Sophos Xg Utm

Posted on  by admin

Sophos SG UTM & XG Firewall Lifecycle Policy Sophos Network Security software is continuously enhanced with new features and technologies protecting against most recent threats. For this reason, new software releases are launched on a regular basis. General hardware support policy for Sophos UTM, SG, XG series appliances, Sophos Access Points, and RED devices: Lifecycle milestones are applied to a specific model, not to a specific revision of the model. If an end-of-sale or end-of-life is announced for a specific model this applies to all revisions. Sophos UTM 9 and XG Firewall Migration Frequently Asked Questions What is the difference between SG and XG? As you know, Sophos SG Series appliances with UTM 9 firmware are our leading and award-winning Unified Threat Management (UTM) platform. Sophos UTM has a long and successful history that extends back several years. A few SG UTM features are still making their way to XG Firewall and are planned for future releases. AWS support will initially have a baseline feature set which will increase over the course of this year, and scheduled firmware updates are also coming soon to Sophos Central. Download the XG home SW version and install it on a blank system. The ISO will install the XG and proceed with the installation/activation. UTM is a more robust product and has some advanced features that XG does not have at the moment. For the license side, what you wrote is correct.

  1. Sophos Utm Xg Migration Tool
  2. Sophos Xg Utm Difference
  3. Sophos Xg Utm Ipsec Vpn

When doing changes on your network, in ex. giving known hosts new IP’s or giving new servers the IP’s of the old ones, there will be a need to reset the ARP table to make sure that traffic can traverse the firewall again, this can be done by reboot’s or but doing a SSH conenction to the firewall and type this in root mode:

“ip -s -s neigh flush all”


Yoiu can also show the ARP entries currently in the system with command “arp -n”

The above command will also work on Sophos XG firewall in the shell, however it has a gui for the same:


Source: Sophos XG Firewall: How to Flush the Neighbor Cache

Sophos Utm Xg Migration Tool

Related Posts

Many of our loyal SG UTM customers, have become curious since the release of XG Firewall v18 and are asking what it potentially means for them.

SophosSophos Xg Utm

We’ve had a lot of questions about the new features, how this release now compares to SG UTM and if this is perhaps the time to take a look at XG Firewall.

SG UTM features added in XG Firewall v18

Let’s first address the new enhancements in XG Firewall v18 that many of you identified as top priorities:

Flow monitor

One of the most popular features in UTM 9, the flow monitor allows you to view traffic flows and bandwidth consumption in real time. It’s now available in XG Firewall. You can view connections by application, user, or host, and easily filter or sort the results.

Plug-and-play HA

One of the hallmark features of SG UTM has long been plug-and-play HA. A similar experience is now available in XG Firewall with the QuickHA option where you simply specify a port, connect your devices, and go.

Actionable logs

Another welcome addition to XG Firewall is the ability to take actions directly from the log viewer. This is thanks to new context-sensitive options that enable you to refine a search or filter on any content in a log entry, as well as take actions such as block or allow traffic.

Other SG UTM features now in XG Firewall

These include DKIM anti-spam, category-based web quotas, SNMP v3 support, VLANs on bridge interfaces, interface renaming, Kerberos support, route-based VPN, SD-WAN link balancing and routing policies, and so much more.

A few SG UTM features are still making their way to XG Firewall and are planned for future releases.

AWS support will initially have a baseline feature set which will increase over the course of this year, and scheduled firmware updates are also coming soon to Sophos Central.

After that, you’ll see DLP custom pattern support, HA support for three or more nodes, and HA support for XG Series w-models with integrated wireless in upcoming releases.

What do the new innovations in v18 mean for you?

Improved performance: XG Firewall v18 introduced the new Xstream Architecture with an all new high-performance proxy-less DPI engine for efficient stream scanning in a single engine, and the new Network Flow FastPath for accelerating trusted traffic and important applications.

Unmatched TLS inspection and encrypted traffic visibility: The new Xstream TLS Inspection engine now natively supports TLS 1.3 without downgrading and delivers over twice the performance of the previous solution.

Enhanced zero-day threat protection: XG Firewall v18 brings new artificial intelligence and machine learning-based threat protection from file-based threats. Combined with the industry-leading IPS engine in the new Xstream Architecture, and dynamic sandboxing analysis, XG Firewall is now the most formidable defense against the latest advanced threats.

Sophos xg utm comparison

Reliable SD-WAN app routing with Synchronized Security: Customers deploying both XG Firewall and Sophos Intercept X Endpoint get even more value than ever from their Synchronized Security Solution.

Synchronized SD-WAN leverages the added reliability that Synchronized Application Control delivers to better optimize and accelerate important applications in SD-WAN deployments. This adds to the extensive benefits that Synchronized Security already provides in monitoring endpoint health and using dynamic firewall rules to automatically isolate compromised hosts to prevent lateral threat movement and data loss.

Easy and powerful Central Cloud Management: Sophos Central cloud management not only enables you to manage all your Sophos products from a single-pane-of-glass but also offers rich XG Firewall features for group firewall management, monitoring, reporting, and zero-touch deployment… all at no extra charge!

Getting started

Sophos Xg Utm Difference

If you’re interested in taking advantage of all the great new enhancements in XG Firewall, you can do so for free. Your license can be transferred over at no extra charge. And, your local partner or Sophos Professional Services team will be happy to help.

Sophos Xg Utm

Your existing SG Series hardware is fully supported (except for the SG 105 which lacks the minimum required 4 GB of memory). However, you may want to take this opportunity to consider refreshing your hardware.

If you’re not quite ready to take the plunge, you can still take advantage of many of the new capabilities in XG Firewall such as Synchronized Security, by installing an XG Series appliance inline with your existing SG UTM. The built-in bypass ports make this a risk-free solution, and it can be a great way to help with the transition from UTM to XG when you’re ready.

Sophos Xg Utm Ipsec Vpn

Thank you!

On behalf of everyone at Sophos, let me take this opportunity to acknowledge your ongoing loyalty and helpful product feedback.

You’ve not only been tremendous influencers and contributors to the success of SG UTM, but you’re also now helping to build XG Firewall into a world-class next-gen firewall solution. Thank you!