18.0 and later versions require a minimum of 4 GB RAM. So, you can't upgrade the following models. Upgrading to SFOS 18.0.4. SFOS 18.0 MR4 build 506. 18.0 MRs: New features and enhancements; New features. The release notes site describes the new features introduced in XG Firewall 18.0. Xstream architecture; Sandstorm threat intelligence analysis; Sophos Central Firewall Reporting and Management. As a worldwide leader in next-generation cybersecurity, Sophos protects more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyber threats. Powered by SophosLabs and SophosAI – a global threat intelligence and data science team – Sophos’ cloud-native and AI-powered solutions secure endpoints. 1 day ago Sophos has just released the new Sophos Firewall v18.5 (formerly known as Sophos XG Firewall), and this new version add’s support for the new “XGS” hardware appliances (Only XGS is supported atm. Later on the XG appliances will also get v18.5.
XG Firewall v18 is now available, and it’s sporting the all-new Xstream Architecture, which delivers extreme levels of visibility, protection and performance.
We’ve packed this release with new and enhanced features for you, including:
- Xstream SSL inspection. Get unprecedented visibility into your encrypted traffic flows, support for TLS 1.3 without downgrading, powerful policy tools, and supreme performance.
- AI-powered threat intelligence. Extend your protection against zero-day threats and emerging ransomware variants with multiple best-in-class machine learning models and unmatched insights into suspicious files entering your network.
- Application acceleration. Optimize network performance by putting your important application traffic on the fast path through the firewall and routing it reliably out through your preferred WAN connection.
Watch the overview video to see everything that’s new in XG Firewall v18:
Sophos Central
XG Firewall v18 also includes support for all new central management, reporting, and deployment options launching on Sophos Central next week:
- Group firewall management. Easily keep your full estate of firewalls consistent using groups that automatically keep policies, objects, and settings synchronized.
- Central reporting. Network activity and insights across all your firewalls are now at your fingertips in Sophos Central, with several pre-packaged reports and flexible reporting tools to create your own.
- Zero-touch deployment. Conveniently setup a new firewall in Sophos Central, export the config, load it on a flash drive and have your new firewall automatically connect back to Sophos Central without having to touch it.
Sophos 18.0.5
And, there’s more!
In addition, there are also a ton of other new features that will enhance your protection, visibility, management experience, and network versatility:
- Synchronized SD-WAN brings the power of Synchronized Security to reliably and accurately route application and user-based traffic over your preferred WAN links
- Firewall, NAT, and SSL Inspection rules and policies are now more powerful, flexible and easier to work with than ever before
- Plug-and-play high-availability (HA) makes it easy to enable business continuity and adds peace-of-mind – simply connect two XG Series appliances together and you’ll be up and running in no time
- Real-time flow monitoring provides at-a-glance insights into active bandwidth consuming hosts, applications, and users
- Expanded notifications and alerts ensure you never miss an important network security event whether it’s related to a threat, service, or important performance metric
How to get XG Firewall v18
As usual, this firmware update comes at no charge for licensed XG Firewall customers. The firmware will be rolled-out automatically to all systems over the coming weeks, but you can manually update at any time via MySophos.
Head on over to the XG Firewall Community Blog to get the full release notes.
Also check that your current hardware appliance supports v18.
Making the most of your new XG Firewall features
Free online training – available to all XG Firewall customers, our delta training program will help you make the most of the new features in XG Firewall v18.
It walks you through the key enhancements since v17.5 and takes about 90 minutes to complete. Get started on the XG Firewall training program.
Customer resources and how-to videos – be sure to visit the Customer Resource Center for the latest how-to videos and links to documentation, the community forums, training and other resources.
Take advantage of Partner and Sophos Professional Services: To augment your local Sophos partner’s services, we offer services to help you getting up and running and make the most of your XG Firewall, including the latest capabilities in v18.
While Sophos Professional Services can help with any task, here are the most common services they provide:
- XG Firewall deployment and setup
- XG Firewall v18 DPI, FastPath and SSL Engine Optimization
- XG Firewall Health Checks
Here are some direct links to helpful resources:
- Customer Training Portal (free Delta Training)
New to XG Firewall?
If you’re new to XG Firewall, see how it provides the world’s best network visibility, protection and response on the new XG Firewall website.
The product team is pleased to announce a major new update for XG Firewall v18 with several great new enhancements.
Security emphasis
Given how much working environments have changed this year, we have accelerated our product security investments, taking a more proactive approach. As a result, this new maintenance release for XG Firewall v18 includes several security and hardening enhancements to better protect your firewall and your data stored within, including SSMK (Secure Storage Master Key) for the encryption of your sensitive data.
There’s also a new CLI option to disable Captcha authentication that was previously introduced as a security hardening measure:
Remote access VPN
Working from home and makes remote access VPN a vital tool for all organizations these days, and there are important enhancements to remote access VPN in this release:
- Increased SSL VPN connection capacity across our entire firewall lineup. The capacity increase depends on your Firewall model: desktop models can expect a modest increase, while rack mount units will see a 3-6x improvement in SSL VPN connection capacity. Check the latest numbers for your XG Series model. Remember that Sophos XG Firewall is the only firewall that provides remote access VPN up to the capacity of your device – at no extra charge.
- Group support for our Sophos Connect VPN client, which now enables group imports from AD/LDAP/etc. for easy setup of group access policy.
Cloud (AWS/Nutanix) enhancements
Cloud and hybrid network infrastructure continues to grow in importance, and we’re also investing heavily in public cloud support:
- Support for newer AWS instances – C5/ M5 and T3 (#)
- Support for CloudFormation Templates, removing the need to run the installation wizard in some cases (#)
- Virtual WAN Zone support on custom gateways for post deployment single arm usage
- Single-arm deployments are now possible on AWS deployments thanks to an option to assign a zone to your custom gateway objects. This allows you to create access and security rules for traffic going into those zones.
- XG Firewall is now Nutanix AHV and Nutanix Flow Ready. XG Firewall has been validated to provide two modes of operation within Nutanix AHV infrastructure. Learn more.
- Also be sure to check out Sophos Cloud Optix to enhance your security and optimize costs for your cloud environments
Central management and reporting
We are seeing rapid adoption of Sophos Central management and reporting for XG Firewall thanks to rich features that make managing all your XG Firewalls easy. It’s important to note that legacy central management and reporting platforms including CFM/SFM and iView are coming to end of life soon.
Sophos 18 Free
Now is the time to move to Sophos Central for your central management and reporting needs, as it offers a modern, scalable, secure platform with a great feature set and an aggressive roadmap.
What’s new:
- XG Firewalls running in an HA configuration (either A-A or A-P) can now be fully managed within Firewall Group Management
- An Audit Trail feature is now available within the Task Queue
- Central Firewall Reporting has recently added the option to save, schedule, and export reports. Learn more.
Coming soon: Next month, a couple of other great enhancements are coming to Sophos Central, including group firewall management from the Partner Dashboard that greatly simplifies multi-customer firewall management, and cross-firewall reporting for better insights into activity across your entire multi-firewall protected network.
HA and other enhancements
XG Firewall v18 MR3 also addresses a number of reported issues with high-availability deployments, SD-RED devices support, and other areas. See the release notes for a full list of fixes.
Upgrade as soon as possible
While we always encourage you to keep your firewalls up to date with the latest firmware, over the next few months we are recommending you rapidly apply maintenance releases to ensure you have all the important security, performance, and feature enhancements applied as soon as possible.
Also ensure you have automatic pattern updates enabled so that you can be assured you have the latest protection updates.
XG Firewall v18 MR3 is an easy upgrade from XG Firewall v17 (MR6+), but be sure to check supported platforms.
How to get it
As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through the Licensing Portal. You can refer to this article for more information.
Sophos 18 Eap
Learning more about upgrading to XG Firewall v18
Sophos 18 Mr5
And if you still haven’t upgraded to v18, or are still exploring many of the new features, be sure to take advantage of all the resources available, including the recent “Making the Most of XG Firewall v18” article series that covers all the great new capabilities in XG Firewall v18: