With this integration, Sophos Firewall leverages two dedicated artificial intelligence engines to detect malware communications and communications using algorithmically generated domain names.

This new feature, stemming from the Sophos Network Detection and Response probe, aims to identify malware communications even when they are previously unknown or not yet indexed.

It complements the Active Threat Response capabilities already implemented in Sophos firewalls.

According to Chris McCormack, Senior Product Marketing Manager at Sophos, “NDR traffic analysis requires substantial processing power. That’s why we’ve adopted a new approach by deploying an NDR solution in Sophos Cloud to offload the heaviest tasks from the firewall.”

Sophos Connect now integrates EntraID for SSO

This new feature of the VPN client bundled with Sophos Firewall enhances both security and user experience for SSL and IPSEC VPN connections.

It is now possible to use EntraID (Azure AD) to authenticate users and implement multi-factor authentication for Sophos Connect and access to the user portal hosted by the firewall.

Other VPN-related improvements include:

• Improved user interface and usability: Connection types have been renamed from “site-to- site” to “policy-based”, and tunnel interfaces have been renamed “route-based” to make them more intuitive.
• Dynamic validation of the IP address pool allocated to VPN connections (SSL VPN, IPsec, L2TP, and PPTP) to better resolve potential IP address conflicts.
• Strict profile enforcement: In IPsec profiles, default values are now excluded to ensure algorithm synchronization, thereby eliminating possible fragmentation of session negotiation packets that could otherwise prevent site-to-site VPN tunnels from being established.
• Route-based VPN and SD-RED scalability: The system now supports up to 3,000 simultaneously established tunnels. Sophos Firewall solutions can now handle up to 1,000 SD-RED site-to-site tunnels and up to 650 concurrent SD-RED devices.

Additional management improvements include:

• More flexible DHCP Prefix Delegation (IPv6 DHCP-PD): Now supports /48 to /64 prefixes, improving compatibility with certain internet service providers.
• Router Advertisement (RA) and DHCPv6 server: Now enabled by default.
• Resizable table columns: The web admin interface continues to adapt to ultra-wide screens, and many configuration pages now allow column resizing as needed.
• Enhanced object search functionality: The search field in the SD-WAN routing configuration screen now supports more criteria (route name, ID, objects, object values such as IP addresses and domains, among others). Local ACL rules now also support object name and value searches, including content-based searches.
• Default configuration changes: Default firewall rules and rule groups previously created during new firewall setups have been removed. Only the default network rule and MTA rules are now provided in the initial configuration. The default firewall rule group and the default gateway probe for custom gateways are both now set to “None” by default.

Secure by Design

Sophos continues to enhance the intrinsic design of its firewalls. The secure-by-design approach includes containerization of specific features and integrity checks on critical operating system files using mathematical checksums.

Any checksum mismatch triggers a potential compromise alert, allowing monitoring teams to proactively identify possible security incidents affecting the firewall OS integrity. Incident response and development teams are then able to react swiftly to critical incidents.

Availability

Customers can now manually download and deploy this update on any Sophos Firewall equipped with a valid license.

• Nine New Sophos XGS Firewall Appliances Feature Boosted Performance with Reduced Energy Consumption
• Sophos Firewall Software Can Now Use Third-party Threat Intelligence Feeds for Extended Protection Against Cyberattacks

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today introduced nine new XGS Series desktop firewall appliances for midmarket and smaller-sized businesses, as well as branch offices of larger organizations.

The new XGS appliances feature a streamlined architecture to deliver double the performance of previous models, but with 50% lower energy consumption.

All of the new Sophos XGS appliances are available with multiple high-speed connectivity options, and four models are fanless, making them ideal for noise-sensitive environments.

Sophos has also announced updated Sophos Firewall software that provides enhanced protection against cyberattacks, including the ability to integrate third-party threat intelligence feeds.

This allows organizations with specific regional or vertical market requirements to customize and apply additional information to strengthen their firewall security.

The new software also enhances distributed network scalability and provides a seamless transition for customers on legacy firewalls to upgrade to the latest Sophos XGS appliances.

By leveraging the improved acceleration capabilities of the virtual FastPath in the new Sophos Firewall software, along with the new streamlined architecture, the new Sophos XGS firewall appliances can deliver up to three times the performance in IPsec VPN throughput compared to previous models.

“The new Sophos XGS appliances and Sophos Firewall software launches are all about providing users with world-class ‘performance and protection’ at competitive pricing. We’re innovating and advancing how organizations should use firewall technology to defend against persistent, modern-day cyberattacks targeting the midmarket and smaller businesses,” said Dan Cole, senior vice president, Network and Content Security at Sophos. “This includes designing our firewall software to now also leverage threat intelligence feeds from third-party sources, in addition to Sophos’ native threat intelligence, for faster, real-time response to a broader scope of suspicious activity. The support also gives defenders greater control over their risk profile.”

Specifically, users can now configure Sophos Firewall software to ingest paid and free feeds published by security vendors, Managed Service Providers (MSPs), specific industry consortiums and Information Sharing and Analysis Centers (ISACs), or other threat intelligence platforms.

The third-party data augments Sophos’ proprietary threat intelligence, which derives from Sophos X-Ops and includes telemetry from SophosLabs, Sophos Managed Detection and Response (MDR) and Sophos Extended Detection and Response (XDR) technology.

In conjunction with Sophos Active Threat Response, a feature built into Sophos-managed endpoints and the intelligence feeds, Sophos Firewall software will initiate a synchronized response that automatically walls off potential attacks, giving defenders critical time to assess, respond and remediate.

Additional Sophos Firewall software enhancements include:

• Enhanced performance and scalability: Triple the IPsec VPN performance boost on the new XGS Series desktop appliances, as well as faster authentication burst performance and optimizations to reduce downtime and increase resiliency during failovers for SD-RED tunnels, dynamic routes and Active Directory interactions for distributed enterprise environments
• Streamlined management: Refreshed user experiences; support for Let’s Encrypt certificates; integrated support for Google Workspace authentication; and expanded network object visibility that simplifies firewall management
• Seamless device upgrades: A new configuration backup assistant and port mapping support, backed by free license overlap for Sophos XG firewall customers, that enables added flexibility and easy upgrading from previous hardware generations

“This release of new desktop models as part of the Sophos XGS Series of hardware appliances sets a new high bar for performance and efficiency. The update enhances value at every price-point, with a three-fold increase in IPsec VPN throughput and up to two times better overall performance, all while cutting energy consumption in half,” said Christopher Rodriguez, research director for Security and Trust at IDC. “Combined with enhancements in protection, scalability and ease-of-use from their latest OS release, Sophos Firewall provides significant value to organizations of all sizes, without raising its prices.”

“Sophos makes firewall deployment, integration and management straightforward,” said Benjamin Schwarzbauer, team lead, Network and Security at Luithle + Luithle, a Sophos partner in Germany. “Its tight integration with the broader Sophos ecosystem allows us to efficiently manage security for our customers. The firewall’s comprehensive features not only strengthen security, but also ensure reliable performance and regulatory compliance. This allows our customers to focus on their business.”

Availability

Sophos’ new XGS desktop firewall appliances and Sophos Firewall software are available exclusively through Sophos’ global channel of partners and Managed Service Providers (MSPs).

Defenders can easily manage the solutions in the cloud-native Sophos Central platform alongside Sophos’ portfolio of endpoint, email and cloud solutions and oversee installations, respond to alerts and track licenses and upcoming renewal dates via a single, intuitive interface.

Today, Sophos, a global leader in innovating and delivering cybersecurity as a service, announced the expansion of its next-generation firewall portfolio with two new high-end, enterprise-grade XGS Series appliances.

The new XGS 7500 and 8500 models provide unrivaled performance and protection for large enterprise and campus deployments, broadening market opportunities for the channel partners that serve them.

“Large enterprises are under incredible pressure to support tens of thousands of users, all while protecting against complex cyberthreats and demonstrating clear return on IT infrastructure investments amidst today’s challenging economic climate,” said Daniel Cole, vice president of network security product management at Sophos. “Sophos is shaking up the competitive enterprise firewall landscape with these new high-performance appliances, providing best in class price per protected megabit per second (Mbps). Network performance, reliability and security are top of mind as customers grow and expand their infrastructure needs, and these platforms enable organizations to grow and scale without having to compromise on security, which is often the case in larger, more demanding environments. For our channel partners, we’re creating new opportunities to support distributed organizations needing everything from managing an office of one to the most complex environments protecting tens of thousands of distributed users.”

The new XGS 7500 and 8500 models deliver industry-best modular connectivity; highly scalable software-defined wide area network (SD-WAN) features; trusted traffic and application acceleration; high performance Transport Layer Security (TLS) inspection; threat protection; and enterprise-grade, high-availability and redundancy capabilities. Featuring high performance Xstream flow processors and central processing units (CPUs) with enterprise-grade acceleration, the models offer roughly 50% faster throughput than industry averages in their class:

• Up to 190 gigabits per second (Gbps) firewall throughput
• Up to 141 Gbps Internet Protocol Security (IPsec) virtual private network (VPN) throughput
• Up to 93 Gbps intrusion prevention system (IPS) throughput
• Up to 76 Gbps next-generation firewall (NGFW) throughput
• Up to 34 Gbps threat protection throughput
• Up to 24 Gbps Xstream Secure Sockets Layer (SSL) and TLS inspection
• Support for up to 58 million concurrent connections
• Support for up to 1.7 million new connections per second

Additional highlights:

• Up to two times better energy efficiency than the industry average when using IPsec VPN
• High speed connectivity with two QSFP28 ports supporting speeds of up to 100 Gbps
• High capacity, high-speed random access memory (RAM) and non-volatile memory express (NVMe) solid-state drives for improved compatibility and storage
• Unique programmable Xstream architecture delivers unmatched levels of protection, performance and visibility
  • Intelligent TLS inspection guarantees industry leading performance, flexibility and transparency into all encrypted traffic
  • Deep packet inspection (DPI) engine delivers threat protection in a single streaming engine for antivirus, IPS, web, app control, and TLS inspection
  • Network FastPath technology ensures automatic and policy-based intelligent offloading of trusted traffic processing at wire speed

Sophos Firewall is a key pillar of Sophos’ SASE strategy. It provides a more simplified, scalable and secure solution over traditional remote access VPN, and integrates with Sophos ZTNA (zero trust network access) under one unified management plane.

The network solution is part of the Sophos Adaptive Cybersecurity Ecosystem, which integrates Sophos’ anti-ransomware endpoint solutions, as well as its entire portfolio of products, services and Sophos X-Ops threat intelligence for faster and more contextual and synchronized detection, protection and response.

How about the Availability?

Sophos Firewall is available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs).

It is easily managed in the cloud-native Sophos Central platform alongside other solutions, where users can oversee installations, respond to alerts and track licenses and upcoming renewal dates via a single, intuitive interface.

Partners can also leverage Sophos Managed Detection and Response (MDR) as a comprehensive service to detect and respond to threats across customers’ existing security deployments, with integrated telemetry across endpoints, networks, firewalls, servers, cloud, identity, and email security technologies.

The industry-leading service offering is trusted by more than 15,000 organizations for 24/7 threat hunting, detection and response with industry-first third-party integration capabilities and a $1 million Sophos Breach Protection Warranty that’s now available via Sophos’ MSP and reseller partner networks.

The new offering adds another component to Sophos’ secure access portfolio, which also includes Sophos Firewall and Sophos Wireless.

“Sophos Switch seamlessly integrates with the Sophos adaptive cybersecurity ecosystem to extend connectivity across office LANs,” said Joe Levy, chief technology officer at Sophos. “We’re removing the complexities of multi-vendor deployments by providing organizations and channel partners with a single source of management, monitoring and troubleshooting.”

Switches are remotely managed in the cloud-based Sophos Central platform. This enables partners to oversee all customer installations, respond to alerts, and track licenses and upcoming renewal dates via a single, intuitive interface.

“Sophos Switch perfectly complements the existing Sophos portfolio – it was the missing piece in our IT security offering, and now gives our business even more clout. We were already very successful with Sophos Firewall, and thanks to Sophos Switch we are now able to unleash the full power of Sophos’ products and services. Our experience from the early access program proved that Sophos Switch is a game changer for us, and we were very positively surprised at how well the product worked from day one,” said Patrizio Perret, chief technology officer at Avanet.

“While a switch is pretty much a commodity these days, Sophos is adding the necessary spice to the hardware with the software capabilities. Sophos’ adaptive cybersecurity ecosystem is the magic ingredient that will make Sophos Switch something really special by enabling companies to integrate it with other Sophos security components in their network.”

Availability

Switches with eight, 24 and 48 ports are available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs).

These are ideally suited for small and medium-sized businesses, remote and home offices, retailers, branch offices, and more.

More about Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. 

Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors.

Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide.