Active Threat Response Sophos Firewall uniquely integrates with many Sophos products to automatically coordinate a response to an active adversary or attack: Ì Sophos Endpoint and XDR Ì Sophos Managed Detection and Response services Ì Sophos switches and wireless access points Ì Sophos ZTNA remote access Ì Sophos messaging protection Ì And third-party threat intelligence solutions Regardless of how the threat is first identified, whether at the firewall, by another product, or by a security analyst, Sophos Firewall coordinates a Synchronized Security response across Sophos products. It will identify and isolate the compromised host and prevent lateral movement and external communications until the threat can be investigated and cleaned up. Sophos Synchronized Security integration between products also provides additional capabilities you can’t get anywhere else that adds tremendous value to your network: Ì Synchronized Application Control takes advantage of telemetry gathered by the endpoint about active, networked applications and shares that with the firewall enabling control of applications that might otherwise go unidentified. Ì Synchronized User ID works similarly to share user identity between the endpoint agent and the firewall to enforce user-based policies without the need for a separate client or server identity solution. Ì Synchronized SD-WAN leverages Synchronized Application Control for traffic matching operations to effectively route custom or otherwise unknown application traffic across your network.