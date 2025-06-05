Share

Sophos, a global leader in cybersecurity solutions, has announced a major update to its Sophos Firewall, enabling users to detect malware communications more effectively—even those that are previously unknown or not yet indexed—thereby strengthening protection against cyberattacks.

The update introduces Sophos NDR Essential, which is now available at no additional cost for all users with an XStream Protection license.

With this integration, Sophos Firewall utilizes two dedicated artificial intelligence engines to detect malware behavior and communications that use algorithmically generated domain names.

This enhancement is powered by the Sophos Network Detection and Response (NDR) probe and complements the existing Active Threat Response capabilities within the firewall.

Chris McCormack, Senior Product Marketing Manager at Sophos, explained that NDR traffic analysis typically requires substantial processing power.

To address this, the company has adopted a cloud-based approach, deploying the NDR solution in Sophos Cloud to handle the more demanding tasks and reduce the load on the firewall itself.

McCormack also highlighted new improvements to the firewall’s VPN client, which now enhances both security and user experience for SSL and IPsec VPN connections.

It includes support for EntraID (formerly AzureAD) to authenticate users and implement multi-factor authentication for both Sophos Connect and access to the firewall’s user portal.

He added that the update also introduces a more intuitive user interface, dynamic validation of the IP address pool allocated to various VPN connections to help resolve potential conflicts, strict profile enforcement, improved route-based VPN functionality, and better scalability for SD-RED devices.

Sophos reaffirmed its secure-by-design philosophy, emphasizing that its firewalls now include containerization of specific features and integrity checks on critical operating system files using mathematical checksums.

If a checksum mismatch is detected, it triggers a potential compromise alert, allowing monitoring teams to respond proactively to any suspected security incident.

According to the company, this allows incident response and development teams to swiftly manage and resolve critical issues affecting the firewall’s integrity.

With this latest update, Sophos continues to reinforce its position as a provider of intelligent, resilient, and adaptive cybersecurity solutions built to tackle modern threats.

Share