Extreme Next-Gen Firewall

Visibility, Protection, and Performance


XG Firewall’s all-new Xstream architecture delivers extreme levels of protection, performance, and visibility.

XG Firewall Xstream
TLS Inspection

Industry-leading performance and visibility into all the encrypted traffic on your network with support for TLS 1.3.

XG Firewall Xstream
DPI Engine

High-performance deep packet protection in a single streaming engine for stopping all known and unknown threats.

XG Firewall Xstream
Network Flow FastPath

Accelerate trusted and important cloud, SaaS, and VoIP application traffic for optimal performance

Visibility Into What's Happening on Your Network

XG Firewall removes an enormous blind spot, providing extreme visibility and insight into all your network traffic, whether it’s encrypted, evasive, or elusive.

Application Visibility

Accelerate the applications you want and control the applications you don’t with unmatched app identification

Network Health and Threats

Identify suspicious or malicious threats on your network to stop attacks, hacks, and breaches instantly

Take it for a Test Drive.

Demo all XG Firewall’s features – no install, no commitment.


The Best Protection to Stop Unknown Threats Dead

XG Firewall offers the best protection against the latest advanced threats like ransomware, cryptomining, bots, worms, hacks, breaches, and APTs with unique and innovative technology designed to catch threats we haven’t even seen yet.

Intrusion Prevention

Industry-leading IPS offers high-performance protection against the latest network exploits.

SophosLabs Threat Intelligence

Utilizing deep learning technology, we identify new and zero-day threats before they get on your network.

Sandstorm Sandboxing

The ultimate in affordable protection by analyzing suspicious files in a safe cloud environment using the latest technology from Intercept X.

Performance to Fully Protect Your Network and Then Some

XG Firewall delivers industry-leading performance and price-per-protected Mbps that ensure you can take full advantage of all the latest next-gen protection technologies without compromising on performance.


Xstream Architecture

Our new packet flow processing architecture provides extreme levels of network protection and performance.


XG Series Appliances

The latest multi-core CPUs, generous RAM, and solid-state storage make the most of the new Xstream architecture.


Proven Performance

Consistently rated among the top-performing in both security effectiveness and price-per-protected Mbps.

Extreme TLS Inspection

Extremely Fast, Effective, and Transparent.

80% of the traffic passing through your firewall is encrypted. Most organizations are completely blind to this traffic. Why? Because TLS Inspection kills their firewall performance. But not anymore.

XG Firewall’s Xstream TLS Inspection solves this problem once and for all. You can now fully enable TLS Inspection without compromising on performance, protection, privacy, and the end user experience.

  • Native support for TLS 1.3 and all modern cipher suites
  • Powerful policy tools to balance privacy, protection, and performance
  • Unique at-a-glance visibility and one-click error handling via the Control Center

SD-WAN Evolved

Unprecedented clarity, connectivity, and control.

XG Firewall evolves SD-WAN with unique capabilities that provide unprecedented clarity and control over your connectivity needs.

Synchronized SD-WAN

Leverages the 100% application visibility and control that Synchronized Security provides to make reliable SD-WAN path selection and routing decisions.

SD-RED Branch Office Connectivity

Our zero-touch branch office edge devices make SD-WAN deployments simple, easy, and secure.

Flexible Connectivity Options

No other firewall offers as many modular and flexible connectivity solutions as XG Firewall, with a full range of wireless, cellular, copper, and fiber options.

Powerful Management. Seamless Scalability.

XG Firewall provides powerful cloud-based central management and reporting tools that enable seamless scalability as your organization and network grows.


Group Firewall Management

Sophos Central provides a powerful set of cross-estate management tools to easily make configuration changes, initiate firmware updates, manage backups, or deploy new firewalls.


Central Firewall Reporting

Flexible centralized reporting enables you to visualize your network utilizing a variety of built-in reports or build your own custom reports.


Plug and Play High Availability

Get added scalability, resiliency, and peace of mind by simply connecting a pair of XG Firewalls together to enable high-availability. It’s that easy.

Seamlessly Integrate Your Cybersecurity for Better Protection

XG Firewall is part of the world’s best cybersecurity ecosystem, integrating in real time with Sophos Central and Intercept X.

Sophos Central

Sophos Central is the most comprehensive cloud cybersecurity management platform available – anywhere. It provides the ultimate in management efficiency and scalability for all your IT security products from a single pane of glass.

Synchronized Security

Sophos is a pioneer in Synchronized Security, integrating your endpoint and firewall protection to share information and provide features you just can’t get elsewhere, like Security Heartbeat™ for health monitoring, app control, user identification, and much more.

Zero-Touch Threat Isolation

Whether a threat is first detected at your firewall, an endpoint, or server, they all leap into action and work together to provide an automatic response with dynamic firewall rules and lateral movement protection isolating a compromised host to prevent spread, hacker communication, and data loss.

Regain Trust in a World of Zero Trust

XG Firewall is part of the world’s best cybersecurity system, integrating in real time with Intercept X.



Synchronized Security automatically identifies, authenticates, and verifies users, apps, devices, and their trustworthiness - in real time.


Security Heartbeat dynamic firewall policies adapt instantly to changes in trust including device compliance, health status, and user, app, or traffic identity.


Synchronized Security automates network access control and device isolation to enable adaptive micro-segmentation.

Designed to Fit Your Network

XG Firewall offers a powerful and modular line of hardware appliance models as well as software, virtual, and cloud deployment options to fit any network.

XG Series Appliances

XG Series Appliances

XG Firewall offers a full range of top-performing hardware appliances with modular connectivity options for all your LAN, WAN, and wireless needs including Wi-Fi, cellular, copper, and fiber interfaces.

Software, Virtual, Cloud

Software, Virtual, Cloud

XG Firewall is also available as a software appliance, supports all the popular virtualization platforms, and is available on both Azure and Amazon Web Services to protect and connect your public, private, and hybrid cloud networks.



Our unique zero-touch SD-RED edge devices make extending your secure network to remote and branch locations and industrial control system (ICS) devices simple and easy. Flexible SD-WAN and VPN connectivity options ensure you meet your WAN reliability and quality goals.

Start evolving now.

Start your no-obligation free trial now or contact us for more questions.