Sophos Server Protection for AWS Instances

Sophos Server Protection for AWS Instances
Sophos Server Protection
for AWS Instances
Sophos Central integrates with
AWS for effective, consistent,
and easy protection of server
Sophos, a leader in network and endpoint security, has recently integrated
its server-specific security with Amazon Web Services to more easily protect
workloads deployed in AWS. Designed to secure business-critical servers
without sacrificing performance, Sophos Server Protection protects Windows
and Linux server images from malicious attacks using a variety of traditional and
next-gen methods, including CryptoGuard anti-ransomware, Malicious Traffic
Detection, and application whitelisting via Sophos one-click Server Lockdown.
When using Sophos Central, customers now have the ability to directly connect
their Sophos Central management console to their AWS environment.
Solution Brief May 2017
Sophos Server Protection for AWS Instances
Key benefits
ÌÌ Auto Scaling Groups created in AWS are automatically available in Sophos Central.
Server Protection policies can be applied to Auto Scaling Groups in the console,
enabling consistent security policies across the organization; new instances in an
Auto Scaling Group receive the applied policy automatically.
ÌÌ Terminated EC2 instances are removed from the Sophos Central management
console automatically for easy, automated visibility of currently running server
ÌÌ Admins can see all EC2 instances in AWS accounts and whether each instance is
protected by Sophos.
ÌÌ Management is easy in a single console with context about the instances
automatically visible: EC2 instance meta-data is displayed, including EC2 Lifecycle
state, instance ID, AMI ID, Region, AWS Account ID, VPC ID, Auto Scaling Group.
ÌÌ Servers can be managed alongside endpoints, mobile and wireless devices, and web
and email gateways, all within a single cloud-based management console.
Solution Brief May 2017
Sophos Server Protection for AWS Instances
The read-only connection between Sophos and AWS leverages native AWS APIs to enable customers
to apply Server Protection policies to Auto Scaling Groups and display valuable information about their
EC2 instances in the Sophos Central management console. This integration will soon leverage the
native IAM roles in conformance with AWS best practices.
Recommended Link:
Easy deployment and setup
Sophos Server Protection can be installed on AWS EC2 instances using the customer’s preferred
deployment tool, such as Chef or Puppet, using ready-made scripts provided by Sophos. Simply
grab the link to the installer from the “Protect Devices” screen in your Sophos Central console and
embed it into a deployment script, or host the installer in an AWS S3 bucket if preferred. Alternatively,
customers can create an AMI with Sophos Server Protection installed. When new EC2 instances are
launched with Sophos installed, the agent will register with the customer’s Sophos Central console
and apply threat protection policy automatically.
Connect an AWS account to Sophos Central in 3 easy steps:
1. Create a read-only IAM User in AWS console
with the permissions described in Sophos documentation
2. Navigate in Sophos Central
System Settings > AWS Accounts
3. Create connection using IAM details
Sophos Central connects to the customer’s AWS account in seconds
Recommended Link:
Considerations for Securing AWS deployments
1. Why using AWS:
ÌÌ Trying to save infrastructure costs? (You still need to protect servers per Amazon Shared
Responsibility Model)
ÌÌ Moving existing applications to AWS? (And want to protect hybrid environment both on-premises
and in AWS?)
ÌÌ Looking to use DevOps to automate IT? (Sophos supports and provides scripts for leading
orchestration tools such as Chef and Puppet)
2. How are you using AWS:
ÌÌ How sensitive is the data in AWS? How will you protect the server images and prevent malicious
ÌÌ Are your compliance concerns addressed?
Solution Brief May 2017
Sophos Server Protection for AWS Instances
Sophos Central Server Protection is licensed per server, with a choice between the
Standard or Advanced licenses depending on the features desired. Sophos’ integration
with AWS means that when EC2 instances are terminated – for example due to Auto
Scaling – license usage information in your Sophos Central management console is
adjusted automatically. Select the number of Server Protection licenses based on the
estimated number of servers. Sophos Central will count and indicate the number of Server
Protection agents actually in use.
Learn more about Sophos Server
Protection for AWS Instances at
United Kingdom and Worldwide Sales
Tel: +44 (0)8447 671131
North American Sales
Toll Free: 1-866-866-2802
Oxford, UK
© Copyright 2017. Sophos Ltd. All rights reserved.
Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK
Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are
trademarks or registered trademarks of their respective owners.
2017-05-10 WP-NA (MP)
Australia and New Zealand Sales
Tel: +61 2 9409 9100
Asia Sales
Tel: +65 62244168
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF