Visibility and Protection

Sophos Firewall offers the best protection to stop the latest hacks and attacks dead in their tracks – before they get on your network.

Deep Packet Inspection

The Xstream Deep-Packet Inspection (DPI) engine provides high-performance traffic scanning for IPS, AV, Web Protection, and App Control in a single streaming engine.

  • TLS 1.3 inspection
  • Next-Gen Intrusion Prevention (IPS)
  • Zero-day threat protection
  • Proxy-based dual-engine AV scanning
  • Perimeter defenses
  • Country-based blocking policy

Encrypted Traffic

Xstream TLS Inspection 1.3 with industry-leading performance, visibility, policy tools, and built-in intelligence removes an enormous blind spot in your protection.

  • TLS 1.3 without downgrading
  • Intelligent traffic selection
  • Pre-packaged exception list
  • Powerful policy engine
  • Covers all ports/protocols
  • Supports all modern cypher suites
  • Unmatched visibility and error handing

Zero-Day and ML Protection

Sophos Firewall leverages Sophos' industry-leading machine learning technology (powered by SophosLabs Intelix) to instantly identify the latest ransomware and unknown threats before they get on your network

  • SophosLabs Data Scientists
  • Multiple Machine Learning Models
  • Static File Analysis
  • Dynamic file analysis

Cloud Sandbox

Sophos Zero-day Dynamic File Analysis uses next-gen cloud-sandbox technology powered by deep-learning and the best technology from Intercept X, to provide your organization with the best protection against zero-day threats like the latest ransomware and targeted attacks coming in through phishing, spam, or web downloads.

  • Dynamic sandboxing analysis
  • Deep learning static file analysis

Web Protection

Sophos' Web Protection engine is backed by SophosLabs and includes innovative technologies required to identify and block the latest web threats.

  • Advanced Web Protection
  • Pharming protection
  • HTTPS scanning
  • Potentially unwanted app control
  • SophosLabs

Synchronized Security

Our revolutionary Security Heartbeat links your Sophos managed endpoint with your firewall to share health and other valuable information enabling an automated and coordinated response to isolate threats and prevent lateral movement.

Learn More
  • Security Heartbeat
  • Destination Heartbeat Protection
  • Synchronized App Control
  • Lateral Movement Protection
  • Synchronized User ID

Advanced Threat Protection

Sophos Firewall delivers advanced threat protection to instantly identify bots and other advanced threats while defending your network from today’s sophisticated attacks.

  • Security Heartbeat
  • Multi-layered, call-home protection
  • Intelligent firewall policies
  • Traffic light style indicators

User Identity

User identity-based policies and unique user risk analysis give you the knowledge and power to regain control of your users before they become a serious threat to your network.

  • User identity powers all firewall polices and reporting
  • User Threat Quotient (UTQ) identifies the top risk users on your network
  • Synchronized User ID
  • Flexible authentication options including directory services
  • Two-factor Authentication (2FA) One-time Password Support for Access to key system areas

Application Control

Complete application visibility and control over all applications on your network with deep-packet scanning technology and Synchronized App Control that can identify all the applications that are currently going unidentified on your network.

  • Visibility and control over thousands of applications
  • CASB cloud app visibility
  • Synchronized App Control
  • User-based application policies
  • Traffic shaping (QoS) prioritizes bandwidth allocation to critical applications and limits bandwidth for non-business applications

Web Control

Full visibility and control over all your web traffic with flexible enforcement tools that work the way you need, with options for user and group enforcement of activity, quotas, schedules, and traffic shaping.

  • Enterprise Secure Web Gateway (SWG) policy model
  • Template-driven activity control with predefined workplace and compliance policies
  • Education and SafeSearch features
  • Comprehensive traffic enforcement
  • Traffic shaping (QoS)

Content Control

Flexible, user-based monitoring and control of keyword content and downloadable content, including files types via FTP, HTTP, or HTTPS.

  • Web keyword monitoring
  • File download filtering templates
  • Policy-based outbound email DLP
  • Web caching

Business Applications

Combine next-gen firewall capabilities with our enterprise-class web application firewall to protect your critical business applications from hacks and attacks while still enabling authorized access.

  • Next-generation IPS
  • Web Application Firewall
  • Granular, user-based protection

Email and Data

Protect your email from spam, phishing, and data loss with our unique all-in-one protection that combines policy-based email encryption with DLP and anti-spam.

  • Full MTA store and forward support
  • Live anti-spam
  • SPX encryption
  • Policy-based DLP
  • Self-serve user portal

Networking and Access

Sophos Firewall offers the most complete portfolio of secure edge access solutions, VPN , SD-WAN, and core networking capabilities to fit any network.

SD-WAN

Sophos Firewall integrates all the features you need to enable your SD-WAN connectivity, quality, security, and continuity goals.

Learn More
  • Multiple WAN link monitoring
  • Fail-over and fail-back
  • Application path selection and routing
  • Synchronized SD-WAN application routing

Site-to-Site VPN

Sophos Firewall supports all standards-based VPN technologies as well as our own light-weight extremely robust layer 2 RED tunnels.

  • IPSec and SSL VPN tunnels
  • Wizard-based orchestration
  • Sophos RED site-to-site tunnels

Remote Access VPN

Sophos Connect is a free VPN client for remote access that makes supporting a remote workforce easy.

  • Windows and Mac Support
  • IPSec and SSL support
  • Easy provisioning and deployment
  • Free (unlimited SSL remote access licenses included at no extra charge)

SD-RED

A Sophos exclusive, SD-RED provide a unique and affordable secure edge access device for SD-Branch, SOHO, and industrial control solutions.

Learn More
  • Zero-touch deployment auto-provisioning SD-WAN edge device
  • Enterprise-grade encryption
  • Split tunnel options
  • Integrated wireless options
  • Ultra affordable

Wireless Controller

Every Sophos Firewall includes an integrated wireless controllers to enable easy secure wireless deployments for our APX wireless access points, all managed from a single console.

  • Plug-and-play deployment
  • High performance with the latest 802.11ac, Wave 2 wireless standard, and powerful radios
  • Flexible configuration with options for isolation, bridging, zones, hotspots, channel width, and multiple SSIDs per radio.
  • Secure encryption with support for all the latest standards

ZTNA

Sophos Firewall integrates with Sophos Zero Trust Network Access (ZTNA) to offer a secure and simple way for users to securely connect to important applications and data.

Learn More
  • Securely connect users to applications
  • Cloud and on-premises application support
  • Remote access from anywhere
  • Device health integrates with Synchronized Security

Core Networking

Sophos Firewall offers the most advanced enterprise-grade networking technology available for NAT, routing, and bridging. 

  • Powerful object-based NAT rules
  • Advanced routing with Static, OSPF, BGP, and RIP with full 802.1Q VLAN support
  • SD-WAN link balancing
  • Flexible bridging options
  • IPv6 Certified support

Segmentation

Flexible and powerful segmentation options via zones and VLANs provide ways to separate levels of trust on your network while enabling added protection against lateral movement between different parts of your network.

  • Zone-based firewall
  • Default zones for LAN, WAN, DMZ, LOCAL, VPN, and Wi-Fi
  • Full VLAN support
  • Zone and VLAN isolation
  • Zone-based policies
  • Micro-segmentation and auto-isolation via Synchronized Security

Management and Reporting

Sophos Central is your single-pane-of-glass for managing your entire cybersecurity portfolio. From endpoint, to mobile, to ZTNA, and of course, all your firewalls, no one offers this level of management integration and ease of use.

Sophos Central Management

Sophos Central provides powerful centralized management, reporting, and zero-touch deployment for all your XG Firewalls and other Sophos products from a single console.

Learn More
  • Sophos Central Cloud Management
  • Group Firewall Management in Sophos Central
  • Synchronize policy and settings across groups
  • Central cloud backup management
  • Centralized firmware update scheduling

Central Firewall Reporting

Central Firewall Reporting Advanced, provides flexible and powerful tools to create your own custom views of network activity and threats across your entire network.

Learn More
  • Report across multiple firewalls
  • Create custom reports with powerful visualization tools
  • Save, export, and schedule your reports
  • Store firewall log data in the cloud for historical reporting up to a year

Dashboard and alerts

Sophos Firewall’s carefully crafted control center analyzes extensive back-end data sources to surface just the information you need to respond quickly to changes in your network.

  • Instant Insights At a Glance
  • Traffic-light-style indicators
  • Quick Drill-down Interaction with Any Control Center Widget
  • Automatic Email Notifications for any important event
  • SNMP with a Custom MIB and support for IPSec VPN Tunnels

Free Reporting

Sophos Firewall is unique in providing extensive, free on-box reporting and limited cloud-based reporting at no extra charge.

  • Hundreds of reports
  • Built-in storage on XGS Series for unlimited log data storage for historical reporting
  • Live Log Viewer
  • Syslog Support
  • Limited 7 day cloud storage for Central Firewall reporting
  • No extra charge