Today we’re announcing a brand-new range of hardware appliances for Sophos Firewall OS, the XGS Series. This is not just a technology refresh; our firewall appliances have been completely reengineered and now come with a dual processor architecture to deliver a significant performance increase over previous models.
See how Sophos Endpoint, Sophos XG Firewall, and Sophos Encryption systematically work together to stop a ransomware attack. How to Get Synchronized Security To enable Synchronized Security, all you need is two or more Sophos products that work together. At least one product must be managed through the Sophos Central management platform. This article explains the firewall exceptions for the Sophos Remote Management System (RMS) TCP ports - including direction. Applies to the following Sophos products and versions Enterprise Console, Sophos Endpoint Security and Control 10.8.4 What to do See the diagram below for clarification.
The new XGS Series appliances release with Sophos Firewall OS v18.5, have a new simplified licensing scheme, and as if that wasn’t enough, we’re also changing the overall product name from Sophos XG Firewall to Sophos Firewall.
Dual Processor Architecture
Every XGS Series appliance combines a multi-core x86 CPU with a dedicated Xstream Flow Processor for application acceleration. Xstream Flow Processors are Network Processing Units (NPUs) which now add a hardware layer FastPath to extend the Xstream architecture that we introduced in SFOS version 18.
Flexible to the core
Sophos Antivirus Firewall Software
One benefit of the hardware platform that we’ve chosen, is that our Xstream Flow Processors are programmable. This allows us to extend the offload capabilities in future software releases, providing additional performance improvements, even for things like crypto processes. This, combined with the ability to modify and extend connectivity on every appliance, delivers a truly future-proof solution which can adapt as the network, workforce and security infrastructure evolves.
Protection and Performance
The increase in performance varies by model and test but you’re likely to see at least a 2X performance increase over v18 running on XG Series hardware and numbers to meet or beat our key competitors on the all-important Price per Protected Mbps. The additional performance headroom allows customers to turn on essential protection, such as TLS Inspection, with the confidence that they’re removing a huge blind spot in their network visibility – which hackers are increasingly exploiting – whilst maintaining their network performance.
Sophos Firewall OS v18.5
The new appliances come with the latest v18.5 software release which not only provides support for the new hardware, but also includes all the 18.x maintenance releases since the v18 release with extensive security hardening features, VPN and SD-WAN enhancements, Central Management and Reporting capabilities, and many more improvements.
Note: 18.5 for all non-XGS Series customers is currently expected to be available in June.
Product naming and availability
The XGS Series model line-up is similar to what we offer with the XG Series:
- Desktop model numbers have been increased by ‘1’
- 1U and 2U rackmount model numbers have an added ‘0’
Sophos Antivirus Download Mac
We’re launching all models over a period of about four to six weeks. All XGS Desktop and 1U 2xxx and 3xxx models are available from today, April 21st and the XGS 1U 4xxx and 2U models will be available from late May.
As actual availability can vary by model and region, please reach out to your local Sophos or distribution team for further details.
The XG Series models remain available for purchase.
Where to get more information
You can access all the updated resources for the Sophos Firewall and XGS Series launch, including a What’s New video, on the Partner Portal.
The web updates on sophos.com will be live in all core languages by 9am EDT/3pm CEST. The key pages for you to bookmark are sophos.com/firewall for the new main Sophos Firewall page and sophos.com/compare-xgs for the tech specs and details on the XGS Series.
A recording of the full launch SophSkills is available on the Partner Portal.
We wish you great success selling Sophos Firewall and the XGS Series and look forward to welcoming you to further webinars and events in the coming weeks.
You can monitor and configure Windows Firewall (and monitor other registered firewalls) on your computers and servers using a Windows Firewall policy.
You can apply a Windows Firewall policy to individual devices (computers or servers) or to groups of devices.Warning Other firewalls or your Windows Group Policy settings may affect how the policy is applied on individual computers and servers.
We advise that you test any firewall rules you create (locally or via Group Policy) to make sure that communication with Sophos is allowed.
Go to Endpoint Protection > Policies to manage Windows Firewall.
To set up a policy, do as follows:
- Create a Windows Firewall policy.
- Open the policy's Settings tab and configure it as described below. Make sure the policy is turned on.
In Monitor Type, select the level of monitoring you want:
- Monitor Only. Devices will report their firewall status to Sophos Central. This is the default option.
- Monitor & Configure Network Profiles. Devices will report their firewall status to Sophos Central. You can also choose whether to block or allow inbound connections on Domain Networks, Private Networks, and Public Networks.
- Block All
- Block (with exceptions). You must set up the exceptions locally on the computer or server. If you don't set up exceptions all inbound connections are blocked.
- Allow All