Sophos RED scoops "Protector Award" at this year's AusCERT conference

Filed Under: Cryptography, Featured

We try to avoid being too marketroidistic here on Naked Security.

After all, we're aware that you can work out which company's products we'd recommend just by looking at the URL of this article.

But when our technical colleagues get outside recognition for the excellence of the products they create, we can't help but mention it.

(Especially when said techies are stuck at the coalface, knee deep in code, while one of their colleagues gets to collect their award at a Gala Dinner event in a subtropical holiday resort.)

So we're proud to say that at this evening's 2013 Information Security awards at the AusCERT conference in Australia, Sophos scooped the Protector Award with Sophos RED.

RED, you ask, from a company with a blue logo?

Yes! RED stands for Remote Ethernet Device, and it's a brilliantly simple way of connecting up your branch office or remote workers:

The Sophos Remote Ethernet Device protects branch offices and provides secure remote access. Simply plug the device into your Internet router and centrally manage it from the Sophos UTM appliance at headquarters. Branch office traffic is forwarded to the Sophos UTM appliance for complete security.

The neat thing about the RED is that it can't be misconfigured when it arrives at the remote office.

You enter the unique device ID printed on your RED into your Sophos Network Security Gateway (or UTM for short) back at HQ, and a new configuration file is automatically created and stored with the Sophos provisioning service.

When the non-techie at the remote office plugs in the unit and turns it on for the first time, the RED and the cloud automatically do the rest.

You end up with an encrypted Virtual Private Network (VPN) connection that is equivalent to having your remote workers plugged into your wired network at head office.

Delivering a product of this sort that Just Works isn't a job for the faint hearted programmer.

The challenge of words like zero in computer science is that they are unambiguously absolute.

So when you promise a "zero configuration" experience, you really have to mean it: you can't have a single pop-up dialog, tick box, or [OK] button.

→ Even a washing machine typically needs some user-side configuration, no matter that it's just twiddling a dial and pressing a switch.

So, congratulations to our techie brothers and sisters for making "zero" mean zero!

By the way, if you're wondering why you might want to consider a full-blown VPN instead of just relying on remote workers to connect to key services over HTTPS, take a look at some of the comments on our recent Wireless Security Myths video.

HTTPS secures individual transactions, but it doesn't secure the DNS lookups of your remote users, and it doesn't shield the times or destinations of their connections.

That might not sound like a lot, but an attacker who controls your DNS can entirely own your network, and an attacker who knows the pattern of your communications can apply traffic analysis and learn more about your business than you might like.

Much worse, rather obviously, is that HTTPS works with co-operating secure websites only; it protects nothing else that leaves or enters your computer.

So...which company's product would I recommend for remote office connectivity?

Let me just say, "You can work it out just by looking at the URL of this article."

, , , , , ,

You might like

One Response to Sophos RED scoops "Protector Award" at this year's AusCERT conference

  1. Nigel · 516 days ago

    I watched the Wireless Security Myths video a couple of days ago, and although it was very clear and informative (as usual), it now means a great deal more in context with this article. Thanks Duck!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog