The ZTNA team is pleased to announce general availability of Sophos ZTNA v2.0.1. ZTNA is now integrated with Sophos XDR, enabling security teams to investigate and analyse user and application access activity. This release also contains enhancements to port range configuration for agent-based applications and CloudFormation Template (CFT) upgrades for AWS gateways, along with fixes for several issues.
ZTNA – XDR Integration
We are pleased to announce ZTNA integration with XDR. Users can query ZTNA-related information from the Sophos data lake with this integration. The first draft of pre-defined queries has been published on the Sophos Community. Users can now access these queries via the ZTNA query pack under the Threat Analysis Center.
This integration helps detect and investigate security events like denied application access attempts where you can filter by a threshold number. It’s also helpful for licensing, planning and auditing purposes to identify the top users based on application usage for example. The team will add more queries to this query pack in upcoming releases.
Port Range Configuration
You can now configure port ranges while creating agent-based resources. This facilitates users who use resources or applications that need a wide range of ports to work seamlessly.
AWS CFT upgrade
This release includes an upgrade to the CloudFormation template for AWS gateways. Our previous AWS gateway for ZTNA has leveraged components on AWS for gateway deployment and operation that are reaching the end of support date and must be upgraded to this latest version for seamless operation. Customers will receive alerts about the end of the support date and the deadline by which the CFT must be upgraded. The update process is available and fully documented from within the ZTNA Gateway section of Sophos Central.
For full details on these new capabilities, as well as fixed and known issues, please see the Community Announcement.