Sophos UTM 9.6 is now available

CorporateNetworkSophos UTMUTMUTM 9.6

Sophos UTM 9.6 is out now! Here’s what’s included in the new release.

You know the old saying, “The rich get richer”? Well, our UTM 9 platform is feature rich, but every year we pack more and more features into it. This year is no exception with our UTM 9.6 release.

Here’s what’s included in UTM 9.6

Let’s Encrypt integration

  • Generate and renew Let’s Encrypt certificates from within the UTM
  • Generated certificates can be used in all UTM components

Web Application Firewall (WAF) page customization

  • Custom themes for all error pages that are delivered via the WAF
  • Enables the use of a custom corporate identity on all pages

Manual Sandstorm submission

  • Allows an admin to upload a file for detonation within Sophos Sandstorm
  • Files that have not been received via email or web download can also be analyzed with Sophos Sandstorm

Persistent Sandstorm reports

  • Enhanced reporting for Sandstorm activity over time and with historic information
  • Reporting also covers hash lookup based results from Sophos Sandstorm

Other enhancements

  • Unified RED firmware with improved 3G/4G support
  • Submission port support in SMTP proxy
  • Configurable listen address in SMTP proxy
  • New advanced thread protection library with better performance and protection

The full release notes can be found on the Sophos Community.

How to get it

The release will be rolled out automatically in phases over the coming weeks. For anyone that wants the latest and greatest now, you can download the latest firmware yourself.

If you have any questions, check out the Sophos UTM 9 Community Forums.

10 Comments

No IKEv2?

Reply

Hi, adding IKEv2 support would have significantly delayed v9.6. It may be considered for a future release. IKEv2 support is available in XG Firewall.

Reply

I am sorry to say that i have evaluated XG but it does not have the VPN capabilities of SG. In order to nat multiple networks to one we have to add static route via CLI towards the ipsec interface. IF you have more than 40 VPN Tunnels is just annoying.
IKEv2 is a ten year feature request for SG, For me, that i use Sophos from Version v.7.xx (Astaro) is very disappointing to see a great product such SG to be overthrown in development by XG.
Please read the forums . XG(a nice version of Cyberoam) has years of development to be like SG in stability and flexibility.Yes XG has Intercept X and a very good filtering, but in everyday use with a complicated environment is where SG shines.
So i am asking you will SG ever receive IKEv2?

Reply

Thank you for your feedback. It will be considered for a future release.

Reply

I truly hope one of the considerations will the fact that you’re still running a 2010 version of StrongSwan in in the latest versions of UTM. StrongSwan with IKEv2 support got available in 2012. That’s about 7 years ago. (To me that makes the “adding IKEv2 support would have significantly delayed v9.6” argument less strong)

Another consideration will hopefully be the fact that it’s being requested for so long, by so many customers.

Reply

What about IPv6 DHCPv6-PD? I’ve read, that this basic ipv6 functionality is still not available in sophos firewalls. Is this true? And if it’s true, when will it be implemented?
We are interested in sophos firewalls, because we are using pfsense.

Reply

I have 4 Sophos UTM firewalls and I have been waiting for version 9.6 to support IKEv2, but I see that I still do not support it, therefore I will be forced to change brands. I would not recommend more Sophos.

Reply

I echo that James. I renewed with Sophos over 18 months ago based on IKEv2 support “was coming”. To hear that it may now never come is truly disappointing and I need to switch brands also.

Reply

Dear Sophos,
Just listen to the tech guys that are using sophos sg for years. Sophos XG has many years of dev to be as good as SG. Dont give up SG. Give us at least IKEv2. JUST LISTEN.

Reply

Leave a Reply to Les Carter Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.