Sophos XG Firewall – simpler, faster, and more-in-one

XG FirewallIf you’ve been following news about the XG Firewall, you’re no stranger to a lot of the great new technology we’ve packed into this next-generation firewall. However, you may be wondering, what does it all mean?

Well, today I’m going to discuss how all of this great new technology makes your next Sophos firewall a lot simpler, faster, and provides more in a single appliance than any competitor’s product.


If you know anything about Sophos, it’s that simplicity is part of our DNA. But it’s not just a hook to hang our hat on – it’s incredibly important. Complexity is the enemy of security. Complexity often translates into security systems that are not properly deployed, configured, or even worse, completely unused. So simplicity is not just a nice-to-have, it’s essential … because simpler security really is better security.

So how does XG Firewall make network security simpler?

It starts with the thoughtfully designed Control Center that surfaces useful information for a typical IT administrator using helpful traffic-light-type indicators that clearly indicate when something needs attention with instant drill-down to easily get additional information and insights, or to take action.


Next, the streamlined navigation menus stay out of your way while still providing quick access to all areas of the system. In fact, you’re never more than three clicks from anywhere. They’re designed with built-in help, making discovery easy. And they remember your last selection, requiring even fewer clicks to access your most often used screens.


And we talk a lot about this, but that’s because it’s so helpful: Unified Policy Management. Having all policies, across all functional areas unified on a single screen with powerful filtering tools makes it easy to create and manage policies that are normally spread across several different screens, tabs or modules in most other firewall products.


So what do the control center, navigation and unified policy management have in common? They all make managing your network security and firewall a lot simpler. Simpler to find what’s important, take action, and get common tasks done quickly and easily.


With the increasing demands on networks these days, firewall performance is as important as ever. However, a lot of competitors might want you to think that custom chips or bypassing proper security scanning are the answers to increasing performance. We disagree.

So how does XG Firewall improve performance?

It starts with our decision to build our XG Series on Intel’s proven multi-core architecture. Then we add amazing high-performance, solid-state storage in every model, and offer the ultimate in flexible high-speed connectivity options.


But it doesn’t stop there. XG Firewall includes a number of architectural performance improvements that all add up to make the industry’s fastest firewall even faster! We’ve re-architected the AV proxy, optimized the next-gen IPS engine, and implemented FastPath packet optimization as well.


FastPath Packet Optimization enables secure and trusted packets to take the fast path through the firewall policy engine, greatly improving performance. It’s important to keep in mind that FastPath is NOT stream scanning, which is a technology used by many competitors to optimize malware scanning – a technique that we don’t endorse because it can compromise on security. Interestingly, our performance without stream scanning still beats competitors, so it’s really not worth the risk.


No one delivers more network protection capability and value in a single appliance than Sophos. With most other vendors, if you want to add email protection, web server protection and reporting, you’re looking at three more boxes and all the cost and complexity that comes with that. Not with Sophos.

So how does XG Firewall provide more in one box than anyone else?

If you want to extend your next-gen firewall to add capabilities like a web application firewall with reverse proxy, or email protection with anti-spam, DLP and encryption, it’s easy and affordable. Simply update your license: no additional boxes, no additional deployment, no additional complexity. Simple.

A great new example of providing more-in-one is the new Sophos Security Heartbeat™ feature that connects your Sophos Cloud Endpoints with your firewall, enabling them to exchange important status and health information. It makes identifying and isolating advanced threats quick and easy … and it’s built right in to the Network Protection module of the XG Firewall.


Sophos is also unique among firewall vendors because we include on-box reporting at no extra charge. And XG Firewall brings a couple of helpful new metrics and reports like User Threat Quotient, which monitors the recent behavior of users on the network to identify those most at risk …


… and the Application Risk Meter which provides an aggregate score of the overall risk of applications on the network makes it easy to identify and remedy potential issues before they become problems.


These are just a few of the ways that Sophos makes XG Firewall, simpler, faster, and more-in-one than any competing firewall out there, which explains why more and more organizations are choosing Sophos for their next firewall.

In the days and weeks ahead, we’ll be looking at more and more of the ways Sophos is innovating the Firewall to make it simpler, faster, and more-in-one.

Subscribe to the Sophos Blog to keep up with the latest product insights and news. Simply enter your email address in the sign-up field in the upper right corner of the blog homepage to receive our newsletter. You can also sign up for our RSS feed.

XG Firewall

Leave a Reply

Your email address will not be published. Required fields are marked *