Making the most of your XG Firewall

CorporateSophos ProductsXG Firewall

XG Firewall 17.5 Maintenance Release 4 (MR4) is out, and it contains some new important features.

sophos xg firewall

XG Firewall v17.5 recently delivered several new innovations including Lateral Movement Protection, management via Sophos Central, and a variety of new features focused on education.

With Maintenance Release 4 (MR4) announced earlier this week, there are a few new important features I want to ensure everyone is able to get the most out of. 

While we always encourage all our customers and partners to keep their firewall up-to-date with the latest firmware release, MR4 is the perfect time to update if you haven’t been keeping current to take advantage of the latest security, performance, and many other enhancements.

Email notifications

Several new email notifications have been added to inform you about important system and threat related activity including:

  • Started SFOS
  • Sign-in failed for web admin console, SSH, or CLI console
  • Advanced threat protection alert or drop actions
  • Installed new firmware
  • System restart initiated through web admin console
  • System shutdown initiated through web admin console

To receive these new alerts, simply ensure you have these boxes checked in the Notification Settings tab of your XG Firewall:

Screen Shot 2019-04-01 at 9.21.51 AM

Backup encryption

Backup files now use a personal password key for enhanced security. You’ll be required to take advantage of this new feature going forward to protect your backups.

The new options are part of the workflow for scheduling and performing backups and restoration of your XG Firewall configuration on the Backup & Firmware main menu option, on the first tab for Backup & Restore:

Backup encryption password at the time of backup and restore2

You’ll notice new entries for an “Encryption password” for the backup and restore process.

You should update your backup settings to utilize a strong password that’s 12 characters or more in length. Once you’ve typed in your password, click “apply”.

All backups from that point onwards, will use the new password as the encryption key.  You can change the password at any time, and even at the time of doing a local backup.  Of course, we suggest you use a password manager so you don’t need to worry about remembering all your passwords, but if you forget your encryption password, you can change it at any time and create a new backup.

Chromebook authentication

If you’re one of the many XG Firewall customers enjoying the new Chromebook authentication support, there’s now a new option to generate the application configuration file from within the XG Firewall console to import into Google GSuite.

This option can be found under Authentication > Services > Download GSuite App Config, as shown below:

Screen Shot 2019-04-01 at 9.29.42 AM

Other enhancements

XG Firewall v17.5 MR4 also introduces a number of performance, reliability and stability enhancements.  You can check out the full release notes for more details.

How to get it

As with every XG Firewall firmware update, it will appear in your console automatically at some point in the near future, but if you want to start taking advantage of these enhancements right away, you can download the firmware update immediately from the MySophos Portal.

If you need a refresher on how to update your firmware, watch this short how-to video:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.