants in the Sophos Adaptive Cybersecurity Ecosystem, an architecture also introduced last year that lets security vendors share telemetry from their products.
“The future of work will be hybrid, making it imperative that organizations are able to protect remote workers, remote data and remote applications,” said Christopher Rodriguez, research director for network security products at IDC, in prepared remarks. “By integrating ZTNA with endpoint protection, Sophos ZTNA enables risk-appropriate access to resources from any device, at any time and from any location. Trust is a key factor in business today—one that requires critical security controls to protect against business-impacting events, such as ransomware and data compromise.”
According to fellow analyst Gartner, a zero-trust network access product “creates an identity- and context-based, logical access boundary around an application or set of applications,” hiding them from discovery and allowing access only to a restricted set of named entities. “This removes application assets from public visibility and significantly reduces the surface area for attack,” Gartner says.
Leaders in the ZTNA market include AppGate, Palo Alto Networks, VMware, and Zscaler. Fortinet, ThreatLocker, and Trend Micro all have zero-trust access offerings of their own.
Sophos ZTNA is the second addition to the vendor’s secure access product line this month. The company rolled out a first-ever set of network switches two weeks ago.