Sophos Zero Trust Network Access
Securely connect your users to your applications.
Overview:
Securely connect anyone, anywhere, to any application. Sophos ZTNA transparently connects users to important business applications and data, providing enhanced segmentation, security, and visibility over traditional remote access VPN. It works as a standalone product and as a fully integrated Synchronized Security solution with Sophos Firewall and Intercept X.
Enable Remote Workers
Replace remote access VPN with a superior solution for secure access to the applications and data your remote users need.
Micro-Segment Your Applications
Micro-segmentation removes implicit trust and ensures your applications are secure from lateral movement.
Stop Ransomware and Other Threats
Eliminate a common attack vector to keep ransomware and other threats from getting a foothold on your network.
Onboard New Apps and Users Quickly
Stand up new applications quickly and securely, easily enroll or decommission users and devices, and get insights into application status and usage.
Highlights:
- Zero trust: trust nothing, verify everything
- Integrated with Sophos Intercept X
- Single agent, single console solution
- The ultimate remote-access VPN replacement
- Micro-segment and secure your network applications
- Works anywhere, on the network or off
- Cloud-managed, clouddelivered
- Transparent for end users
- Superior visibility and insights into your applications
- Integrates device health into access policies
- Simpler per-user annual subscription licensing with free gateways
Features:
Regain Trust in a World of Zero Trust
Sophos ZTNA delivers on the principles of zero trust: trust nothing, verify everything. Individual users and devices become their own micro-segmented perimeter that are constantly validated and verified. They are no longer "on the network" with all the implied trust and access that usually comes with it. Trust is now earned - not given.
Enable Remote Workers
Sophos ZTNA enables your remote workers to securely and seamlessly access the applications and data they need while making deployment, enrollment, and management much easier than traditional VPN.
Micro-Segment Your Applications
Sophos ZTNA provides the ultimate micro-segmentation so you can deliver secure application access whether your applications are hosted on premises, in a data center, or in your public cloud infrastructure. You also get real-time visibility into application activity for status, security posture, and usage.
Stop Ransomware and Threats
The possibility for ransomware and other threats to propagate across the network from a compromised user device is no longer a concern with ZTNA. Users and devices only have explicit policy-based access to specific applications. This eliminates the implied trust and broad network access that is one of the key challenges with VPN.
Deploy, Adapt, and Scale Quickly
Sophos ZTNA is built for the modern network that is dynamically changing, rapidly growing, and moving quickly to the cloud. It is a lean, clean solution that makes it quick and easy to stand up new applications securely, enroll or decommission users and devices, and get important insights into application status and usage.
Cloud-Delivered, Cloud-Managed
Sophos ZTNA has been designed from the start to make zero trust network access easy, integrated, and secure. Sophos ZTNA is cloud-delivered and cloud-managed, and integrated into Sophos Central, the world's most trusted cybersecurity cloud management and reporting platform.
From Sophos Central, you can not only manage ZTNA, but also your Sophos firewalls, endpoints, server protection, mobile devices, cloud security, email protection, and so much more. You can log in and manage your IT security from anywhere, anytime, on any device.
Single Agent, Single Console, Single Vendor
Sophos ZTNA uniquely integrates with the full Sophos cybersecurity ecosystem to make your job a lot easier. You get a single agent solution for both ZTNA and your next-gen endpoint protection. You also get a single-pane-of-glass management console in Sophos Central for unprecedented insights across all your IT security products.
Customers agree: the time saving benefits of a fully integrated Sophos cybersecurity solution are enormous. They say it's like doubling the size of their IT team.
Uniquely Integrated: ZTNA and Next-Gen Endpoint Protection
Sophos ZTNA is the only ZTNA solution that is tightly integrated with a next-gen endpoint product - Sophos Intercept X. This provides significant benefits in protection, deployment, and management.
- End-to-end protection: Secure your application access and protect your endpoints and networks from breaches and threats like ransomware with the most powerful machine learning and next-gen endpoint technology available
- Synchronized Security: With your ZTNA and endpoint integrated, they are constantly sharing status and health information to automatically isolate compromised systems to prevent threats from moving or stealing data.
- Single agent, single console, single vendor convenience.
It's a winning combination that you won't find anywhere else.
Single Agent Deployment
Sophos ZTNA is tightly integrated with Sophos Intercept X next-gen endpoint protection, enabling a single client deployment option.
You can have the world's best endpoint and ransomware protection along with the ultimate in application security and segmentation, all with a single client deployment.
Clientless access for browser-based applications is also an option.
Scalable Application Gateways
Sophos ZTNA gateways are free and easy to deploy where you need them. Available as a virtual appliance, you can easily deploy high-availability gateways and scale them as your organization grows.
Synchronized Device Health
Sophos ZTNA takes full advantage of Sophos Synchronized Security, utilizing the Security Heartbeat™ between Sophos Intercept X endpoints and Sophos Central and ZTNA to assess device health and identify active threats and signs of compromise. The result is an instant response to limit access, both on the network and off, for compromised or non-compliant devices.
Integrated Identity
With zero trust, identity is everything. Sophos ZTNA continuously verifies user identity with support for the most popular IDP solutions, including Microsoft Azure and Okta. Of course, you can also leverage your preferred multi-factor authentication (MFA) solution that integrates with these IDPs to guard against credential theft or compromised devices.
How It Works
Sophos ZTNA has been designed from the start to make zero trust network access easy, integrated, and secure.
Sophos ZTNA Client
The lightweight transparent and frictionless Sophos ZTNA client deploys alongside Sophos Intercept X endpoint protection (or any other endpoint product) with just one-click, greatly streamlining deployment and enrollment.
Sophos Central
Provides easy deployment, granular policy controls, and insightful visibility and reporting from the cloud. ZTNA is integrated with Intercept X to take full advantage of Synchronized Security and Security Heartbeat for device health.
Sophos ZTNA Gateway
Available as a virtual appliance on VMware and AWS that's free and easy to deploy. It continuously verifies user identity and validates device health for secure access to applications in your public cloud or on-prem datacenter.
Technical Specifications:
Supported Platforms | Current | Planned |
---|---|---|
Identity Providers | Microsoft Azure and Okta | Additional IDPs based on demand |
ZTNA Gateway Platforms | VMware ESXi 6.5+ and AWS | Azure, Hyper-V, Nutanix, and GCP |
ZTNA Client Platforms | Windows 10 1803 or later | macOS, iOS, Android |
ZTNA Device Health | Sophos Security Heartbeat (Intercept X) | Windows Security Center Additional posture assessment attributes are planned |
Gateway Specifications | |
---|---|
Recommended VM | 2 Core / 4GB |
Multi-Node Clustering | Up to 9 nodes with load balancing for performance, capacity, and business continuity |
Node capacity and scaling | 1000 clients for a single node, up to 3500 clients in a cluster |
Documentation:
Download the Sophos ZTNA Data Sheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Pricing and product availability subject to change without notice.