2 Sophos Whitepaper February 2020 What’s New in XG Firewall v18 Key New Features in XG Firewall v18 Xstream Architecture Sophos is pleased to introduce the new Xstream Architecture for XG Firewall, a new streaming packet processing architecture that provides extreme levels of protection and performance. Sophos has just released the new Sophos Firewall v18.5 (formerly known as Sophos XG Firewall), and this new version add’s support for the new “XGS” hardware appliances (Only XGS is supported atm. Later on the XG appliances will also get v18.5.
Every maintenance release (MR) for XG Firewall v18 brings compelling new features, including a variety of performance, stability, and security enhancements. MR5 is no exception.
What’s new in v18 MR5
VPN enhancements
Sophos XG Firewall. Find your product. XG Firewall v18 - Virtual and Software Appliance Install Guide. XG Firewall v18 - User Portal Documentation. Sophos exam version 18Sophos XG firewall exam v 18. If you’re new to Sophos or want to refresh your memory, check out the current blog series covering the highlights. XG v18 has been built from the ground up with software architecture to get the best performance out of our current x86 hardware appliances, and in the future, will take advantage of new hardware technology to offer continued.
- A huge 50% increase in concurrent IPSec VPN tunnel capacity across the line
- Port 443 sharing between SSL VPN and the Web Application Firewall (WAF)
- IPSec provisioning file support for remote access via Sophos Connect v2.1
SD-WAN
- Integration with Azure Virtual WAN for a complete SD-WAN overlay network
Authentication
- Integration with Azure Active Directory (learn more)
Certificate management and security
- Form enhancements for creating certificate signing requests and certificates
- Enhanced security for private keys
- Upload/download support for PEM format certificates
- Enhanced workflows for certificate management
Synchronized Security
- Enhanced registration and de-registration in high-availability (HA) installations
- Missing Heartbeat enhancements to reduce notifications sent for intended/expected changes in endpoint status
Sophos Central Firewall Reporting
Sophos Xg V18 Mr5
- New Cloud Application (CASB) report
- MSP Flex Pricing for MSP partners
View the full release notes on the Sophos Community Blog.
Other Recent Enhancements
If you’re not running the latest v18 firmware on your firewall, you’re missing out on a ton of new capabilities and dozens of resolved issues.
In addition to the above, these capabilities have been added in other v18 maintenance releases:
High-availability enhancements
- Improved FastPath support for active-passive pairs
- HA support in AWS using the AWS Transit Gateway
- Setup, reliability, and stability enhancements
VPN and Sophos Connect Remote Access Client
- A huge increase in SSL VPN connection capacity (up to 3-6x)
- Remote access IPSec policy provisioning with Sophos Connect v2.1
- Group support for Sophos Connect which enables imports from AD/LDAP/etc.
- New advanced options for IPSec remote access
- Sophos Connect downloads enabled from the user portal
- Enforcement of TLS 1.2 for SSL site-to-site and remote access VPN tunnels
Synchronized Security
- A new option for Synchronized App Control to automatically clean up discovered apps over a month old
Cloud platform support
- Support for new AWS instances (C5/M5 and T3)
- Support for cloud formation templates
- Virtual WAN zone support on custom gateways for post deployment single arm usage
- Nutanix and Nutanix Flow support
Sophos Central
- Group firewall management via the Partner Dashboard
- Firmware update scheduling
- Multi-firewall reporting across firewall groups
- Save, schedule, and export reports from Sophos Central
Security and authentication enhancements
- Stronger password hash algorithm (requires a password change)
- Auto web-filtering of Internet Watch Foundation (IWF) identified sites containing child sexual abuse
- Support for creating users with UPN format for RADIUS authentication
It’s easy and free
Sophos Xg V18 Ha Setup
Of course, all these features are a free upgrade for Sophos customers and are as easy as clicking to upgrade your firmware in your firewall console or scheduling a firmware update through Sophos Central.
Upgrade to v18 today!
Sophos Xg V18 Download
Now is the perfect time to upgrade. If you’re interested in learning more about what’s new in v18, check out these excellent articles that will help you make the most of the many new capabilities in v18: