Sophos XG Firewall
The world’s best visibility, protection, and response.
Sophos XG Firewall brings a fresh new approach to the way you
manage your firewall, respond to threats, and monitor what’s
happening on your network.

Sophos XG Firewall
Sophos XG Firewall provides comprehensive next-generation firewall protection that exposes hidden risks, blocks unknown threats, and automatically responds to incidents.
Exposes hidden risks
Sophos XG Firewall provides unprecedented visibility into top risk users, unknown apps, advanced threats, suspicious payloads and much more. You also get rich on-box reporting included at no extra charge and the option to add Sophos iView for centralized reporting across multiple firewalls.
Blocks unknown threats
Sophos XG Firewall provides all the latest advanced technology you need to protect your network from ransomware and advanced threats including top-rated IPS, Advanced Threat Protection, Cloud Sandboxing, Dual AV, Web and App Control, Email Protection and a full-featured Web Application Firewall. And it’s easy to setup and manage.
Automatically responds to incidents
XG Firewall is the only network security solution that is able to fully identify the source of an infection on your network and automatically limit access to other network resources in response. This is made possible with our unique Sophos Security Heartbeat™ that shares telemetry and health status between Sophos endpoints and your firewall.
Potent, powerful … fast
We’ve engineered XG Firewall to deliver outstanding performance and security efficiency for the best return on your investment. Our appliances are built using Intel multi-core technology, solid-state drives, and accelerated in-memory content scanning. In addition, Sophos FastPath packet optimization technology ensures you’ll always get maximum throughput.
Simply manage multiple firewalls
Sophos Central is the ultimate cloud-management platform – for all your Sophos products. It makes day-to-day setup, monitoring, and management of your XG Firewall easy. It also provides helpful features such as alerting, backup management, one-click firmware updates and rapid provisioning of new firewalls. Optionally, Sophos Firewall Manager (SFM) provides powerful multi-device management tools for easy provisioning of consistent policies across your entire estate. And if you also want to consolidate reporting across multiple XG, SG, and Cyberoam appliances you can easily do that with Sophos iView.
Sophos XG Firewall

Security features you can’t get anywhere else
XG Firewall includes a number of innovations that not only make your job a lot easier, but also ensure your network is more secure.
Synchronized Security
An industry first, Synchronized Security links your endpoints and your firewall to enable unique insights and coordination. Security Heartbeat™ relays Endpoint health status and enables your firewall to immediately identify and respond to a compromised system on your network. The firewall can isolate systems until they can be investigated and cleaned up. Another Synchronized Security feature, Synchronized App Control, also enables the firewall to query the endpoint to determine the source of unknown traffic on the network.
Unified Firewall Rules
User identity takes enforcement to a whole new layer with our identity based policy technology enabling user level controls over applications, bandwidth and other network resources regardless of IP-address, location, network or device. It literally takes firewall policy to a whole new layer.
XG Series
Virtual
Azure
Software
Purpose-built devices to provide the ultimate in performance.
Install the Sophos Firewall OS image on your own Intel hardware or server.
Install on VMware,
Citrix, Microsoft Hyper-V and KVM.
Protect your network infrastructure in the Azure cloud.
A Firewall That Thinks Like You
Pre-defined policy templates let you protect common applications like Microsoft Exchange or SharePoint quickly and easily. Simply select them from a list, provide some basic information and the template takes care of the rest. It sets all the inbound/outbound firewall rules and security settings for you automatically – displaying the final policy in a statement in plain English.
Insights into Top Risk Users
The Sophos User Threat Quotient (UTQ) indicator is a unique feature which provides actionable intelligence on user behavior. Our firewall correlates each user’s surfing habits and activity with advanced threat triggers and history to identify users with risk-prone behavior.
Flexible deployment, no compromise
Unlike our competitors, whether you choose hardware, software, virtual or Microsoft Azure, we don’t make you compromise – every feature is available on every model and form-factor.

Network Protection
Stop hacks and attacks dead in their tracks
Web Protection
Unmatched visibility and control over all your user’s web and application activity.
Next-gen Intrusion Prevention System
Provides advanced protection from all types of modern attacks. It goes beyond traditional server and network resources to protect users and apps on the network as well.
Advanced Threat Protection
Instant identification and immediate response to today’s most sophisticated attacks. Multi-layered protection identifies threats instantly and Security Heartbeat™ provides an emergency response.
Security Heartbeat
Creates a link between your Sophos Central protected endpoints and your firewall to identify threats faster, simplify investigation and minimize impact from attacks. Easily incorporate Heartbeat status into firewall policies to automatically isolate compromised systems.
Advanced VPN technologies
Adds unique and simple VPN technologies including our clientless HTML5 self-service portal that makes remote access incredibly simple or utilize our exclusive light-weight secure RED (Remote Ethernet Device) VPN technology.
Powerful user and group web policy
Provides enterprise-level Secure Web Gateway policy
controls to easily manage sophisticated user and group
web controls. Apply policies based upon uploaded web keywords indicating inappropriate use or behavior.
Advanced Web Threat Protection
Backed by SophosLabs, our advanced engine provides the ultimate protection from today’s polymorphic and obfuscated web threats. Innovative techniques like JavaScript emulation, behavioral analysis, and origin reputation help keep your network safe.
High performance transparent proxy
Optimized for top performance, our transparent proxy technology provides ultra-low latency inspection and HTTPS scanning of all traffic for threats and compliance.
Application Control and QoS
Enables user-aware visibility and control over thousands of applications with granular policy and traffic-shaping (QoS) options based on application category, risk, and
other characteristics. Synchronized Application Control automatically identifies all the unknown, evasive, and custom applications on your network.
Sandstorm Protection
Your best protection against zero-day threats.
The Best Zero-Day Protection
Sophos Sandstorm utilizes the best technology from our leading Intercept X next-gen endpoint protection like exploit prevention and CryptoGuard Protection to identify even previously unseen malware exploits and ransomware before they get on your network.
Powered by Deep Learning
An industry first, XG Firewall integrates Deep Learning technology into our Sophos Sandstorm sandboxing. It delivers the industry’s best detection rates without using signatures. It catches previously unseen malware lurking in suspicious payloads quickly and effectively.
Sophos XG Firewall
3
Email Protection
Consolidate your email protection with anti-spam, DLP, and encryption.
Web Server Protection
Harden your web servers and business applications against hacking attempts while providing secure access.
Integrated Message Transfer Agent
Ensures always-on business continuity for your email, allowing the firewall to automatically queue mail in the event servers become unavailable.
Live Anti-Spam
Provides protection from the latest spam campaigns, phishing attacks, and malicious attachments .
Self-serve Quarantine
Gives employees direct control over their spam quarantine, saving you time and effort.
SPX Email Encryption
Unique to Sophos, SPX makes it easy to send encrypted
email to anyone, even those without any kind of trust infrastructure, using our patent-pending password-based encryption technology.
Data Loss Prevention
Policy-based DLP can automatically trigger encryption or block/notify based on the presence of sensitive data in emails leaving the organization.
Business Application Policy Templates
Pre-defined policy templates let you protect common applications like Microsoft Exchange Outlook Anywhere or SharePoint quickly and easily.
Protection from the latest hacks and attacks
With a variety of advanced protection technologies including URL and form hardening, deep-linking and directory traversal prevention, SQL injection and cross-site scripting protection, cookie signing and more.
Reverse proxy
With authentication options, SSL offloading, and server load balancing ensure maximum protection and performance for your servers being accessed from the internet.
Sophos XG Firewall

Synchronized Security
Security Heartbeat™ – Your firewall and your endpoints are finally talking
Sophos XG Firewall is the only network security solution that is able to fully identify the user and source of an infection on your network and automatically limit access to other network resources in response. This is made possible with our unique Sophos Security Heartbeat™ that shares telemetry and health status between Sophos endpoints and your firewall, and integrates endpoint health into firewall rules to control access and isolate compromised systems.
The good news is, this all happens automatically, and is successfully helping numerous businesses and organizations to save time and money in protecting their environments today.
Synchronized Application Control
Using Security Heartbeat we can do much more than just see the health status of an endpoint. We also have a solution to one of the biggest problems most network administrators face today – lack of visibility into network traffic.
Synchronized Application Control automatically identifies, classifies and controls encrypted, custom, evasive, and generic HTTP or HTTPS applications which are currently going unidentified.

Lateral Movement Protection
Lateral Movement Protection automatically isolates compromised systems at every point in the network to stop attacks dead in their tracks. Healthy endpoints assist by ignoring all traffic from unhealthy endpoints, enabling complete isolation, even on the same network segment, to prevent threats and active adversaries from spreading or stealing data.
What Next-Gen Firewalls See Today
You can’t control what you can’t see. All firewalls today depend on static application signatures to identify apps But those don’t work for most custom, obscure, evasive, or any apps using generic HTTP or HTTPS.
What XG Firewall Sees
XG Firewall utilizes Synchronized Security to automatically identify, classify, and control all unknown applications easily blocking the apps you don’t want and prioritizing the ones you do.
Synchronized User ID
User authentication is critically important in a next-generation firewall but often challenging to implement in a seamless and transparent way. Synchronized User ID eliminates the need for client or server authentication agents by sharing user identity between the endpoint and the firewall through Security Heartbeat™. It’s just another great benefit of having your firewall and endpoints integrated and sharing information