ASA vs Sophos

We are running a cisco 5510 and seek to update. Recently a company sales person came and give us ground for sophos 650 and wanted to sell us. I have using the cisco long product and find them reliable and as command-line switches, routers and asa etc.

They said is Sophos

Performance of the service

60 Gbps firewall throughput

IPS throughput 16 Gbps

AV, 5 Gbps throughput

20,000,000 concurrent connections

I want my management to go to the power of fire ASA or cisco x series with IPS and other features. But what I understand is sophos is a small to mid level as cisco asa are large engrprise. kindly could you please suggest sticking with cisco asa (new model asa) will be a good choice or go ahead with sophos. I like the cisco command line and networked cisco for the last year 4 all entered vaule will be highly appreciated.

Sorry for the late reply but I was actually busy at last minute student :) CCIE

I reviewed the links so my original notice still stands :)

-If you look at the NSS labs Brach detection report Sophos is not found while Cisco is high enough

-If you look at the latest report from Gartner Enterprise Firewall that Sophos is quite low, while Cisco is high enough

-If you look at the latest report from the Gartner IPS you will see the same

Another cool thing, Cisco is this support forum. If you have a problem you TACS but also Google :) If you Google a related problem of Cisco, you get hundreds of pages of answers. If you do the same for Sophos you'd be lucky if you get 1 or 2.

I hope this helps! Good luck!

Tags: Cisco Security

Similar Questions

Rookie of the ASA 5505 - cannot ping remote site or vice versa

Hi, I am trying configure an ipsec to an ASA 5505 (8.4) for a Sophos UTM (9.2)

Internet, etc. is in place and accessible. IPSec tunnel is also but I can't pass the traffic through it.

I get this message in the logs:

August 5, 2014

22:38:52

81.111.111.156

82.222.222.38

Refuse the Protocol entering 50 CBC outdoor: 81.111.111.156 outside dst: 82.222.222.38

SITE has (ASA 5505) = 82.222.222.38
SITE B (UTM 9) = 81.111.111.156

Pointers would be good because it's the first time I tried this. Thank you.

Running config below:

ciscoasa hostname
activate 8Ry2YjIyt7RRXU24 encrypted password
volatile xlate deny tcp any4 any4
volatile xlate deny tcp any4 any6
volatile xlate deny tcp any6 any4
volatile xlate deny tcp any6 any6
volatile xlate deny udp any4 any4 eq field
volatile xlate deny udp any4 any6 eq field
volatile xlate deny udp any6 any4 eq field
volatile xlate deny udp any6 any6 eq field
2KFQnbNIdI.2KYOU encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.1.1 255.255.255.0
!
interface Vlan2
Description Internet Zen
nameif outside
security-level 0
Customer vpdn group PPPoE Zen
82.222.222.38 255.255.255.255 IP address pppoe setroute
!
boot system Disk0: / asa922 - k8.bin
passive FTP mode
DNS lookup field inside
DNS domain-lookup outside
DNS server-group DefaultDNS
Name-Server 8.8.8.8
network obj_any object
subnet 0.0.0.0 0.0.0.0
the object of MY - LAN network
subnet 192.168.1.0 255.255.255.0
the object of THIER-LAN network
192.168.30.0 subnet 255.255.255.0
network of the NETWORK_OBJ_192.168.1.0_24 object
subnet 192.168.1.0 255.255.255.0
network of the NETWORK_OBJ_192.168.30.0_24 object
192.168.30.0 subnet 255.255.255.0
network of the THIER_VPN object
Home 81.111.111.156
THIER VPN description
service of the Sophos_Admin object
Service tcp destination eq 4444
object-group Protocol DM_INLINE_PROTOCOL_1
ip protocol object
icmp protocol object
object-protocol esp
object-group Protocol DM_INLINE_PROTOCOL_2
ip protocol object
icmp protocol object
object-protocol esp
object-group Protocol DM_INLINE_PROTOCOL_3
ip protocol object
icmp protocol object
object-protocol esp
object-group service DM_INLINE_SERVICE_1
ICMP service object
area of service-object udp destination eq
service-object, object Sophos_Admin
the purpose of the service tcp destination eq www
the purpose of the tcp destination eq https service
ESP service object
object-group service DM_INLINE_SERVICE_2
ICMP service object
service-object, object Sophos_Admin
ESP service object
response to echo icmp service object
object-group service DM_INLINE_SERVICE_3
the purpose of the ip service
ESP service object
response to echo icmp service object
object-group service DM_INLINE_SERVICE_4
service-object, object Sophos_Admin
the purpose of the echo icmp message service
response to echo icmp service object
outside_cryptomap list extended access allow object-group DM_INLINE_PROTOCOL_3 MY - LAN LAN THIER object object
outside_cryptomap_1 list extended access allow object-group DM_INLINE_PROTOCOL_2 MY - LAN LAN THIER object object
inside_cryptomap list extended access allow THIER-LAN MY - LAN object object DM_INLINE_PROTOCOL_1 object-group
outside_access_out list extended access allowed object-group DM_INLINE_SERVICE_3 object THIER_VPN host 82.222.222.38
outside_access_out list extended access allow DM_INLINE_SERVICE_1 of object-group a
outside_access_in list extended access allowed object-group DM_INLINE_SERVICE_2 object THIER_VPN host 82.222.222.38
inside_access_out list extended access allow object-group DM_INLINE_SERVICE_4 MY - LAN LAN THIER object object
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
no failover
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 722.bin
don't allow no asdm history
ARP timeout 14400
no permit-nonconnected arp
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
Access-group interface inside inside_access_out
Access-group outside_access_in in interface outside
Access-group outside_access_out outside interface
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
the ssh LOCAL console AAA authentication
AAA authentication http LOCAL console
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA-TRANS-aes - esp esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-TRANS-aes - esp esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA-TRANS esp - esp-sha-hmac
Crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transit
Crypto ipsec transform-set ikev1 ESP-DES-MD5-TRANS esp - esp-md5-hmac
Crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transit
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
Crypto ipsec pmtu aging infinite - the security association
card crypto outside_map 1 match address outside_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 81.111.111.156
card crypto outside_map 1 set transform-set ESP-AES-128-SHA ikev1
outside_map map 1 set ikev2 proposal ipsec crypto AES
card crypto outside_map 2 match address outside_cryptomap_1
card crypto outside_map 2 set pfs
peer set card crypto outside_map 2 81.111.111.156
card crypto outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 2 set AES AES192 AES256 3DES ipsec-proposal ikev2
outside_map interface card crypto outside
trustpool crypto ca policy
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2
FRP sha
second life 7800
Crypto ikev2 allow outside
Crypto ikev1 allow outside
IKEv1 crypto policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 7800
Telnet timeout 5
SSH enable ibou
SSH stricthostkeycheck
SSH 192.168.1.0 255.255.255.0 inside
SSH timeout 30
SSH version 2
SSH group dh-Group1-sha1 key exchange
Console timeout 0
VPDN group Zen request dialout pppoe
VPDN group Zen localname [email protected] / * /
VPDN group Zen ppp authentication chap
VPDN username [email protected] / * / password * local store

dhcpd outside auto_config
!
dhcpd address 192.168.1.5 - 192.168.1.36 inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
enable dynamic filters updater-customer
use of data Dynamics-based filters
smart filters enable external interface
interface of blacklist of decline in dynamic filters outside
WebVPN
AnyConnect essentials
internal GroupPolicy_81.111.111.156 group strategy
attributes of Group Policy GroupPolicy_81.111.111.156
Ikev1 VPN-tunnel-Protocol
JsE9Hv42G/zRUcG4 admin password user name encrypted privilege 15
username bob lTKS32e90Yo5l2L password / encrypted
tunnel-group 81.111.111.156 type ipsec-l2l
tunnel-group 81.111.111.156 General-attributes
Group - default policy - GroupPolicy_81.111.111.156
IPSec-attributes tunnel-group 81.111.111.156
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
pre-shared-key authentication local IKEv2 *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
inspect the icmp
inspect the dns dynamic-filter-snoop preset_dns_map
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
HPM topN enable
Cryptochecksum:9430c8a44d330d2b55f981274599a67e
: end
ciscoasa #.

Hello

Watching your sh crypto ipsec output... I can see packets are getting wrapped... average packets out of the peer 88.222.222.38 network and I do not see the package back from the site of the UTM 81.111.111.156 at the ASA... This means that the UTM Firewall either don't know the package or not able to get the return package... Exchange of routing is there... but you need to check LAN to another counterpart of site...

Please check the card encryption (it must match on both ends), NAT (exemption should be there @ both ends) and referral to the ends of the LAN...

I suggest you try with the crypto wthout specific port card... say source LAN to LAN with any port destination...

allow cryptomap to access extended list ip

Concerning

Knockaert

Concerning

Knockaert

Sophos support

Why does not open Sophos on my Mac Mini?

You don't want Sophos on your Mac. It is worthless scamware. He offers no protection and only causes problems. I strongly recommended that uninstall you it.

AVG or Sophos and Sierra?

I tried this post in the Sierra forum, but I don't know how.

Can anyone tell me if AVG or Sophos now work with Sierra?

I tried a few weeks ago and it crashed my computer so I removed it and everything all right.

But I'm worried about getting a virus. I have used AVG and Sophos in the past, they are free, and I loved them.

Any help would be appreciated.

Judie

Just think about it this way. Why would you want a program that, at best, can only look for virus Windows, since they cannot search for non-existent Mac viruses?

If you're worried about malware and adware, those who are different kettles of fish, and the best defense is you.

Good day.

ASA not found (error 2)

Hi all

I never thought this would happen, but it seems that I can't install itunes more.

After that my original HARD drive has failed and took the old library iTunes with it, I went to a drive C: SSD + D: HARD disk drive.

Obviously, iTunes install goes on (as recommended) C. The installation went without problems.

Now, when I try to launch it I get the "Apple Application Support not found, necessary for the performance of iTunes, reinstall etc. Error 2 (sometimes with "Windows error 5" as well).

The steps I've tried: complete the removal and reinstallation, removal of all traces of file and registry, manual reinstall post-installation of ASA (it allows me to fix, which means that it is definitely installed). I am the admin of this PC with Win7 64 bit.

When I try to install each component of the iTunes install manually (AAS-Hello-AMDS-ASU-iTunes) I get iTunes to start the first launch config, and then it crashes with 'is not properly installed error 42404 ".

Is there a way to start APSDaemon.exe manually?

Any suggestions?

UPD: When I run the x 64 folder AAS VersionCheckMe.exe all else fails. Making x 86 past version control, but fails on "version of Windows, the name of the specified module. 1.0.0.1 < 1.2.0.0 >"

I went ahead and install QT for good measure. He launched and seems to work fine. Manual installation of the x 86 QT-bundled AAS fails because of the "new version", likely that of iTunes. Always the same problem with iTunes so

I use Sophos Anti-virus and found Geneio and Kuklorist

I'm a newbie enough on Mac, having changed my PC a couple of years ago. I don't have to download Sophos Anti-virus at the moment where I bought the iMac. I have the OS X El Capitan, 10.11.4 edition. I had very few problems until recently when I seemed to download a virus or a trojan. I was actually going to favourable sites when it happened and happened twisted things and something came and said that I had downloaded a virus. Don't know what the program which has been notified me.

It takes forever, forever, to run the anti-virus program Sophus, like 2 weeks to do (and it scans 2 external drives from 1 to 3 terabytes).

He did not find "viruses", but did fine "an item found" and "detected problems." When I open the Quarantine Manager, he has a list of 109 separate lines (files) and named the whole Genieo thing. All but two of the 109 lines have the extension "pdf.pronto" and are listed in my external hard drive (Seagate Backup Plus drive). Both of which do not have the extension of pdf.pronto have ' macOS/appYM' and Kuklorist in line, like an uninstall and the other as "Application Support/Kuklorist".

I think I have maybe two? problems, as Genieo and Kuklorist, but that might have a single with two names. I'm not sure.

A - J Sophos program could not automatically delete the files and told to remove them manually. I have trouble finding a way to do it. I looked in the community of Apple support and got a few suggestions more elderly (year 2014 and 2015), but cannot follow the steps (I can't use the Finder to locate the lines I should copy.) I need help, anyone?

Steve

Download and run Malwarebytes Anti-Malware for Mac:

https://www.Malwarebytes.org/antimalware/Mac/

That should solve the problem of Kuklorist.

Try the following steps to Geneio:

http://www.thesafemac.com/arg-Genieo/

Ciao.

Sophos antivirus a brake. It can be managed?

Been using Sophos A - V and it produces the "rotation beach ball" and slows down my computer at the speed of the abacus.

To uninstall in mind, but as it doesn't seem clean software malware and other rubbish.

Anyone know if we can just it inactivate and turn it on periodically?

If so, should what steps I take?

Uninstall it:

https://www.Sophos.com/en-us/support/knowledgebase/120838.aspx

Sophos for Mac

Hello world

I've been a Windows user for a long time and have good antivirus software has always been a top priority to ensure the security of my laptop and your personal information. Recently, I spent at Mac Pro and I was told me that produced Mac not really need any anti-virus program. Turning the firewall was sufficient, but I'm still not convinced, and I was wondering what are you opinions or advice on downloading of Sophos for protection.

Does more harm than good. I always had anti-virus software, when I ran Windows. I have never on a Mac.

Cannot change ASA when recording RAW?

question, but I can't change the ASA when R5 is attached and RAW recording...

I realize that RAW is RAW, but I still think that you should still be able to view the ASA that will push you to post,

like how RED it with their cameras. Am I missing something? Thank you!

It would seem that followed EI LUTs are planned for the release of the 1.4 firmware.

Ned Soltz

How to remove virus hurt/Packer by Sophos found?

How to remove virus hurt/Packer found by Sophos (mac OS x 10.9.5)?

It is also a Windows malware that cannot hurt you directly, perhaps in the form of an attachment. You don't need to remove it. Just do not pass to someone else.

That you need to remove is "Sophos," which is worse than useless.

Please remove the Sophos product by following the instructions on this page, so this one, if any. If you have a different version, the procedure may be different.

Back up all data before making any changes. Never install a software "anti-virus" or "anti-malware" again.

Install sophos antivirus?

Can someone tell me how to install this sophos antivirus on my iPhone 5? I tried different ways, but it is not yet available for the App Store and when I try to download it directly I get a message "Safari cannot connect to the Servetus. I know it is available for mobile phones, but I can't do it.

I would be grateful if advice thanks in advanc.

You can not download anything other than from the app store. If it is not in the app store, then you can not get it.

He didn't need an anti virus. There is no virus affecting iPhones.

Sophos: Problems detected

Hi guys,.

I recently conducted a scan of my MacBook Air using Sophos anti-virus and the underside of problems have been identified:

New volume detected to.

2016-01-03 18:23:39 + 0000 file corrupt: /private/var/folders/f7/pmtj4c3d2bgdr714z5xhmz7m0000gn/C/com.apple.appstore/101 8109117/ftk3252456602304584541.pkg

2016-01-03 18:23:48 + 0000 corrupted file: /private/var/folders/zz/zyxvpxvq6csfxvn_n00000s0000068/C/com.apple.SoftwareUpda you / CFNetworkDownload_qJXc74.tmp

Please can someone advise me if these questions are harmful or not, and how to remove them from my camera.

Thank you

Dan

Dan78910 wrote:

Hi guys,.

I recently conducted a scan of my MacBook Air using Sophos anti-virus and the questions below have been identified

Sophos is the problem. Uninstall the application.

Need help, looks have a Trojan as by Sophos Anti Virus Quarantine Manager

Hello everyone, use macbook air and the latest version of the software capitan. Sophos Anti-virus tells me I have a Trojan horse and he can't get rid of it? What should I do?

Under the Adware & PUA in Sophos anti-virus Quarantine Manager, it shows a lot of viruses that need to be removed manually. I can't find the corresponding files to delete them manually? They are perhaps missing.

InstallCore

Refog Keylogger

SpiGot that all these 3 seem to be somehow on my macbook air. How these same coming on my macbook? I can't delete them, someone suggest what I do?

Dee

Uninstalling Sophos. You don't need it. Very probably it gives you the wrong values. If you really have adware on your computer then see:

Remove the browser pop up problems

Malwarebytes Anti-Malware 1.0.1.7

Adblock Plus 1.8.9, GlimmerBlockeror AdBlock

Remove the adware that displays pop-up ads and graphics on your Mac

How to remove adware FlashMall of OS X

Cannot open Quickbooks and also problems with Sophos & DLL

Original title: Sophos & DLL

I have the same problem as others with Sophos & DLL, but how to solve the problem that my Quickbooks does not open.

Hello

(1) what exactly is the problem that you are facing with Sophos & DLL?
(2) what version of the Windows operating system is installed on the computer?
(3) have you made recent changes to the computer before the show?
(4) you get an error message?

I suggest you to contact QuickBooks support for assistance.
http://support.QuickBooks.Intuit.com/support/default.aspx

SceCli 1202 after the Installation of Sophos 0x4b8 error

Our company uses Sophos Endpoint Security and Control (v10) for our anti-anti-virus/personal firewall of the company. About a month ago, we pushed the Sophos Endpoint client to our two domain controllers (that are running Active Directory) - This installs only the part of the client to a server antivirus. It is Windows 2003 Server R2, Service Pack 2 servers. Once installation is complete, you must restart the server for the console policy Sophos are taken into account. Just before the restart, we started to see the SceCli error appear in the application log in Event Viewer. And now every 5 minutes, another event is added. We have installed Sophos to other Windows 2003 servers and have not seen the same question on them. Has anyone else seen elsewhere? Any suggestions on what we can do to stop these events to the application log? Are there Sophos configuration changes that must be accomplished to AC/DC servers? I asked the question of Sophos support, but so far, they have not been able to give me all the answers. Thought I'd see if anyone else had experienced. We have not done any changes to group policy... and the fact that it only happens on two servers makes me think that this is not really a problem with group policy. Thank you in advance for your help!

Hello

The question you have posted is related to professional level support. Please visit the below mentioned link to find a community that will support what ask you:

http://TechNet.Microsoft.com/en-us/WindowsServer/bb512919.aspx

ASA vs Sophos

Similar Questions

Maybe you are looking for