Sophos XG Firewall provides comprehensive next-generation firewall protection that blocks unknown threats, automatically responds to incidents, and exposes hidden risks.
Blocks unknown threats
Sophos XG Firewall provides all the latest advanced technology you need to protect your network from ransomware and advanced threats including top-rated IPS, Advanced Threat Protection, Cloud Sandboxing, Dual AV, Web and App Control, Email Protection and a full-featured Web Application Firewall. And it’s easy to setup and manage.
Automatically responds to incidents
XG Firewall is the only network security solution that is able to fully identify the source of an infection on your network and automatically limit access to other network resources in response. This is made possible with our unique Sophos Security Heartbeat that shares telemetry and health status between Sophos endpoints and your firewall.
Exposes hidden risks
Sophos XG Firewall provides unprecedented visibility into top risk users, unknown apps, advanced threats, suspicious payloads and much more. You also get rich on-box reporting included at no extra charge and the option to add Sophos iView for centralized reporting across multiple firewalls.
Potent, powerful – fast
We’ve engineered XG Firewall to deliver outstanding performance and security efficiency for the best return on your investment. Our appliances are built using Intel multi-core technology, solid-state drives, and accelerated in-memory content scanning. In addition, Sophos FastPath packet optimization technology ensures you’ll always get maximum throughput.
Simply manage multiple firewalls
Sophos Firewall Manager provides a single console for the complete central management of multiple XG Firewalls. And if you also want to consolidate reporting across multiple XG, SG, and Cyberoam appliances then with Sophos iView, you can.
XG Firewall includes a number of innovations that not only make your job a lot easier, but also ensure your network is more secure.
A revolution in advanced threat protection
Sophos Synchronized Security
An industry first, Synchronized Security links your endpoints and your firewall to enable unique insights and coordination. Security Heartbeat relays Endpoint health status and enables your firewall to immediately identify and respond to a compromised system on your network. The firewall can isolate systems until they can be investigated and cleaned up. Another Synchronized Security feature, Synchronized App Control, also enables the firewall to query the endpoint to determine the source of unknown traffic on the network.
Patented Layer-8 identity control
User identity takes enforcement to a whole new layer with our patented Layer-8 identity based policy technology enabling user level controls over applications, bandwidth and other network resources regardless of IP-address, location, network or device. It literally takes firewall policy to a whole new layer.
Policy templates get you protected fast
Pre-defined policy templates let you protect common applications like Microsoft Exchange or SharePoint quickly and easily. Simply select them from a list, provide some basic information and the template takes care of the rest. It sets all the inbound/ outbound firewall rules and security settings for you automatically – displaying the final policy in a statement in plain English.
Automated user risk reports
The Sophos User Threat Quotient (UTQ) indicator is a unique feature which provides actionable intelligence on user behavior. Our firewall correlates each user’s surfing habits and activity with advanced threat triggers and history to identify users with risk-prone behavior.
Flexible deployment, no compromise
Unlike our competitors, whether you choose hardware, software, or virtual, we don’t make you compromise – every feature is available on every model and form- factor.
|Firewall throughput||28 Gbps|
|Firewall IMIX||8.5 Gbps|
|VPN throughput||2.75 Gbps|
|IPS throughput||5.5 Gbps|
|NGFW (IPS + App Ctrl + WebFilter) max||4 Gbps|
|Antivirus throughput (proxy)||3.3 Gbps|
|Maximum licensed users||unrestricted|
|Storage (local quarantine/logs)||integrated SSD|
|Ethernet interfaces (fixed)||8 GbE copper (incl. 2 bypass pairs) 2 GbE SFP* 2 10 GbE SFP+*|
|No. of FleXi Port slots||1|
|FleXi Port modules (optional)||8 port GE copper, 8 port GE SFP*, 2 port 10 GE SFP+*, 4 port 10 GE SFP+*, 2 port 40 GE QSFP+*, 4 port GE PoE, 8 port GE PoE, 4 port GE copper LAN bypass|
|I/O ports (rear):||2 x USB 3.0 (front), 1 x Micro USB (front), 1 x USB 3.0 (rear), 1 x COM (RJ45) (front), 1 x HDMI (rear)|
|Power supply External auto ranging DC||Internal auto-ranging 100-240VAC, 50-60 Hz, Redundant PSU optional (external)|
|Power consumption||32W, 109 BTU/hr (idle)
49W, 167 BTU/hr (full load)
|Operating temperature||0-40C (operating) -20 to +80C (storage)|
|Mounting||1U rack mount, (2 rackmount ears included)|
|Dimensions Width x Depth x Height||438 x 405.5 x 44mm , 17.24 x 15.96 x 1.75 inches|
|Weight||5.8 kg / 12.78 lbs (unpacked), 8.8 kg / 19.4 lbs (packed)|
SG Full Guard Bundle include Network Protection, Web Protection, Email Protection, Wireless Protection, Webserver Protection
SG Full Guard Plus Bundle include Network Protection, Web Protection, Email Protection, Webserver Protection, Sandstorm and Enhanced Support
Sophos Network Protection combines technologies to provide multi-layered Advanced Threat Protection. With command-and-control detection, Intrusion Prevention System (IPS) and VPN gateway, it protects your network by blocking harmful incoming and outgoing traffic and enables secure access for authorized users. The Sophos UTM makes it easy to control security risks whilst ensuring optimal performance tailored to your chosen deployment model.
Sophos Web Protection prevents malware infections and gives you control over your employees’ web use. Spyware and viruses are stopped before they can enter the network. And, you can quickly create policies that set where and how employees spend time online.
Sophos Email Protection secure your email gateway with Sophos UTM and get simple yet powerful protection from spam and phishing attacks. And you can protect your sensitive emails from data loss with our built-in DLP and encryption. Our intuitive browser-based interface with built-in reporting on all models make it easy to manage your mail protection.
Sophos Wireless Protection simplify your wireless networking by using your Sophos firewall or UTM asa wireless controller to centralize your Wi-Fi management and security.
Our access points are automatically set up and configured by the firewall. That means all your wireless clients get complete threat protection too.
Sophos Web Server Protection protect your externally facing servers and applications. Do you host your own websites or offer Exchange, Lync, FTP or any other kind of service to your external users. If you do, you need a fullfeatured reverse proxy with web application firewall, SSL offloading and authentication. Our Web Server Protection does all this and more to stop attacks, prevent data loss and help you meet compliance regulations.
Sophos Sandstorm is the Next-Generation advanced threat defense made simple Sophos Sandstorm uses next-gen, cloud-sandbox technology to give your organization an extra layer of security against ransomware and targeted attacks. The only network sandbox to use deep learning analysis for more effective detection, it integrates with Sophos XG Firewall, Sophos UTM, Sophos Email Appliance, and Sophos Web Appliance – no additional hardware required. And it’s great value for money. You get all the benefits of enterprise-grade protection without the enterprise price tag.