Cloudflare's Zero Trust Network Access (ZTNA) technologies create secure boundaries around applications. When resources are protected with ZTNA, users are only allowed to access resources after verifying the identity, context, and policy adherence of each specific request. Cloudflare's Zero-Trust-as-a-Service model enables users to deploy access controls on the company's instant-on cloud platform, backed by Cloudflare's global network.
N/A
Sophos Email
Score 7.4 out of 10
N/A
Sophos Email is presented as Predictive Cloud Email Security Powered by Artificial Intelligence designed to block spam and malware, as well as protect employees and block phishing attempts.
For example, Cloudflare is a very good solution for ZTNA implementation. Cloudflare has Warp for propagating Gateway rules and checking device posture. Browser Isolation gives you more abilities to use internet resources without any restrictions and at the same time not put the company at risk. For example, if there is no DLP solution in place blocking the printing function can partly protect the company's sensitive data from intentional or intentional leakage through the online forms. A similar approach protects the end-user device from Zero-day threats and malicious software code. Moreover, Remote Browser Isolation technology protects not only the user's device but also the user himself from possible phishing attacks - for example, even if the user enters his username and password on the phishing website, bank card issuers, or other personal or confidential data, data will not go beyond the isolated cloud environment. Cloudflare Access gives company administrators a great opportunity to implement role-based access policies and make effect segmentation and diversification of company network groups.
If trying to ensure the email is secure from a certain degree of threats like spam, ransomware and even phishing attacks than Sophos Secure Email Gateway is the answer. In our organization, it's been implemented and none of the security incidents related to those attacks that rooted from email is reported. And Sophos Secure Email Gateway has one of the best email encryption methods we found on the market.
We could customize it to have a certain level of workflow. We manage to enforce certain email (based on key-phrases) to be quarantined before send it to the recipient. And the email needs to be approved (manually) before being released.
For certain type (using regex) of email, we will encrypt it if it's sent outside our organization domain.
Rules processing does not perform impersonation filtering properly. For example, if the email gets classified as spam the impersonation rule is not processed against it. This means your users will release these quarantined emails to their inboxes. Impersonation rules should be a top-level rule.
The product boasts it has AI and advanced processing but regularly lets credential harvesting emails through constantly. URL filtering does not block them and when they are reported it takes up to an hour to block the malicious URL in the filtering. This is too slow since users typically are clicking on these links in emails within minutes
Support is nonchalant with no sense of urgency. They don't follow simple requests for contact hours and will reach out to you hours after your day has ended. Support engineers agree with you that the product fails to meet standards and think this is an ok thing.
Emails will get rejected by unknown filters and require research to be done against logs by Sophos support. This is absurd, if an email is blocked it should not require a support ticket for investigating
The processing of rules is inconsistent. The same email from the same email address and same IP address is classified as SPAM for some and allowed for others
It was easy to use and easy to implement. You don't need previous knowledge on the products, after we got this up and running, it took us hours to put everything together. The transition was easy and seamless.
It's mostly great and for policies and features, it does everything we would ask it to and more. The only thing keeping it from being a 10 is the lack of granularity in the reporting, which is actually an issue within Sophos Central as a whole. The ability to drill down from dashboards into accurate, detailed data would be very helpful at times.
Each time we're contacting Sophos Email Support we are getting a very quick answer and when it is urgent the local team can even do an escalation in such way to handle the situation in urgency; once done, we are called the same day, sometimes the same hour to see how to help us unblock our issue and find a way out.
As long as all Cloudflare products and services rely on anycast technology, in a complex approach Cloudflare is faster and more relevant for cloud applications. The balance between security and performance is fully established. Also, Cloudflare has quite a good stack for API connection protection, like the API Shield example, which makes it more effective compared to F5 for example. Warp as a ZTNA agent gives better visibility and device posture information than FortiClient does.
I have only tried Sophos Email, and I find it to be a very useful tool, as it protects against information leakage such as fraudulent emails, cloud sandboxing and quarantine, which are essential functions and the product works excellent.
Sophos Email has been protecting our users, including the administrative branch, who are the target of attacks most frequently.
Every month Sophos Email stops about 100,000 malicious emails. We calculate that if these attacks have saved the company time, it prevents us from having a lot of support staff to attend to the cases.
