Trident Blog

SOPHOS Firewall OS update – XG v17.5

Kat McDevitt - Wednesday, March 06, 2019

The Sophos XG Firewall v17.5 is now available, bringing all new Synchronized Security features, better education features to improve overrides and more top requested features. 

With the rise in targeted ransomware and other adversary attacks, Sophos has identified the need for organisations to be able to rapidly identify and respond to threats and prevent them from moving laterally across your network. To combat this, the Sophos has introduced Lateral Movement Protection, a new Synchronized Security feature in the XG Firewall v17.5, which builds on the success of Security Heartbeat™ in providing an automated response to the presence of a threat. It isolates the compromised system from accessing network resources at the firewall but also enlists the aid of all healthy endpoints on the network to synchronise a defence. All healthy Sophos endpoints will isolate any compromised system, providing isolation at the endpoint level, and preventing any threat from moving laterally.

A key feature of v17.5 is its web policy overrides. This allows authorised users to override blocked sites on user devices, temporarily allowing access. Administrators can dictate which users have the option to authorise policy overrides, through this users can create passwords and rules for which sites can be used. Codes can then be shared with end-users who can directly enter them into blocked sites.  

The new features in XG Firewall v17.5

Synchronized Security – lateral movement protection – extends Sophos Security Heartbeat™ automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same subnet. The firewall instructs all healthy endpoints to completely isolate any unhealthy endpoints.

Synchronized User ID – utilizes Security Heartbeat™ to greatly streamline authentication for user-based policy enforcement and reporting in any Active Domain network by eliminating the need for any kind of server or client agent.

Education features – such as per-user policy-based control over SafeSearch and YouTube restrictions, teacher enabled block-page overrides, and Chromebook authentication support.

Email features – adds Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim, which closes a couple of top requested feature differences with SG Firewall.

IPS protection – is enhanced with greatly expanded categories enabling you to better optimize your performance and protection.

Management enhancements – including enhanced firewall rule grouping with automatic group assignment, and a custom column selection for the log viewer.

VPN and SD-WAN failover and failback – including new IPSec failover and failback controls and SD-WAN link failback options.

Client authentication – gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing.

Sophos Connect – is our new IPSec VPN Client, free for all XG Firewall customers, that makes remote VPN connections easy for users, and supports Synchronized Security.

Wireless APX access point support – provides support for the new Wave 2 access points providing faster connectivity and added scalability.

Airgap support – for deployments where XG Firewall can’t get updates automatically via an internet connection (due to an “airgap” or physical isolation), XG Firewall can now be updated via USB.

Sophos XG Firewall - What's New in v17.5 from Sophos on Vimeo.


Share this article on:
Share on LinkdIn Share on Twitter



Post has no comments.
Post a Comment

Captcha Image

Trackback Link
Post has no trackbacks.

Recent Posts