You can create firewall templates that consist of settings and firewall rules. You can apply these templates to groups of your customers.

Sophos offers add-on devices to flexibly connect your branch offices, remote sites and users. SD-RED Remote Ethernet Devices. Our Desktop firewall appliances support all the security features of our larger appliances but in a compact form factor and at a fraction of the cost. Whether you’re looking for an all-in-one security solution for. Sophos XG Firewall: Troubleshooting steps when unable to access the GUI Sophos XG Firewall: How to reset the admin password The XG Firewall locks up, won't boot, or restarts (in a single node environment) With only one XG Firewall available, options for implementing a quick workaround are limited. If another gateway is available, a good first. Sophos Firewall. Now with Xstream Architecture. Online Demo Learn More. Sophos Endpoint. Sophos Intercept X is the world’s best endpoint security, combining ransomware protection, deep learning malware detection, exploit prevention, EDR, and more – all in a single solution.

A firewall template lets you:

• Apply the same settings to all your customer's firewalls in a group.
• Stop customers from changing the settings for the groups you manage. Customers can create nested groups and override specific settings in the groups you manage.
• Update templates and push changes to your customers.

To create a firewall template, do as follows:

1. Sign in to the Sophos Central Partner and click Settings & Policies and then click Firewall Templates.
2. Click Add a template, add a template name and a description, then click Save.
3. Click Edit customers.
4. Review the customers for the template. Add any missing customers or remove customers if you need to.
5. Click Manage policy to configure the settings and rules for the template.

   The firewall configuration options managed by Sophos Central Admin are shown.

Any changes you make to the settings and rules are transferred to your customer's firewall using the Partner Managed Group. You can see this group in Sophos Central Admin.

Firewalls in the Partner Managed Group automatically inherit all the settings and rules you create using Manage Policy in Sophos Central Partner.

Today, we’re launching the first of our new XGS Series next-gen firewall appliances with Sophos Firewall OS version 18.5.

For network admins, this completely re-engineered hardware platform finally takes a common dilemma off the table: how to scale up protection for today’s highly diverse, distributed, and encrypted networks without throttling network performance.

Coupled with a highly attractive price, the new XGS Series is guaranteed to reshuffle the deck in the network firewall space.

Here are just three key highlights of this new release.

Dual processor architecture – powered by Xstream

Every XGS Series appliance has two hearts beating at its core: a high-performance multi-core x86 CPU, and an Xstream Flow processor to intelligently accelerate applications by offloading security-verified and trusted traffic to the FastPath.

This architecture allows us to retain the same flexibility to extend and scale protection as purely x86-based firewalls while also providing a performance boost that’s unhampered by the limitations of some legacy platform designs.

For example, with the programmable Xstream Flow processors, we can extend the offload capabilities in future software releases, providing additional performance improvements without changing the hardware.

Protection and performance

As much as we like to talk about speeds and feeds in the firewall space, the additional performance headroom in the XGS Series is there for a purpose: protection.

With about 90% of network traffic encrypted (source: Google Transparency Report) and almost 50% of malware using TLS to avoid detection (source: SophosLabs), organizations are leaving huge blind spots in their network visibility by not activating TLS inspection.

Just going by our own telemetry, about 90% of organizations don’t have TLS inspection activated on their firewalls. Even if we take into account that some of those may have separate solutions doing TLS inspection, it’s likely to be the minority rather than the majority. And aside from the security risk that poses, it’s pretty hard to create a policy for traffic that shows as “general” or “unknown”.

Before you all scream, “but TLS inspection breaks the internet,” Sophos Firewall includes native support for TLS 1.3 and provides a user interface which clearly shows if traffic has caused issues and how many users were affected. With just a couple of clicks, you can exclude problematic sites and applications without reverting to a less-than-adequate level of protection.

We’ve got the edge

The XGS Series includes multiple form factors that beat the all-important price per protected Mbps of many competitive models.

XGS Series appliances are equipped with high-speed interfaces to meet the diverse connectivity requirements of businesses large and small. In addition to the built-in copper, fiber, and a range of other ports on every model, add-on modules provide the flexibility to tailor your device connectivity to your unique environment – both today and in the future.

The XGS Series integrates further with edge infrastructure devices such as APX access points and our SD-RED Remote Ethernet Devices. With cloud-managed Zero-Trust Network Access and access layer network switches coming later this year, we’re bringing your network security to every edge.

Sophos Firewall OS v18.5

The new appliances come with the latest v18.5 software release, which not only provides support for the new hardware but also includes all the 18.x maintenance releases – many new capabilities and security improvements – since the v18 release.

For further information about Sophos Firewall and the XGS Series or to request a quote visit Sophos.com/Firewall or Sophos.com/Compare-XGS.

Hardware Firewall For Home Network

For the latest SophosLabs research on TLS, check out this article.