I found the time to have a look at the new Sophos Central reporting product. Nice, clean and quick compared to XG reporting where reporting is very bad in my opinion (compared to UTM and SCR).
Anyway, Sophos, as other vendors are moving EVERYTHING to the Cloud as the Cloud is the future (soon we will go back to datacenter. IT world is a cycle). Anyway, so my question to reflect on is:
What about SCR on-premise? Many European customers will never move to Cloud. Think about banks, military environment, and other companies. In the last week, I visited 3 customers where they will stay on-premise installation (2 of them use SEA and one SWA) and asked me:
every vendor is moving to the Cloud, even Sophos, we are considering small vendor for products that are available even for on-premise. Think about dear Sophos and make sure that all the "fantastic" products you only have on the Cloud are also available for on-premise installation.
Cloud is not safer than on-premise!
Do not forget or abandon this market share portion!
Sophos Central is our strategy moving forward for firewall reporting and management. It unlocks many other important capabilities for customers such as our Managed Threat Response service, execute on our Darwin vision (https://www.techcentral.ie/sophos-project-darwin-embraces-ai-combat-evolving-threats/), better security integrations, and more. For organizations that are cloud averse, they can elect to use 3rd party tools to store and process their log data from XG such as Splunk, Logstash/Kibana, etc.
Thanks Rob. The problem is that you guys consider the US market and not the Europe market. We have different way of viewing information security and data protection. In US there is not a global regulation but different industries, different standard (PCI-DSS, HIPAA; PIPEDA, COPPA) while us we have a GDPR. In our case, regulation protects the end-user while in your case the story is little bit different.
Cloud introduces additional risks if you take a careful analysis and it does not simply nothing from the security point of view. Anyway everyone has a different point of view, but technical, clouds introduce more actors, processes and links so more threats.
European Companies, I know and I collaborate with, are still developing for On-Premise and then Cloud.
Sophos chose to concentrate on US market and Cloud market as other major security vendors (like Fortinet, Checkpoint, and so forth) are doing. This is your market decision but I can see that, for example, Sophos Safeguard is still developed for both markets because Safeguard is developed in Germany. This is strange!