Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 7 subscribers
  • Views 761 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

standalone EAS Proxy - HAFNUM hardening

Fred_B


We have setup a standalone EAS Peoxy for Ms ActiveSync to Exchange. 

Next step would be to use the Sophos Mobile Secure E-mail cliënt to only allow known Sophos Secure E-mail Clients. But configuring Mobile MDM is not that straight forward. 

Is the standalone EAS Proxy in itself a secure solution over direct Ms ActiveSync to Exchange? Or is it just an open pass tru also exposing the Exchange vulnerabilities? 

regards,

Fred



This thread was automatically locked due to age.
Parents
  • 0

    If you’ve got an operating system exposed to the Internet, discoverable via Shodan, it is exploitable within minutes. What is the impact of that? If it’s in a chemical, pharmaceutical, food factory, or refinery, that’s a problem not just for downtime but more importantly because it could cause a safety or environmental incident. If it’s a temperature gauge, that’s much less risk. Companies will have a risk register for everything else, including natural disasters. They should have one for OT cybersecurity risk too.

    MyCCPay

  • +1 in reply to Franklin Rios

    Hi, As per further checking the EAS Proxy will only allow those devices through where the ActiveSync ID of the email app is known and allowed.Though there is no guarantee that it is sufficient though to completely prevent the attack performed via Hafnium.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community
Reply
  • +1 in reply to Franklin Rios

    Hi, As per further checking the EAS Proxy will only allow those devices through where the ActiveSync ID of the email app is known and allowed.Though there is no guarantee that it is sufficient though to completely prevent the attack performed via Hafnium.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community
Children
No Data
Unfiltered HTML