Sophos RED scoops “Protector Award” at this year’s AusCERT conference

We try to avoid being too marketroidistic here on Naked Security.

After all, we’re aware that you can work out which company’s products we’d recommend just by looking at the URL of this article.

But when our technical colleagues get outside recognition for the excellence of the products they create, we can’t help but mention it.

(Especially when said techies are stuck at the coalface, knee deep in code, while one of their colleagues gets to collect their award at a Gala Dinner event in a subtropical holiday resort.)

So we’re proud to say that at this evening’s 2013 Information Security awards at the AusCERT conference in Australia, Sophos scooped the Protector Award with Sophos RED.

RED, you ask, from a company with a blue logo?

Yes! RED stands for Remote Ethernet Device, and it’s a brilliantly simple way of connecting up your branch office or remote workers:

The Sophos Remote Ethernet Device protects branch offices and provides secure remote access. Simply plug the device into your Internet router and centrally manage it from the Sophos UTM appliance at headquarters. Branch office traffic is forwarded to the Sophos UTM appliance for complete security.

The neat thing about the RED is that it can’t be misconfigured when it arrives at the remote office.

You enter the unique device ID printed on your RED into your Sophos Network Security Gateway (or UTM for short) back at HQ, and a new configuration file is automatically created and stored with the Sophos provisioning service.

When the non-techie at the remote office plugs in the unit and turns it on for the first time, the RED and the cloud automatically do the rest.

You end up with an encrypted Virtual Private Network (VPN) connection that is equivalent to having your remote workers plugged into your wired network at head office.

Delivering a product of this sort that Just Works isn’t a job for the faint hearted programmer.

The challenge of words like zero in computer science is that they are unambiguously absolute.

So when you promise a “zero configuration” experience, you really have to mean it: you can’t have a single pop-up dialog, tick box, or [OK] button.

→ Even a washing machine typically needs some user-side configuration, no matter that it’s just twiddling a dial and pressing a switch.

So, congratulations to our techie brothers and sisters for making “zero” mean zero!

By the way, if you’re wondering why you might want to consider a full-blown VPN instead of just relying on remote workers to connect to key services over HTTPS, take a look at some of the comments on our recent Wireless Security Myths video.

HTTPS secures individual transactions, but it doesn’t secure the DNS lookups of your remote users, and it doesn’t shield the times or destinations of their connections.

That might not sound like a lot, but an attacker who controls your DNS can entirely own your network, and an attacker who knows the pattern of your communications can apply traffic analysis and learn more about your business than you might like.

Much worse, rather obviously, is that HTTPS works with co-operating secure websites only; it protects nothing else that leaves or enters your computer.

So…which company’s product would I recommend for remote office connectivity?

Let me just say, “You can work it out just by looking at the URL of this article.”