We are thrilled to announce the latest advancement in the Sophos cybersecurity suite—Active Threat Response for our network access layer products, Sophos Switch, and Sophos Wireless (AP6 Series only). This new functionality represents a significant leap forward in their mission to provide comprehensive, multi-layered security solutions to protect your networks from evolving threats. 

What is Active Threat Response? 

Active Threat Response is an innovative feature designed to enhance the security and management capabilities of your network infrastructure. It works in conjunction with Sophos Managed Detection and Response (MDR), Sophos Extended Detection and Response (XDR), and even third-party solutions. Threat feeds sent via an API trigger an automatic response to isolate compromised hosts across all Sophos AP6 Series access points and Sophos switches on the network. This rapid isolation prevents lateral movement, facilitating quicker remediation at the critical access layer. 

For customers using Sophos Network Detection and Response (NDR), this new functionality adds a responsive action to detections from deep within the network, ensuring a robust and comprehensive defense mechanism. 

Key Benefits of Active Threat Response 

Active Threat Response introduces a new, unique dimension to the Sophos ecosystem by: 

Isolating Wired and Wireless Hosts 

Active Threat Response can isolate both wired and wireless, managed, and unmanaged hosts, ensuring that any compromised device is swiftly contained to prevent further spread of threats across the network. 

Preventing Lateral Movement 

By stopping lateral movement, Active Threat Response buys valuable time for remediation. This is crucial in minimizing the impact of threats and protecting sensitive data from being accessed or exfiltrated by attackers. 

Utilizing Multiple Trusted Threat Feeds 

Active Threat Response uses threat feeds from multiple, trusted sources, including Sophos and third-party solutions. This multi-source intelligence ensures a broad and reliable detection capability, enabling a swift and accurate response to threats. 

Immediate Availability 

Active Threat Response is available immediately via Sophos Central for Sophos Switch and Sophos Wireless (AP6 Series only). To leverage this functionality, a valid support subscription for each switch or AP6 access point is required. 

Enhanced Protection with Sophos Firewall 

While a Sophos Firewall is not a prerequisite for utilizing Active Threat Response, combining it with Sophos Switch, Sophos Wireless, and Sophos Firewall ensures the highest level of protection at every network layer. This integrated approach provides a seamless and robust defense strategy against sophisticated cyber threats. 

Contact Us for More Information 

We are committed to providing our customers with cutting-edge security solutions to stay ahead of threats. For further information about Active Threat Response and how it can enhance your network security, please contact our team! 

#Sophos #CyberSecurity #ActiveThreatResponse #NetworkSecurity #CyferTech