An unpleasant truth revealed in a recent survey (from global leader in network and endpoint security, Sophos) is that many IT administrators just don’t know what’s going on in their networks.

There are, it seems, many applications running over the enterprise’s infrastructure which are either unknown, unidentified or simply not monitored nor examined for possible malicious activity.

While the volume of network traffic has undoubtedly risen (VoIP and IoT data carried on the same infrastructure as server and endpoint activity, for example), what is more relevant is the increased use by malicious parties of cloaking methods. These include encryption, browser or well-known protocol emulation, and deployment of file-less malware.

Sophisticated network exploits which use this latter technique, such as MimiKats and EternalBlue, will indubitably continue, as well attacks which continue to use successful and increasingly refined vectors, such as email phishing.

Sophos’ XG Firewall adds deep-learning and sandbox technologies to its physical devices (and downloadable software version) to stop zero-day threats and malware of new, emerging and these refined, evolving types.

Using sandbox environments means that data-testing mechanisms can be highly aggressive with regards to memory use, network motility, and malware behavioural analysis. These methods of detection would not be viable with traditional firewalls as processor and resource overheads would be too high. However, by pushing potential problems to the cloud for such analysis, the protected organization is not affected – neither by security system overheads nor by infected payloads.

Sophos provides a fully integrated cybersecurity system which collates network-based attacks and endpoint threat mitigation into one overarching provision. This can stop advanced threats and prevent small, isolated incidents from turning into network-wide outbreaks.

Infected machines can easily be isolated, either manually or via automated rules, and the affected devices can then be treated quickly.

Sophos’ survey revealed that 3.7 days of working time are lost per month remediating infected machines in an averagely-sized network (100 to 1,000 machines), and the business imperative of ensuring increased system safety and uptime drive the Sophos business.

Sophos’ solutions include all traditional methods of network protection, including email threat mitigation (Sophos Sandstorm), IDS (intrusion detection system), application-layer packet filtering, in conjunction with continuous anomalous activity scans.

The majority of organizations agree that the lack of application visibility is a huge security concern, but Sophos’ survey revealed that nearly one in four IT managers could not identify 70 percent of the source in their network traffic.

It is perhaps not surprising then that the same managers (79 percent) wanted better protection from their firewalls, and there was a universal desire (99 percent of respondents) for firewall technology that can automatically respond to isolate infected machines, minimizing time spent remediating problems.

Sophos’ continuously-evolving security technology is powering the next-generation of IT security provision; the company pioneered the concept of synchronized security – intelligence sharing between network protection devices and endpoints.

The company’s network of SophosLabs helps it to provide predictive protection, improved detection and response times, and the necessary agility to prevent today’s stealthy and quickly-shifting threats.

While there has not been a dramatic increase in the total number of threat types in the last 12 months, existing threats are becoming more sophisticated and therefore more difficult to defend..

Cybercriminals are perfecting and honing their activities: for instance, choosing ransomware attacks and phishing emails for their proven results and refining them for effective reuse.

Only by unifying network & endpoint security measures and intelligent data monitoring can organizations’ digital backbones be protected from malware and unwanted activity.

“If you can’t see everything on your network, you can’t ever be confident that your organization is protected from threats. IT professionals have been ‘flying blind’ for too long and cybercriminals take advantage of this,” said Dan Schiappa, senior vice president and general manager of products at Sophos.

“With governments worldwide introducing stiffer penalties for data breach and loss, knowing who and what is on your network is becoming increasingly important. This dirty secret can’t be ignored any longer.”

The Dirty Secrets of Network Firewalls can be read in all its detail here, or viewed in condensed format here (also see the embedded video above). Get in touch with a local Sophos representative in your area to find out about how its next-gen cybersecurity solutions can help your organization.