Sophos Launches New XG Firewall Version, Adds New Application Visibility And Deployment Options

Sophos continues to add to its firewall capabilities, announcing on Tuesday the launch of the latest version of its Sophos XG Firewall.

The Sophos XG Firewall Version 17 looks to fill the gaps in areas that firewalls traditionally have lacked visibility or capability around, Senior Vice President of Enduser and Network Security Group Dan Schiappa.

"I think this will be without a doubt the best firewall we have ever delivered," Schiappa said.

[Related: Boost For Partners: 7 Ways Sophos Is Raising The Innovation Bar]

Sponsored post

One of the "marquee features" of the launch is the new Synchronized App Control capability, which leverages information from the endpoint to classify previously unclassified network traffic and applications through the firewall. Schiappa said this is important because unclassified network traffic accounts for around 60 percent of traffic through the firewall, and is the equivalent of "an airport scanner allowing 60 percent of luggage to through without screening."

"It exponentially increases the visibility and protective nature of the firewall," Schiappa said of Synchronized App Control.

The new Sophos XG Firewall also adds a policy test simulator so that partners can test the effects of policy creation on existing policies. Schiappa said this feature has been a request by many partners – as policies get more complicated, a new policy could potentially block or undo existing policies.

Finally, Sophos has added the ability to run the firewall in tap mode, allowing partners to either use it in discover mode or get the benefits of Sophos alongside a different firewall brand. Schiappa said the new XG Series hardware appliances would include new bypass ports to aid in this capability. Similar to Intercept X, Schiappa said this launch would allow partners to address the market of customers who have already invested in a competitive solution to get the benefits of Sophos' synchronized security strategy.

"This launch provides the ability to take the synchronized security story that may already have vendors in place, but don't provide this capability or depth. Now we have solved that problem and saved the headache of rip and replace," Schiappa said. "You can run it alongside of it and plug the missing gaps in security," he said.

Schiappa said Sophos has also made incremental improvements to some of the features of the firewall, including improving usability around the log viewer and firewall rule management. The changes were designed to improve usability and quality of some of the firewall basics, he said.

Sam Heard, president of Lakeland, Fla.-based Data Integrity Services, cheered the new updates to the XG Firewalls, saying the consistent pace of innovation from Sophos has been comforting and encouraging to partners.

"The innovation is the kind of thing that gives me a very settling type of comfort, like a warm soup on a cold night … I like the fact that they are continuing to acquire security driven technology and merge it into their portfolio," Heard said.

Heard said the shining star of this update is the new Synchronized App Control capability, which he said will differentiate Sophos and help fill a gap for customers around application classification. He said that is the "primary feature I want to test" from the update.

"That feature will be a game changer. I don’t think anyone else can do what they are doing with the endpoint and the firewall," Heard said.

Heard said he also looks forward to the option to deploy the XG Firewall in tap mode, as it will allow him to test the solution with customers or deploy it with those already using a competitive offering. He said that is particularly important in the SMB market, which Data Integrity Services sells to, as budgets are tight and customers can't always afford more expensive SIEM solutions or other network monitoring tools.

The new Sophos XG Firewall version is available this week through Sophos partners, the company said. Schiappa said Sophos would be launching tailored incentives for partners around the new solution, including promos and certifications.