Sophos Firewall Appliance

Posted on  by admin

Today we’re announcing a brand-new range of hardware appliances for Sophos Firewall OS, the XGS Series. This is not just a technology refresh; our firewall appliances have been completely reengineered and now come with a dual processor architecture to deliver a significant performance increase over previous models.

  1. Sophos Firewall Appliance Solutions
  2. What Is Sophos Xg
  3. Sophos Firewall Virtual Appliance

NOTE: The Sophos XG Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process. Therefore, a separate, dedicated computer is needed, which will change into a fully functional security appliance. Just right for the spare PC you have sitting in the corner! Sophos has today unveiled new XGS Series firewall appliances with unrivaled performance and advanced protection against cyberattacks. Download the free Sophos firewall home edition. A separate dedicated computer is needed - turn it into a fully functional security appliance. Free Home Use version. Our Sophos XG Firewall Home Edition is a fully-equipped software version that gives you complete network, web, mail, and web application security with VPN functionality, for home-use only and limited to 4 virtual cores, 6 GB of RAM. Visit Further resources.

The new XGS Series appliances release with Sophos Firewall OS v18.5, have a new simplified licensing scheme, and as if that wasn’t enough, we’re also changing the overall product name from Sophos XG Firewall to Sophos Firewall.

Dual Processor Architecture

Every XGS Series appliance combines a multi-core x86 CPU with a dedicated Xstream Flow Processor for application acceleration. Xstream Flow Processors are Network Processing Units (NPUs) which now add a hardware layer FastPath to extend the Xstream architecture that we introduced in SFOS version 18.

Flexible to the core

One benefit of the hardware platform that we’ve chosen, is that our Xstream Flow Processors are programmable. This allows us to extend the offload capabilities in future software releases, providing additional performance improvements, even for things like crypto processes. This, combined with the ability to modify and extend connectivity on every appliance, delivers a truly future-proof solution which can adapt as the network, workforce and security infrastructure evolves.

Protection and Performance

The increase in performance varies by model and test but you’re likely to see at least a 2X performance increase over v18 running on XG Series hardware and numbers to meet or beat our key competitors on the all-important Price per Protected Mbps. The additional performance headroom allows customers to turn on essential protection, such as TLS Inspection, with the confidence that they’re removing a huge blind spot in their network visibility – which hackers are increasingly exploiting – whilst maintaining their network performance.

Sophos Firewall OS v18.5

The new appliances come with the latest v18.5 software release which not only provides support for the new hardware, but also includes all the 18.x maintenance releases since the v18 release with extensive security hardening features, VPN and SD-WAN enhancements, Central Management and Reporting capabilities, and many more improvements.

Note: 18.5 for all non-XGS Series customers is currently expected to be available in June.

Product naming and availability

The XGS Series model line-up is similar to what we offer with the XG Series:

Sophos xg firewalls
  • Desktop model numbers have been increased by ‘1’
  • 1U and 2U rackmount model numbers have an added ‘0’

We’re launching all models over a period of about four to six weeks. All XGS Desktop and 1U 2xxx and 3xxx models are available from today, April 21st and the XGS 1U 4xxx and 2U models will be available from late May.

As actual availability can vary by model and region, please reach out to your local Sophos or distribution team for further details.

The XG Series models remain available for purchase.

Where to get more information

Sophos firewall appliance reviews

You can access all the updated resources for the Sophos Firewall and XGS Series launch, including a What’s New video, on the Partner Portal.

The web updates on will be live in all core languages by 9am EDT/3pm CEST. The key pages for you to bookmark are for the new main Sophos Firewall page and for the tech specs and details on the XGS Series.

A recording of the full launch SophSkills is available on the Partner Portal.

We wish you great success selling Sophos Firewall and the XGS Series and look forward to welcoming you to further webinars and events in the coming weeks.

Today, we’re launching the first of our new XGS Series next-gen firewall appliances with Sophos Firewall OS version 18.5.

For network admins, this completely re-engineered hardware platform finally takes a common dilemma off the table: how to scale up protection for today’s highly diverse, distributed, and encrypted networks without throttling network performance.

Coupled with a highly attractive price, the new XGS Series is guaranteed to reshuffle the deck in the network firewall space.

Here are just three key highlights of this new release.

Dual processor architecture – powered by Xstream

Every XGS Series appliance has two hearts beating at its core: a high-performance multi-core x86 CPU, and an Xstream Flow processor to intelligently accelerate applications by offloading security-verified and trusted traffic to the FastPath.

This architecture allows us to retain the same flexibility to extend and scale protection as purely x86-based firewalls while also providing a performance boost that’s unhampered by the limitations of some legacy platform designs.

For example, with the programmable Xstream Flow processors, we can extend the offload capabilities in future software releases, providing additional performance improvements without changing the hardware.

Protection and performance

As much as we like to talk about speeds and feeds in the firewall space, the additional performance headroom in the XGS Series is there for a purpose: protection.

With about 90% of network traffic encrypted (source: Google Transparency Report) and almost 50% of malware using TLS to avoid detection (source: SophosLabs), organizations are leaving huge blind spots in their network visibility by not activating TLS inspection.


Just going by our own telemetry, about 90% of organizations don’t have TLS inspection activated on their firewalls. Even if we take into account that some of those may have separate solutions doing TLS inspection, it’s likely to be the minority rather than the majority. And aside from the security risk that poses, it’s pretty hard to create a policy for traffic that shows as “general” or “unknown”.

Before you all scream, “but TLS inspection breaks the internet,” Sophos Firewall includes native support for TLS 1.3 and provides a user interface which clearly shows if traffic has caused issues and how many users were affected. With just a couple of clicks, you can exclude problematic sites and applications without reverting to a less-than-adequate level of protection.

We’ve got the edge

Sophos Firewall Appliance Solutions

The XGS Series includes multiple form factors that beat the all-important price per protected Mbps of many competitive models.

XGS Series appliances are equipped with high-speed interfaces to meet the diverse connectivity requirements of businesses large and small. In addition to the built-in copper, fiber, and a range of other ports on every model, add-on modules provide the flexibility to tailor your device connectivity to your unique environment – both today and in the future.

What Is Sophos Xg

The XGS Series integrates further with edge infrastructure devices such as APX access points and our SD-RED Remote Ethernet Devices. With cloud-managed Zero-Trust Network Access and access layer network switches coming later this year, we’re bringing your network security to every edge.

Sophos Firewall OS v18.5

The new appliances come with the latest v18.5 software release, which not only provides support for the new hardware but also includes all the 18.x maintenance releases – many new capabilities and security improvements – since the v18 release.

For further information about Sophos Firewall and the XGS Series or to request a quote visit or

Sophos Firewall Virtual Appliance

For the latest SophosLabs research on TLS, check out this article.