Listing Thumbnail

    Sophos Integration Appliance

     Info
    Sold by: Sophos 
    The Sophos Integration Appliance can be used to host Sophos NDR and third-party log collector integrations. Sophos NDR for AWS identifies rogue assets, unprotected devices, insider threats, and novel attacks to accelerate threat detection and response for AWS Environments and assets
    Listing Thumbnail

    Sophos Integration Appliance

     Info
    Sold by: Sophos 

    Overview

    Sophos NDR continuously monitors network traffic to detect suspicious activities that may be indicative of attacker activity, leveraging a combination of machine learning, advanced analytics, and rule-based matching techniques.

    It detects a wide range of security risks, including rogue devices (unauthorized, potentially malicious devices that are communicating across the network), unprotected devices (legitimate devices that could be used as an entry point), insider threats, zero-day attacks, and threats involving IoT and OT devices.

    Plus, when combined with other security telemetry, Sophos NDR enables threat analysts to paint a more complete, accurate picture of the entire attack path and progression, enabling a faster, more comprehensive response.

    To install Sophos NDR on AWS, a customer who has a Sophos Central Account and licensed to use MDR/XDR can download a cloud formation script from Sophos Central. When deployed in an AWS Account, the template will create a stack with all the required infrastructure to run Sophos NDR. Before creating the stack the user should accept a EULA on Marketplace for Sophos NDR AMI

    Highlights

    • Uses known indicators of compromise to identify threat actors and malicious tactics, techniques, and procedures across encrypted and unencrypted network traffic.
    • Detects zero-day C2 servers and new variants of malware families based on patterns found in the session size, direction, and interarrival times. Identifies dynamic domain generation technology used by malware to avoid detection.
    • Extensible query engine uses a deep learning prediction model to analyze encrypted traffic and identify patterns across unrelated network flows. Powerful logic engine utilizes rules that send alerts based on session-based risk factors.

    Details

    Sold by

    Delivery method

    Delivery option
    Sophos NDR for AWS

    Latest version

    Operating system
    Ubuntu 20.04

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Sophos Integration Appliance

     Info
    Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Sophos NDR for AWS

    Sophos NDR continuously monitors network traffic to detect suspicious activities that may be indicative of attacker activity, leveraging a combination of machine learning, advanced analytics, and rule-based matching techniques.

    It detects a wide range of security risks, including rogue devices (unauthorized, potentially malicious devices that are communicating across the network), unprotected devices (legitimate devices that could be used as an entry point), insider threats, zero-day attacks, and threats involving IoT and OT devices.

    Plus, when combined with other security telemetry, Sophos NDR enables threat analysts to paint a more complete, accurate picture of the entire attack path and progression, enabling a faster, more comprehensive response.

    To install Sophos NDR on AWS, a customer who has a Sophos Central Account and licensed to use MDR/XDR can download a cloud formation script from Sophos Central. When deployed in an AWS Account, the template will create a stack with all the required infrastructure to run Sophos NDR. Before creating the stack the user should accept a EULA on Marketplace for Sophos NDR AMI.

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Additional details

    Usage instructions

    You can manage your Sophos NDR Appliance on AWS from the Web Interface using HTTPS (TCP port 8443) and the command shell using SSH (TCP port 22)

    https://doc.sophos.com/central/customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Sophos/NDRonAWS/index.html 

    Resources

    Vendor resources

    Support

    Vendor support

    You can get help with your Sophos product in many different ways. https://doc.sophos.com/support/help/en-us/contact/index.html 

    Sophos Community Chat with our Community Experts. Find answers on the community forum, and share your expertise.

    Support TechVids Follow along with Sophos Experts as they walk you through the most common technical support issues.

    Support Portal Leverage the Sophos Support Portal search tool. Global Support phone numbers: https://doc.sophos.com/support/help/en-us/contact/index.html 

    Sophos Support URL: https://www.sophos.com/en-us/support 

    Support protal documentation: https://doc.sophos.com/support/help/en-us/portal/index.html 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.