Overview
Sophos Cloud UTM9 Auto Scaling is an AWS Security Competency approved NextGen Firewall Auto Scaling solution that helps customers with their shared security responsibilities by offering multiple layers of protection in a single solution that scans, controls and reports on traffic entering and leaving a VPC.
Security features include a Web Application Firewall (WAF), a pre-tuned and automatically updated Intrusion Prevention System (IPS), an Outbound Web Proxy/ Layer 7 Application Engine to protect and control connections to the Public Internet, an Advanced Threat Protection engine to identify and block unknown and evasive threats, and VPN Gateway features to securely connect remote sites and users. The UTM9 NextGen Firewall solution also provides detailed logs and reports which can be viewed on system and/or exported to the AWS CloudWatch Logs service and any Syslog compatible device.
Sophos provides a CloudFormation template to easily deploy the Active/Active solution across multiple Availability Zones while integrating with key AWS services such as Auto Scaling, CloudWatch, and S3 to comply with AWS Best Practice guidance on secure architecture. UTM9 Auto Scaling also provides Outbound Gateway which provides for secure, scalable outbound traffic protection, and a secure REST API to automate configuration.
Part of a complete cloud security portfolio. A selection of Sophos AWS Marketplace offerings is included below, while more can be found at www.sophos.com/cloud .
- Sophos UTM Auto Scaling: https://soph.so/utm-autoscaling-payg
- Sophos UTM Standalone or HA (Free Trial): https://soph.so/utm-payg
- Sophos XG Firewall Standalone (Free Trial): https://soph.so/xg-firewall-payg
- Sophos Cloud Optix (CSPM with Free Tier): https://soph.so/cloud-optix
If you have any questions about Sophos solutions or if you need assistance with deployment or configuration, please contact the Sophos Public Cloud team at aws.marketplace@sophos.com .
Highlights
- Control infrastructure and security costs by combining multiple security tools into a single, easy to deploy, scalable solution.
- Web App Firewall (WAF) protects your web apps against common threats like SQL injection and Cross-Site Scripting. Next-Gen Firewall protection and reporting with stateful traffic inspection, Layer-7 application control, secure proxies, and IPS.
- Outbound Gateway (OGW): automatically scale up or down for outbound network packet inspection, or URL filtering and whitelisting to help ensure your applications are accessible only to authorized services.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
Terminate the EC2 instance(s) or delete the CloudFormation stack at any time to stop incurring charges. You may email aws.marketplace@sophos.com for questions regarding Sophos UTM charges and refund requests.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Auto Scaling using CloudFormation
This CloudFormation template allows you to deploy Sophos UTM in an Auto Scaling scenario to automatically scale up and down with your application in AWS. The template will deploy three EC2 instances: one EC2 instance hosts the UTM Controller used for administration, and two EC2 instances host UTM Workers used to inspect traffic. The UTM Controller resides in an Auto Scaling group and stores configuration details, logs, and reports to an S3 bucket. The UTM Workers reside in another Auto Scaling group behind Elastic Load Balancing (ELB) and automatically increase the number of UTM Workers during demand spikes to maintain performance and decrease the number of UTM Workers during lulls to reduce costs. The UTM Workers use the configuration file stored in S3 to launch new UTM Workers for Auto Scaling and to propagate configuration changes via notifications from Amazon Simple Notification Service (SNS).
Sophos UTM Auto Scaling also offers an additional layer of security called Outbound Gateway (OGW) which allows customers to inspect and scale security based on outbound connections. OGW works by deploying gateway instances into VPC subnets (both local and remote) that forward all traffic to UTM workers via Generic Routing Encapsulation (GRE) tunnels. OGW provides failover across Availability Zones (AZs) and supports VPC peering to allow you to direct all application traffic to a Shared Security VPC.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
You can manage your Sophos UTM on AWS from the Web Interface using HTTPS (TCP port 4444), the command shell using SSH (TCP port 22), and via the RESTful API.
Sophos UTM requires a valid email address for administration purposes. This email address is not used for any other purpose and remains local to the Sophos UTM AMI. Please refer to the Sophos Privacy Policy for more details. https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
Sophos UTM on AWS Quick Start Guide https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosUTMAWS.pdf
For additional information about deploying on AWS please see: https://www.sophos.com/en-us/support/documentation/sophos-utm.aspx
Resources
Support
Vendor support
Sophos provides technical support via phone and web portal as part of your BYOL subscription. Phone: +1-844-591-2756 Web portal:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
SImplicity in Security
By implementing Sophos we were able to centrally control all security policies governing ingress traffic, and ensure that proper protection policies are in place for each application VPC. They are also able to easily gather logging data in a central location which can then be used for Administration, troubleshooting, and auditors.
Used in production for 4 months
We are using the Auto-Scaling solution with the WAF feature to protect 3 of our customer's web applications as part of a "shared security tier" model, split over multiple peered VPCs, and so far the UTM has been great. It has done most of what has been asked of it with no failures. Even on the minimum recommended size of m4.large for the controller and c4.large for the workers, it has not needed to scale up once yet.
We also use it for support users dialling in to AWS via the SSL VPN, and it is intuitive and easy to support via the User Portal, even with 2FA turned on.
The only criticism is that Sophos Support have not been great at supporting the Auto-Scaling model in AWS, it is almost as if they have had little to no training on it and several times I have had to explain it to them in full before any sort of support is necessary. I did however have great support from the After-Sales team which more than made up for it.
So far we have not updated the firmware on the solution for fear of it falling over, the documentation on this (updating the CF template to get the latest Up2Date) is pretty basic and doesn't fill me with confidence.
Bottom line is: The UTM auto-scaling does its job and it does it well, however the Support (and we are paying for Premium support) leaves much to be desired.
eaglefree
I'm new to this site im just looking and checking it out and see how it works........................................
.................................................I'm new in this but I hope to know better and to get to.know the program first........................
.
.
........