The team is hard at work putting the finishing touches on our next major release of XG Firewall, and it is a huge release! XG Firewall v17.5 brings some amazing new Synchronized Security features as well as many of your most-requested features.
The best part is you can start taking advantage of many of these new capabilities today, as part of the Early Access Program.
What’s new in XG Firewall v17.5
Here’s a quick overview of the key new features in v17.5:
- Synchronized Security – lateral movement protection – extends our Security Heartbeat™ automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same subnet. The firewall instructs all healthy endpoints to completely isolate any unhealthy endpoints.
- Synchronized User ID – utilizes Security Heartbeat™ to greatly streamline authentication for user-based policy enforcement and reporting in any Active Domain network by eliminating the need for any kind of server or client agent.
- Education features – such as per-user policy-based control over SafeSearch and YouTube restrictions, teacher enabled block-page overrides, and Chromebook authentication support.
- Email features – adds Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim, which closes a couple of top requested feature differences with SG Firewall.
- IPS protection – is enhanced with greatly expanded categories enabling you to better optimize your performance and protection.
- Management enhancements – including enhanced firewall rule grouping with automatic group assignment, and a custom column selection for the log viewer.
- VPN and SD-WAN failover and failback – including new IPSec failover and failback controls and SD-WAN link failback options.
- Client authentication – gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing.
- Sophos Connect – is our new IPSec VPN Client, free for all XG Firewall customers, that makes remote VPN connections easy for users, and supports Synchronized Security.
In addition, coming in a following maintenance release we have:
- Wireless APX access point support – provides support for the new Wave 2 access points providing faster connectivity and added scalability.
- Airgap support – for deployments where XG Firewall can’t get updates automatically via an internet connection (due to an “airgap” or physical isolation) – XG Firewall can now be updated via USB.
Sophos Central management of XG Firewall
With v17.5, XG Firewall is also joining Sophos Central. The Early Access Program for Sophos Central Management of XG Firewall is expected to start soon.
You will be able to manage XG Firewall from within Sophos Central along with all your other Sophos Central products. And there’s a few great new features coming along with Sophos Central Management of XG Firewall:
- Secure access and management with single-sign-on through Sophos Central from anywhere.
- Backup management and storage for your regularly scheduled firewall backups.
- Firmware update management to make multiple firewall updates easy.
- Light-touch deployment to enable easy remote setup of a new firewall.
Get early access now!
Head on over to the XG Firewall Community Forums to get the v17.5 EAP firmware update, additional information on what’s new, and to share your feedback with the Sophos Product Team and the rest of the community.