Sophos Updates XG FIrewall, Adds Appliance Option

Written by Lorna Garey
October 24, 2017

Version 17 also brings stock policies, better insight into unknown applications running on endpoints and the network.

**Editor’s Note: Click here for our recently compiled list of new products and services.**

Sophos on Tuesday announced the latest version of its next-generation XG Firewall that builds on its message of Synchronized Security between the network and endpoints.

Version 17 of the XG line increases visibility into applications active on the network, including those lacking signatures or using generic HTTP or HTTPS connections. Sophos says this Synchronized App Control can reduce the security risks associated with unidentified traffic.

Sophos’ Dan Schiappa

Synchronized App Control automatically places running applications into the appropriate categories where possible; partners or IT can assign unknown apps to categories that will block or prioritize them. Interactive reporting provides deep insight into daily traffic.

Partners will appreciate the ability to apply a unified model enabling all business, user and network policies to be managed on a single screen and tested for potential adverse effects on customers; the addition of policy templates; the ability to proactively predict potentially malicious or careless users via a User Threat Quotient, and the ability to deploy as hardware, software or a virtual appliance and in passive – or tap – mode.

Dan Schiappa, SVP & GM of Sophos’ end user and network security group, outlined the company’s strategy to Channel Partners, saying that Sophos is focused on making its full suite of endpoint and network security products communicate and quickly learn from one another, and that Synchronized Security is a big part of that effort.

“In recent research, IT professionals admitted that about 60 percent of network traffic is unknown, and the security risks associated with this top their list of concerns,” said Schiappa in a statement. “Because the endpoint knows exactly what applications are running, it can share this data with the firewall through the Sophos Security Heartbeat.”

Both Sophos Endpoint Protection and the next-generation anti-ransomware solution Intercept X will feed data into the XG Firewall. The product is available exclusively through partners and may be deployed on-premises on any major VM or delivered as a service. In addition, Sophos has introduced new XG Series hardware appliances.

“Our clients appreciate the streamlined management and simplified user interface of the XG Firewall,” said Dan Russell, CIO at Pine Cove Consulting, a certified Sophos Partner. “Sophos Intercept X can be installed on the endpoint next to any existing endpoint protection, adding next-generation threat protection into any traditional environment.” Russell added that deeper visibility into every network application and the ability to categorize them and take immediate action is going to help customers and his business tremendously.

The XG Firewalls come in various configurations.

Sophos now has more than 30,000 partners, and Schiappa credits them with driving about a 90-plus percent renewal rate among current customers and generating $632.1 million in FY17 billings, more than 24 percent growth, with 81 percent of that recurring subscriptions. The company does have a “Blue Chip” designation for partners that transact five or more deals in a six-month period. This top partner tier has grown from 4,721 in FY16 to 8,524 this year.

“We’re all about the partners,” he says. “I think we’re probably the only security vendor that has in our mission statement our loyalty to the channel community.”