Sophos XG Firewall provides comprehensive next-generation firewall protection that exposes hidden risks, blocks unknown threats, and automatically responds to incidents.
Sophos XG Firewall provides unprecedented visibility into top risk users, unknown apps, advanced threats, suspicious payloads and much more. You also get rich on-box reporting included at no extra charge and the option to add Sophos iView for centralized reporting across multiple firewalls.
Sophos XG Firewall provides all the latest advanced technology you need to protect your network from ransomware and advanced threats including top-rated IPS, Advanced Threat Protection, Cloud Sandboxing, Dual AV, Web and App Control, Email Protection and a fullfeatured Web Application Firewall. And it’s easy to setup and manage.
XG Firewall is the only network security solution that is able to fully identify the source of an infection on your network and automatically limit access to other network resources in response. This is made possible with our unique Sophos Security Heartbeat™ that shares telemetry and health status between Sophos endpoints and your firewall.
We’ve engineered XG Firewall to deliver outstanding performance and security efficiency for the best return on your investment. Our appliances are built using Intel multi-core technology, solid-state drives, and accelerated in-memory content scanning. In addition, Sophos FastPath packet optimization technology ensures you’ll always get maximum throughput.
Sophos Firewall Manager provides a single console for the complete central management of multiple XG Firewalls. And if you also want to consolidate reporting across multiple XG, SG, and Cyberoam appliances then with Sophos iView, you can.
XG Firewall includes a number of innovations that not only make your job a lot easier, but also ensure your network is more secure.
An industry first, Synchronized Security links your endpoints and your firewall to enable unique insights and coordination. Security Heartbeat™ relays Endpoint health status and enables your firewall to immediately identify and respond to a compromised system on your network. The firewall can isolate systems until they can be investigated and cleaned up. Another Synchronized Security feature, Synchronized App Control, also enables the firewall to query the endpoint to determine the source of unknown traffic on the network.
User identity takes enforcement to a whole new layer with our identity based policy technology enabling user level controls over applications, bandwidth and other network resources regardless of IP-address, location, network or device. It literally takes firewall policy to a whole new layer.
Pre-defined policy templates let you protect common applications like Microsoft Exchange or SharePoint quickly and easily. Simply select them from a list, provide some basic information and the template takes care of the rest. It sets all the inbound/ outbound firewall rules and security settings for you automatically – displaying the final policy in a statement in plain English.
The Sophos User Threat Quotient (UTQ) indicator is a unique feature which provides actionable intelligence on user behavior. Our firewall correlates each user’s surfing habits and activity with advanced threat triggers and history to identify users with risk-prone behavior.
Unlike our competitors, whether you choose hardware, software, virtual or Microsoft Azure, we don’t make you compromise – every feature is available on every model and form- factor.
|FullGuard Plus (included in TotalProtect Plus)|
|FullGuard (included in TotalProtect)|
(included in EnterpriseProtect Plus)
(included in EnterpriseProtect)
|Web Protection||Email Protection||Webserver
|General Management (incl. HA)||●|
|Firewall, Networking and Routing||●|
|Base Traffic Shaping and Quotas||●|
|Self-Serve User Portal||●|
|Base VPN Options||●|
|Sophos Connect IPSec Client||●|
|Intrusion Prevention (IPS)||●|
|ATP and Security Heartbeat™||●|
|Remote Ethernet Device (RED) VPN||●|
|Synchronized Application Control||●|
|Web Protection and Control||●|
|Application Protection and Control||●|
|Cloud Application Visibility||●|
|Web and App Traffic Shaping||●|
|Email Protection and Control||●|
|Email Quarantine Management||●|
|Email Encryption and DLP||●|
|Web Application Firewall Protection||●|
|Logging and Reporting||●||●||●||●||●||●|
|Firewall throughput||3 Gbps|
|Firewall IMIX||800 Mbps|
|Antivirus Throughput||360 Mbps|
|IPS throughput||580 Mbps|
|NGFW Throughput||310 Mbps|
|IPSec VPN throughput||225 Mbps|
|GE RJ45 Ports||4 GbE cooper|
|GE RJ45 WAN Ports||4 GbE cooper|
|GE SFP Slots||No|
|I/O ports||2 x USB 2.0 | 1 x Micro-USB | 1x COM (RJ45)|
|Storage||8 GB eMMC|
|Mounting||Rackmount kit available (to be ordered separately)|
|Dimensions Width x Depth x Height (inches)||748 x 4.61 x 1.69 inches|
|Dimensions Height x Width x Length (mm)||190 x 117 x 43 mm|
|Weight||0.75 kg / 1.65 lbs (unpacked) | 1.9 kg / 4.19 lbs (packed) | (w model minimally higher)|
|Power supply||External auto ranging DC: 12V, 100-240VAC, 24W@50-60 Hz|
|Power Consumption||12W, 40.94 BTU/hr (idle) 20.4W, 69.6 BTU/hr (full load)|
|Operating Temperature||0-40°C (operating) -20 to +80°C (storage)|
|No. of antennas||2 external|
|MIMO capabilities||2 x 2:2|
|Wireless interface||802.11a/b/g/n/ac (2.4 GHz / 5 GHz)|
|Certifications||CB, CE, FCC, ISED (IC), VCCI, RCM, UL, CCC, BIS, Anatel, KC (w-model only)|