Securing your customers’ network for the holidays

ProductsSFOS v22Sophos Firewall

Tips to help your customers stay protected during the holiday season

Nov 21 2025 By

It’s that time of year when many IT teams — and their trusted partners — are preparing to spend more time with family and friends and less time monitoring dashboards and consoles.

Unfortunately, the holiday season is also a peak period for cyberattacks. To help ensure your customers’ networks remain secure and resilient, here are a few quick best practices you can share and implement.

For a full list of recommendations to protect against ransomware and other attacks, be sure to download our white paper on this topic.

Update Firmware and Shut Down Unnecessary Systems

Before the holidays, make sure your customers’ network infrastructure is fully updated with the latest firmware, and that any non-essential systems are taken offline. Any system exposed to the internet — either directly or indirectly (via NAT) — represents a potential vulnerability. Reduce that attack surface by disabling unnecessary services and updating everything that remains active.

Firmware updates often include critical security patches and hardening enhancements that improve overall protection.
If your customers use Sophos Firewall, ensure they’re running the latest firmware and consider enrolling them in the early access program for Sophos Firewall v22, which introduces enhanced security hardening features and a new Health Check to validate firewall configuration.

If your customers have other internet-facing infrastructure such as VPN concentrators or WAFs, verify those systems are also up to date or temporarily shut down.

Check Configuration Against Best Practices

Confirm that all access controls, portals, NAT rules, networked applications, IoT devices, and administration systems are either disabled or fully secured.

Sophos Firewall v22 introduces new security hardening capabilities and a built-in Health Check feature that compares configurations against best practices — making it easier for you to identify and address potential risks before they become issues.

Ensure All Systems Use Strong Authentication with MFA

Encourage customers to protect all admin consoles and remote access systems with multi-factor authentication (MFA) — or shut them down entirely when not in use.

Sophos solutions including Sophos Central, Sophos Firewall, and ZTNA support MFA to defend against brute-force attacks and compromised credentials.
Sophos Firewall v22 also adds new MFA support for the Web Application Firewall, one of the top requested features in this release.

In short, make sure MFA is enabled across all systems to minimize the risk of unauthorized access.

If a Customer Is Attacked, We Can Help

If one of your customers experiences an emergency incident during the holidays (or at any time), you can immediately engage the Sophos Emergency Incident Service.

Our expert incident response team will triage, contain, and eliminate active threats — removing all traces of the attackers and restoring systems to a safe state. Whether it’s an infection, compromise, or unauthorized access attempt, we’ve seen and stopped it all.

Sophos Emergency Incident Response is available 24/7/365, including throughout the holiday period.

About the Author

Chris McCormack is a network security specialist at Sophos where he has been focused on firewall and network protection since joining Sophos in 2008. When not evangelizing Sophos network security products, Chris specializes in providing advice and insight into the latest threats and network protection technologies and strategies.