A firewall is more than just a box you put on a desk or in a rack in the back room, it’s an appliance you count on to secure your network. But it’s often hard to distinguish between which of those appliances offers the best solution for your specific needs. Enter Sophos XG Firewall. This model line has options for networks of many shapes and sizes (even including virtual and software firewalls). Sophos XG Firewall features superior visibility, protection, and response to stop malware in its tracks. This series is also noted for its ease of deployment and management for even those who may be a little less tech savvy. In honor of the X in Sophos XG, we decided to put together X (or 10 when in Rome) Sophos XG Firewall features in video form.
More on XG Firewall features
If the video whet your appetite, but you still want to learn more about the Sophos XG firewall, we can help! Check out our feature review videos of the XG 125 and the new XG 86 & XG 106. We’ve also written about Sophos’ two security services bundles, EnterpriseProtect and TotalProtect. And last, but certainly not least, if you like learning about Sophos XG Firewall features in audio form, listen to episode 3 of Ping: A Firewalls.com Podcast in which we talk to Sophos’ Chris McCormack to take an even deeper dive into the XG firewall series.
Spring is the season for the New, and Sophos has sprung forth with the XG 86 and XG 106 firewalls – the latest additions to the XG firewall family. These models replace the Sophos XG 85 and XG 105 appliances – providing new options in the desktop firewall market for small business and other small office networks. While the physical appearance, software offerings, and most technical specifications remain the same as their predecessors, the XG 86 and XG 106 come complete with 4 GB of RAM – double that of the previous iterations. And at 16 GB, the XG 86 also features two times the embedded MultiMediaCard (eMMC) storage of the XG 85.
Before we go further discussing these new firewall models, let’s back up and talk about the Sophos XG firewall family. XG firewalls are known for top notch visibility into both known & unknown threats. They see & stop malware, and ensure your network is secure – automatically. Top 3rd-party evaluators like Gartner, NSS Labs, and SC Media have found Sophos XG firewalls to be leaders of the network security pack. As part of a Synchronized Security Solution, Sophos XG firewalls can be managed with the Sophos Central cloud console, offering real-time communication with your endpoints and other security solutions around the clock through the Sophos Security Heartbeat. With that background, we turn our video spotlight to the new XG 86 and XG 106 firewalls in our latest feature review:
Sophos XG 86/86W Spec Snapshot
Here’s a quick snapshot of the technical specifications for this small business firewall:
To take a deeper dive into your Sophos network security options, read through our Sophos Buyer’s Guide. In it, you’ll find information about different Sophos firewall series, security bundles, services, & even a glossary of terms to help you navigate your Sophos NGFW shopping journey.
Sophos XG firewalls offer a wide range of easy to deploy, next-gen appliances to fit just about any network size – from home office to small business to enterprise. XG firewalls are noted for superior visibility into risky activity, and their ability to stop both known & unknown threats automatically. When it comes to malware and your network, they’re able to see it, stop it, & secure it. As part of a Synchronized Security Solution, Sophos XG firewalls can be managed with the Sophos Central cloud console, communicating instantaneously with your endpoints and other security solutions around the clock through the Sophos Security Heartbeat. Noted third-party evaluators like Gartner, NSS Labs, and SC Media have all recognized Sophos XG firewalls as top-of-the-class. We’re taking a closer look at the Sophos XG 125, a desktop appliance that punches above its weight in performance for small business and branch office networks. Check out our video review:
Sophos XG 125/125W Spec Snapshot
Here’s a quick snapshot of the technical specifications for this small business firewall:
If you’re focused on Sophos, you can take the guesswork out of your purchase by learning about different Sophos firewall series, security bundles, services, & more. Get all the info with our Sophos Buyer’s Guide.
Okay, the answer to our network security riddle courtesy of Sophos isn’t quite that simple, but getting your hands on one of these bundles will make protecting your organization’s cyber assets as easy as 1 + 1 = 2. Let’s back up and go over a few terms. A bundle is made up of related products and services combined into one handy package. Sophos is a worldwide leader in cybersecurity hardware and software, entrusted by organizations of many shapes and sizes with protecting their networks.
EnterpriseProtect pairs next-generation Sophos XG firewalls with always-on security services and support. The bundle features Sophos Network Protection, Web Protection, and Enhanced Support so your firewall will be ready to offer comprehensive network security on day one. Now that we’ve gone over the basics of what EnterpriseProtect is, let’s dive deeper into each piece of the bundle.
The cornerstone of network security is the firewall and you can’t find a much stronger one than the Sophos XG series. There’s an XG model to fit just about any size of an organization, whether you have 25 or 2,500 users. These firewalls are known for their superior ability to expose hidden risks, block unknown threats, and automatically respond to infections to isolate and stop them in their tracks.
If you have an XG firewall, you’re already well on your way to winning the network security battle, but EnterpriseProtect doesn’t stop there. A Network Protection subscription includes NSS top-rated intrusion prevention, Advanced Threat Protection (ATP) to detect and block bad traffic, and the Sophos Security Heartbeat to instantly diagnose compromised endpoints.
You also get both clientless VPN support as well as Remote Ethernet Device (RED) VPN options, which feature central management for all RED devices and automatic connection with no configuration necessary, providing plug-and-play access to remote users.
Another reason to have a firewall is to manage web traffic, both inbound and outbound, so busy users can’t stress your network. A Web Protection subscription gives you live, real-time protection with enhanced web filtering that has millions of blacklisted sites already flagged (and more URLs added every day) by SophosLabs.
You can also set policies for surfing and access time, dynamically block unwanted keywords and applications with Smart Filters, and count on SafeSearch enforcement. All this, with advanced malware scanning and protection and cloud application visibility.
All of these features and services are vital to a secure network, but just like Michael Jordan couldn’t win six NBA titles without Scottie Pippen, keeping your network humming in championship form requires that someone have your back.
Enhanced Support offers a warranty and hardware replacement for your firewall, as well as 24/7 multi-channel support, software downloads, updates, and maintenance courtesy of Sophos. Rest assured that your network will have its own strong supporting cast.
That’s EnterpriseProtect in a nutshell. Now that you understand your options, you may be wondering which Sophos XG Firewall best fits your needs? We’ve got you covered with our Sophos Buyer’s Guide, featuring all the information you’ll need to make the best choice for your organization’s network protection.
And speaking of bundles, how does a free XG Firewall sound? If you purchase three years of EnterpriseGuard Plus (which features all those services described above, plus the Sandstorm cloud-based sandbox), FullGuard (which includes the services described above along with Email and Web Server Protection), or FullGuard Plus (which combines the best of both subscription packages), we’ll throw in your Sophos XG firewall for free!
Synchronized Security is a system designed by Sophos to address a glaring shortcoming in most cybersecurity environments: lack of coordination. Security companies tend to focus on developing individual products to address specific points of attack, often ignoring the bigger picture of holistic network security. These old-school approaches to cybersecurity are complex, short-sighted, and composed of several disparate moving parts. As organizations adopt more and more security solutions, they slowly build their own InfoSec-version of Frankenstein’s monster. For those of you who haven’t read the famous tale, it doesn’t turn out that well.
What Does Synchronized Security Include?
Synchronized Security allows the individual aspects of your security setup to communicate in real time and make decisions based on complete context. Here’s a closer look at some of the handy features that make up Synchronized Security:
Sophos Security Heartbeat – A secure communication link that allows Sophos products to communicate and share information about your network health. In mere seconds, the Security Heartbeat can detect, judge, and respond to incidents on your network; a process which once took hours to complete while your network was left in limbo.
Synchronized App Control – Providing instant insights into unidentified software, Synchronized App Control grants the level of detailed oversight that administrators crave. This includes the ability to map unknown applications, organize them into categories, and prioritize bandwidth for mission-critical processes. Watch this Sophos video on Synchronized App Control to learn more.
Sophos Central – A security platform through which network administrators can manage all Sophos products and protections on one screen. This smooth, intuitive dashboard comes with convenient “traffic signal” indicators that instantly identify the status of your security: green is good, yellow is cautionary, and red means an issue needs your attention.
Automated Incident Response – Incident response used to take hours, days, or even weeks. Sophos transformed this process into a sub-minute affair with Automated Incident Response. Information is shared across your security system to make instantaneous decisions about suspicious activity. Infected endpoints are isolated before threats can spread, shutting down both east/west and vertical movement.
Add Synchronized Security to Any Existing Network
By now you may be thinking “This sounds great, but I already have an established network with a different brand of firewall.” You’re in luck! Synchronized Security can be bolted onto your existing network, expanding and improving your current security capabilities. All you need to enable Synchronized Security is an XG Firewall installed on your network. This can be deployed in two configurations: as an Inline appliance in bridge mode or in Discover mode (TAP mode) through a mirror port. Either method can be done in just a few minutes with Sophos’ step-by-step deployment wizard.
Inline vs Discover Mode
A Discover Mode deployment is the least intrusive method, offering a risk-free way to increase visibility of unknown applications. By connecting an XG Firewall to a mirror port on a network switch, you start receiving valuable insight immediately. Though you will be unable to add more advanced Sophos security controls in Discover Mode (like sandboxing & web server protection), these insights position you for a greater understanding of your true network traffic.
An inline deployment sheds even brighter light on your network, serving up unparalleled application visibility. By deploying an XG Firewall “behind” your current appliance, you gain Security Heartbeat, Synchronized App Control, & Automated Incident Response. The flexibility offered by fail-open bypass ports enable deployment of an XG Firewall in bridge mode, allowing traffic to flow without disruption even if the appliance needs to be shut down or rebooted.
What’s In It For Me?
Fewer unknown threats hiding on your network.
Automated Incident Response to isolate infections before they spread.
Effortless endpoint health monitoring with Security Heartbeat.
Plus, you can try it out risk-free for 30 days.
Sophos will ship you an XG Firewall to test out for free, letting you explore Synchronized Security for yourself. Not impressed? Just ship it back.