Page 1
Sophos SG Series Appliances
Unleash the full potential of your network
With bandwidth requirements constantly increasing, network security
appliances need to do more than ever before. The Sophos SG Series appliances
are built to provide optimal performance, versatility, and efficiency to meet all
your security needs.
Page 2
Sophos SG Series Appliances
Unleash the full potential of your network
The Sophos SG Series appliances are designed to provide the optimal balance
between performance and protection – for diverse IT environments. Whether
you need a solution for a small remote office, want to protect your school
campus, or are a global organization requiring high-availability and enterprisegrade features, our SG Series appliances are an ideal fit.
Versatile
Appliances to suit every environment
Our broad product line-up makes it easy for you to choose
the right appliance. A higher model number indicates
higher throughput and an increased number of ports or
connectivity options.
And as every software subscription is available on every
appliance, you can flexibly size the solution to fit your
budget and your individual security needs. Next-generation
firewall features or all-in-one security on a single box, it’s
your choice.
Rapid
Proven performance on all models
Our appliances are built upon the most advanced Intel
technology. Optimized use of multi-core processors
allows consolidation of your security solutions without a
performance trade-off.
With faster than ever firewall, IPS and VPN throughput
speeds, our SG Series appliances effortlessly handle
multiple tasks simultaneously. Plus, you can easily scale up
by dynamically clustering up to 10 units* without external
load balancers.
Reliable
Built for business – today and tomorrow
Using the latest Intel technology, our products provide the
utmost in flexibility. Add to your protection as you need
it - without changing or upgrading your hardware. That
means you benefit from future software and performance
enhancements which guarantees the best possible value
for money.
Redundancy features such as a second power supply
are available for all 1U, 2U and even our Desktop models.
Additionally, the 1U SG 450 and all 2Us come with a second
hard-drive.
Modular
Flexible configuration options
Configure your hardware to suit your infrastructure and
change it as and when you need to. Our optional FleXi
Port LAN modules give you the freedom to select the
connectivity you need – copper, fiber, 10 GbE or 40 GbE–
you decide.
FleXi Port modules are interchangeable within a range, e.g.
1U, saving you money if you upgrade to a different model at
a later date.
Responsive
Technology built to process data
in real-time
Your network is constantly changing so your protection
needs to be adaptive. All our appliances have integrated
solid state disks (SSDs) for local storage of spam quarantine
data and faster access to comprehensive reports and realtime logs.
Accelerated in-memory content scanning in secure proxy
mode makes your defenses more effective and efficient.
* For HA support, appliances must be of the same model AND revision number
1
Some of our Desktop models now include an expansion bay
to add an optional module, e.g. for 3G/4G connectivity. We
also offer an optional SFP DSL modem for Desktop models.
Connected
Full wireless coverage – for every office
Our SG 100 Series desktop models with integrated wireless
are a very tidy solution for even the most compact office
space. As the access point is built in, you do not require any
extra hardware. Should you need additional coverage or
have a larger space, you can add Sophos access points.
Every one of our Desktop appliances is available with a
built-in wireless controller for you to connect and manage
Sophos access points. You can also add a 2nd Wi-Fi radio to
the SG 135w for even better performance and coverage.
Page 3
Sophos SG Series Appliances
Adapt Connectivity with Optional Modules
Connectivity Modules for Desktop Models
Add additional connectivity options to your Desktop appliances to enhance the range and performance of your network.
Modules for Desktops
(For XG/SG 125(w) and 135(w) Rev. 3 only)
2 external antennas, SIM card slot (2FF)
Supports LTE (Cat-6)/DC-HSPA+/HSPA+/HSPA/
UMTS (WCDMA, APAC version also TD-SCDMA)
3G/4G Module:
SFP format supports all VDSL2 standards
defined in ITU –T G.993.2, G.994.1, G.997.1, and
the VDSL2 profiles 8a, 8b, 8c, 8d, 12a, 12b, 17a
FleXi Port Modules for 1U and 2U
Configure your hardware to suit your infrastructure and change it as and when you need to. Our optional FleXi Port LAN
modules give you the freedom to select the connectivity you need – copper, fiber, 10GbE, 40 GbE – you decide.
FleXi Port Modules for 1U FleXi Port Modules for 2U
DSL Modem – SFP:
(for XG/SG 1xx(w) Rev.3 only)
2nd Wi-Fi Radio Module:
(For XG/SG 135w Rev.3 only)
802.11a/b/g/n/ac, 2 x 2 MIMO,
2.4 or 5 GHz, 2 external antennas
8 port GbE copper FleXi Port module
(for SG/XG 2xx/3xx/4xx only)
8 port GbE SFP FleXi Port module
(for SG/XG 2xx/3xx/4xx only)
2 port 10 GbE SFP+ FleXi Port module
(for SG/XG 2xx/3xx/4xx only)
4 port 10 GbE SFP+ FleXi Port module
(for SG/XG 2xx/3xx/4xx only)
2 port 40 GbE QSFP+ FleXi Port module
(for SG/XG 210 Rev.3 and SG/XG
230, 3xx and 4xx Rev.2 only)
4 port GbE copper PoE FleXi Port module
(for SG/XG 210 Rev.3 and SG/XG
230, 3xx and 4xx Rev.2 only)
8 port GbE copper FleXi Port module
(for XG 750 and SG/XG 550/650 Rev.2 only)
8 port GbE SFP FleXi Port module
(for XG 750 and SG/XG 550/650 Rev.2 only)
2 port 10 GbE SFP+ FleXi Port module
(for XG 750 and SG/XG 550/650 Rev.2 only)
4 port 10 GbE SFP+ FleXi Port module
(for XG 750 and SG/XG 550/650 Rev.2 only)
2 port 40 GbE QSFP+ FleXi Port module
(for XG 750 and SG/XG 550/650 Rev.2 only)
8 port GbE copper PoE FleXi Port module
(for SG/XG 210 Rev.3 and SG/XG
230, 3xx and 4xx Rev.2 only)
Please note: Transceivers (mini GBICs) are sold separately.
2
Page 4
Sophos SG Series Appliances
Sophos SG Series Appliances – at a glance
Product Matrix
Model Tech. Specs Throughput
Revision #
SG 105(w) 3 desktop 4 a/b/g/n/ac opt. ext. Power 2,500 325 350 380
SG 115(w) 3 desktop 4 a/b/g/n/ac opt. ext. Power 2,700 425 500 500
SG 125(w) 3 desktop 9/1 (9) a/b/g/n/ac
SG 135(w) 3 desktop 9/1 (9) a/b/g/n/ac
SG 210 3 1U 8/1 (16) n/a opt. ext. Power 12,000 1,000 2,000 500
SG 230 2 1U 8/1 (16) n/a opt. ext. Power 14,500 2,000 3,000 800
SG 310 2 1U 12/1 (20) n/a opt. ext. Power 19,000 3,000 5,000 1,200
SG 330 2 1U 12/1 (20) n /a opt. ext. Power 22,000 4,000 6,000 1,500
SG 430 2 1U 10/2 (26) n/a opt. ext. Power 28,000 4,000 7,000 2,000
SG 450 2 1U 10/2 (26) n/a opt. int. Power 30,000 5,000 8,000 2,500
Form
Factor
Ports/Slots
(Max Ports)
w-model 802.11
wireless
Swappable
Components
opt. ext. Power,
3G/4G
opt. ext. Power,
3G/4G, Wi-Fi
Firewall
(Mbps)
3,100 500 750 650
6,000 1,000 1,500 1,400
*
VPN
(Mbps)
IPS
(Mbps)
AV-proxy
(Mbps)
SG 550 2 2U 8/4 (32) n/a Power, SSD, Fan 45,000 8,000 12,000 3,500
SG 650 2 2U 8/6 (48) n/a Power, SSD, Fan 65,000 10,000 16,000 5,000
* 2nd Wi-Fi module option on 135w only (requires UTM 9.508)
This is what you get with every Sophos SG Series firewall:
Ì The latest Intel multi-core technology for optimal performance and efficiency
Ì The same security features available on every size of appliance
Ì Built-in SSD as storage for local quarantine data, logs and reporting
Ì FleXi Port modules available for all 1U and 2U appliances (interchangeable within a range, e.g. 1U)
Ì Add-on connectivity options for all Desktop models
Ì Optional redundant power supply for every model, incl. Desktops
Ì Free Sophos UTM Manager (SUM) to manage multiple appliances
Ì Possibility to dynamically cluster up to 10 appliances of the same model and revision – without external load balancers
3
Page 5
Sophos SG Series Appliances
Sophos SG Series Appliances - Small
These desktop firewalls offer exceptional performance for models in this class
and are available with the same broad set of security features as all our other
appliances. The following diagrams show typical deployments in this range
using both integrated wireless LAN and external access points.
Protected
Network
SG 135w
LT E
Sophos
AP for expanded
wireless coverage
Large Branch Office
Internet
Protected
Network
Sophos RED SG 105w Protected
Branch Office
Sophos Wireless
Protection
Protected
Network
SG 330 Mail
Server
Central Office
A typical deployment scenario using the SG 135w and SG 105w as part of a distributed organization.
Network
Standalone Office
Domain
Server
UTM
Manager
4
Page 6
Sophos SG Series Appliances
Sophos SG Series Desktop Appliances:
SG 105, SG 105w, SG 115, SG 115w
Technical Specifications
These desktop firewall appliances offer an excellent price-to-performance ratio making them ideal for budget-conscious
small businesses or branch offices. They are available with or without integrated 802.11ac wireless LAN, so you can even
have an all-in-one network security and hotspot solution without the need for additional hardware. Of course, you can
also add external access points. With Intel multi-core technology designed for best performance and efficiency in a small
form factor, these models come equipped with 4 GbE copper ports built-in and 1 shared SFP interface, e.g. for use with our
optional DSL modem or an SFP transceiver for fiber connectivity. An optional second power supply provides an unmatched
redundancy option in this product segment. Select the software modules of your choice, or choose TotalProtect Plus for the
full set of security features plus appliance.
Front View
Status LEDs
(w-model has additional Wi-Fi LED)
Back View
2 x external antenna
(SG 105w and SG 115w only)
Connector for optional 2nd
redundant power supply
HDMI
Power Supply
1 x COM
(RJ45)
2 x
USB 2.0
1 x GbE SFP
(shared)
1 x Micro
USB
1 x
4 x GbE
copper port
Environment
Power consumption 8.88W, 30.28 BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 10%-90%, non-condensing
10.44W, 35.6 BTU/hr (full load)
-20 to +80°C (storage)
Product Certifications
Certifications CB, UL, CE, FCC, ISED, VCCI, MIC (Japan),
RCM, CCC, KC
Planned: BIS
Performance SG 105(w) Rev. 3 SG 115(w) Rev. 3
Firewall throughput 2,500 Mbps 2,700 Mbps
VPN throughput 325 Mbps 425 Mbps
IPS throughput 350 Mbps 500 Mbps
Antivirus throughput (proxy) 380 Mbps 500 Mbps
Concurrent connections 1,000,000 1,000,000
New connections/sec 17,000 21,000
Maximum licensed users unrestricted unrestricted
Wireless Specification (SG 105w and SG 115w only)
No. of antennas 2 external
MIMO capabilities 2 x 2:2
Wireless interface 802.11a/b/g/n /ac (2.4 GHz / 5 GHz)
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces (fixed) 4 GbE copper
Connectivity modules
(optional)
I/O ports (rear) 2 x USB 2.0
Power supply External auto ranging DC: 12V,
Redundant PSU optional (external)
integrated SSD
1 GbE SFP (shared)
SFP DSL module (VDSL2)
SFP transceivers
1 x Micro-USB
1 x COM (RJ45)
1 x HDMI
100-240VAC, 36W@50-60 Hz
*
Physical specifications
Mounting Rackmount kit available
Dimensions
Width x Depth x Height
Weight 1.11 kg / 2.45 lbs (unpacked)
* SFP transceivers sold separately
(to be ordered separately)
225 x 150 x 44 mm
8.86 x 5.91 x 1.73 inches
1.84 kg / 4.06 lbs (packed)
5
Page 7
Sophos SG Series Appliances
Sophos SG Series Desktop Appliances:
SG 125, SG 125w, SG 135, SG 135w
Technical Specifications
These powerful firewall appliances offer 1U performance with a desktop form factor and price. If you have a small business
or branch offices to protect and are working on a tight budget, these models are the ideal choice. They are also available
with integrated 802.11ac wireless LAN for optimal coverage and connectivity for your mobile workers. Built upon the
latest Intel architecture, our software makes optimal use of the multi-core technology to provide excellent throughput
for all your key processes. These models come equipped with 8 GbE copper ports built-in, plus 1 SFP port, e.g. for use
with our optional DSL modem or fiber connectivity using an SFP transceiver. An expansion bay provides the option to add
additional connectivity such as our 3G/4G module. A 2nd Wi-Fi radio module is also available for the SG 135w. An optional
second power supply ensures business continuity for these models. As with all our SG firewalls, up to 10 appliances can be
dynamically clustered for greater scalability (must be the same model and revision number for HA).
Front View
Status LEDs
(w-model has additional Wi-Fi LED)
Back View
3 x external antenna
(SG 125w and
SG 135w only)
1 x Micro
USB
1 x COM
(RJ45)
Power
Supply
Optional 2nd redundant
power supply
HDMI
1 x
2 x
USB 2.0
1 x GbE
SFP
8 x GbE
copper port
Expansion bay
(shown with optional
module incl. 2 antennas)
Environment
Power consumption 18.6W, 63.426 BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 10%-90%, non-condensing
20.04W, 68.336 BTU/hr (full load)
-20 to +80°C (storage)
Product Certifications
Certifications CB, UL, CE, FCC, ISED, VCCI, MIC (Japan),
RCM, CCC, KC
Planned: BIS
Performance SG 125(w) Rev. 3 SG 135(w) Rev. 3
Firewall throughput 3,100 Mbps 6,000 Mbps
VPN throughput 500 Mbps 1,000 Mbps
IPS throughput 750 Mbps 1,500 Mbps
Antivirus throughput (proxy) 700 Mbps 600 Mbps
Concurrent connections 2,002,930 2,002,930
New connections/sec 25,000 36,000
Maximum licensed users unrestricted unrestricted
Wireless Specification (SG 125w and SG 135w only)
No. of antennas 3 external
MIMO capabilities 3 x 3:3
Wireless interface 802.11a/b/g/n/ac (2.4 GHz / 5 GHz)
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces (fixed) 8 GbE copper
I/O ports (rear) 2 x USB 2.0
No. of expansion slots: 1
Connectivity Modules
(optional):
802.11ac Wi-Fi radio 2x2:2 (SG 135w only)
Power supply External auto ranging DC: 12V,
Redundant PSU optional (external)
integrated SSD
1 GbE SFP
1 x Micro-USB
1 x COM (RJ45)
SFP DSL module (VDSL2)
3G/4G module
SFP transceivers
100-240VAC, 36W@50-60 Hz
*
1 x HDMI
Physical specifications
Mounting Rackmount kit available
Dimensions
Width x Depth x Height
Weight 1.8 kg / 3.97 lbs (unpacked)
* SFP transceivers sold separately
(to be ordered separately)
305 x 205 x 44 mm
12 x 8.07 x 1.73 inches
2.7 kg / 5.95 lbs (packed)
6
Page 8
Sophos SG Series Appliances
Sophos SG Series Appliances - Medium
Whatever your deployment scenario, these appliances can handle multiple
security solutions in every situation. The following diagrams show typical
deployments in this range.
Network
Site-to-Site VPN
Internet
Protected
Network
Scenario using SG Series appliances and RED for branch offices
Sophos RED SG 210 Protected
AP 55C SG 330 Mail
Protected
Network
SG 230
Central Office
HA/Cluster
AP 55CProtected
Branch Office
Server
Network
Branch OfficeSmall Branch Office
Domain
Server
SG 450
Internet
Mail
Server
AP 15
Web
Server
Protected
Network
Deployment scenario with cluster of two SG 450 appliances. For HA support, appliances must be of the same model AND revision number.
7
AP 55AP 55C SG 450
FTP
Server
Domain
Controller
DB
Server
Page 9
Sophos SG Series Appliances
Sophos SG Series Appliances: SG 210, SG 230
Technical Specifications
The Sophos SG 210 and SG 230 are designed to protect small to mid-sized businesses and branch offices. Based on the
latest Intel technology and equipped with 6 GbE copper ports, 2 GbE SFP ports plus one FleXi Port slot to configure with
an optional module, they provide high flexibility and throughput at an excellent price-to-performance ratio. As with all SG
models, you can dynamically cluster up to 10 of these appliances.
Front View
6 x GbE copper – fixed.
2 x
Incl. 2 bypass pairs
(ports E0/1 and E2/3)
Micro USB
2 x GbE SFP
– fixed
1 x expansion bay
(shown here with optional
FleXi Port module)
Multi-function
LCD display
Navigation
for LCD
1 x COM
(RJ45)
USB 3.0
Back View
Connector for optional 2nd
PoE Power Module
external power supply
1 x
HDMIConnector for optional
USB 3.0
Power supply
Power switch
Environment
Power consumption SG 210: 19W, 65 BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 10%-90%, non-condensing
35W, 119 BTU/hr (full load)
SG 230: 21W, 72 BTU/hr (idle)
41W, 141 BTU/hr (full load)
-20 to +80°C (storage)
Product Certifications
Certifications CB, UL, CE,FCC Class A,
ISED, VCCI, RCM, CCC, KC, BIS
Performance SG 210 Rev. 3 SG 230 Rev. 2
Firewall throughput 12 Gbps 14.5 Gbps
VPN throughput 1 Gbps 2 Gbps
IPS throughput 2 Gbps 3 Gbps
Antivirus throughput (proxy) 500 Mbps 800 Mbps
Concurrent connections 4,000,000 4,000,000
New connections/sec 60,000 70,000
Maximum licensed users unrestricted unrestricted
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces (fixed) 6 GbE copper (incl. 2 bypass pairs)
No. of FleXi Port slots 1
FleXi Port modules (optional) 8 port GbE copper
I/O ports 2 x USB 3.0 (front)
Display Multi-function LCD module
Power supply Internal auto-ranging
Redundant PSU optional (external)
integrated SSD
2 GbE SFP
8 port GbE SFP
*
*
2 port 10 GbE SFP+
4 port 10 GbE SFP+
2 port 40 GbE QSFP+
4 port GbE PoE
8 port GbE PoE
1 x Micro USB (front)
1 x USB 3.0 (rear)
1 x COM (RJ45) (front)
1 x HDMI (rear)
90-264VAC, 50-60 Hz
*
*
*
Physical specifications
Mounting 1U rack mount
Dimensions
Width x Depth x Height
Weight 5.2 kg / 11.46 lbs (unpacked)
* Transceivers (mini GBICs) sold separately
(2 rackmount ears included)
438 x 344.4 x 44mm
17.24 x 13.56 x 1.75 inches
7.2 kg / 15.87 lbs (packed)
8
Page 10
Sophos SG Series Appliances
Sophos SG Series Appliances: SG 310, SG 330
Technical Specifications
The Sophos SG 310 and SG 330 are scalable appliances suitable for distributed organizations or mid-sized companies.
With solid-state drives for on-box reporting, logs and spam quarantine, they’re highly responsive even in high traffic
environments. Each model is equipped with 8 GbE copper ports, 2 GbE SFP and 2 10 GbE SFP+ fiber ports plus one FleXi
Port slot to configure with an optional module. They provide optimal performance and flexibility.
Front View
Multi-function
LCD display
Navigation
for LCD
1 x COM
(RJ45)
2 x
USB 3.0
Incl. 2 bypass pairs
(ports E0/1 and E2/3)
Micro USB
2 x GbE SFP –
fixed
2 x 10 GbE
SFP+ – fixed
1 x expansion bay
(shown here with optional
FleXi Port module)
8 x GbE copper – fixed.
Back View
Connector for optional 2nd
PoE Power Module
external power supply
1 x
HDMIConnector for optional
USB 3.0
Power supply
Power switch
Environment
Power consumption SG 310: 32W, 109 BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 10%-90%, non-condensing
49W, 167 BTU/hr (full load)
SG 330: 36W, 122 BTU/hr (idle)
54W, 184 BTU/hr (full load)
-20 to +80°C (storage)
Product Certifications
Certifications CB, UL, CE,FCC Class A,
ISED, VCCI, RCM, CCC, KC, BIS
Performance SG 310 Rev. 2 SG 330 Rev. 2
Firewall throughput 19 Gbps 22 Gbps
VPN throughput 3 Gbps 4 Gbps
IPS throughput 5 Gbps 6 Gbps
Antivirus throughput (proxy) 1.2 Gbps 1.5 Gbps
Concurrent connections 6,000,000 6,000,000
New connections/sec 100,000 120,000
Maximum licensed users unrestricted unrestricted
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces (fixed) 8 GbE copper (incl. 2 bypass pairs)
No. of FleXi Port slots 1
FleXi Port modules (optional) 8 port GbE copper
I/O ports 2 x USB 3.0 (front)
Display Multi-function LCD module
Power supply Internal auto-ranging
Redundant PSU optional (external)
integrated SSD
2 GbE SFP
2 10 GbE SFP+
8 port GbE SFP
*
2 port 10 GbE SFP+
4 port 10 GbE SFP+
2 port 40 GbE QSFP+
4 port GbE PoE
8 port GbE PoE
1 x Micro USB (front)
1 x USB 3.0 (rear)
1 x COM (RJ45) (front)
1 x HDMI (rear)
90-264VAC, 50-60 Hz
*
*
*
Physical specifications
Mounting 1U rack mount
Dimensions
Width x Depth x Height
Weight 5.8 kg / 12.79 lbs (unpacked)
* Transceivers (mini GBICs) sold separately
9
(2 rackmount ears included)
438 x 405.5 x 44mm
17.24 x 15.96 x 1.75 inches
8.1 kg / 17.86 lbs (packed)
Page 11
Sophos SG Series Appliances
Sophos SG Series Appliances: SG 430, SG 450
Technical Specifications
The Sophos SG 430 and SG 450 offer enterprise performance for distributed organizations or larger mid-sized companies.
The connectivity options are second to none for rack mountable appliances, with each model coming equipped with a 8
GbE copper ports plus 2 10 GbE SFP+ fiber ports and 2 additional FleXi Port slots which you can configure with your choice
of optional modules. For high-availability, the SG 450 also offers unparalleled redundancy features in a 1U appliance with a
second SSD (RAID) integrated and an optional second power supply is available for both models.
Front View
Multi-function
LCD display
for LCD
IPMI
MGMT
port
USB 3.0
2 x
1 x COM
(RJ45)
8 x GbE copper – fixed.
Incl. 2 bypass pairs
(ports E0/1 and E2/3)
Micro USBNavigation
2 x GbE SFP+
– fixed
2 x expansion bay
(shown here with optional
FleXi Port module)
Back View SG 430
Connector for optional 2nd
PoE Power Module
external power supply
1 x
USB 3.0
Power supply
Power switchHDMIConnector for optional
Back View SG 450
Power supply
Space for optional 2nd hot
swappable power supply
PoE Power Module
Power switch
HDMIConnector for optional
USB 3.0
1 x
Environment
Power consumption SG 430: 28W, 96 BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 10%-90%, non-condensing
79W, 270 BTU/hr (full load)
SG 450: 31W, 107 BTU/hr (idle)
83W, 283 BTU/hr (full load)
-20 to + 80°C (storage)
Performance SG 430 Rev. 2 SG 450 Rev. 2
Firewall throughput 28 Gbps 30 Gbps
VPN throughput 4 Gbps 5 Gbps
IPS throughput 7 Gbps 8 Gbps
Antivirus throughput (proxy) 2 Gbps 2.5 Gbps
Concurrent connections 8,000,000 8,000,000
New connections/sec 130,000 140,000
Maximum licensed users unrestricted unrestricted
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces (fixed) 8 GbE copper (incl. 2 bypass pairs)
No. of FleXi Port slots 2
FleXi Port modules (optional) 8 port GbE copper
I/O ports 2 x USB 3.0 (front)
Display Multi-function LCD module
Power supply Internal auto-
integrated SSD integrated SSD x2
2 10 GbE SFP+
8 port GbE SFP
2 port 10 GbE SFP+
4 port 10 GbE SFP+
2 port 40 GbE QSFP+
*
*
*
*
4 port GbE PoE
8 port GbE PoE
1 x Micro USB (front)
1 x USB 3.0 (rear)
1 x COM (RJ45) (front)
1 x IPMI (front)
1 x HDMI (rear)
Internal auto-
ranging
90-264VAC,
50-60 Hz
Redundant PSU
optional (external)
ranging
90-264VAC,
50-60 Hz
Hot Swap
Redundant PSU
optional (internal)
Product Certifications
Certifications CB, UL, CE, FCC Class A, ISED,
VCCI, RCM, CCC, KC, BIS
Physical specifications
Mounting 1U rackmount (sliding rails incl.)
Dimensions
Width x Depth x Height
Weight 7.6 kg / 16.76
* Transceivers (mini GBICs) sold separately
438 x 483 x 44mm
17.24 x 19 x 1.75 inches
lbs (unpacked)
12.7 kg / 28
lbs (packed)
7.8 kg / 17.2 lbs
(unpacked)
13.8 kg / 30.42
lbs (packed)
10
Page 12
Sophos SG Series Appliances
Sophos SG Series Appliances - Large
These 2U firewalls offer the ultimate in performance and connectivity for the
most demanding deployment scenarios. The following diagram shows a typical
deployment in this range and demonstrates their scalability which is ideally
suited for larger distributed organizations.
Sophos RED Sophos RED SG 210 SG 210 SG 230
Sophos RED
SG 230
Internet
Multiple Small/Home Offices
UTM
Manager
Mail
Server
Web
Server
FTP
Server
SG 650
SG 650
Domain
Controller
Multiple Branch Offices
DB
Server
Application
Server
HA/Cluster
Data Center
Deployment scenario showing a cluster of two SG 650 appliances as part of a large distributed organization with Sophos REDs to protect
small or home offices and other SG appliances to protect branch offices. For HA support, appliances must be of the same model AND
revision number
11
Page 13
Sophos SG Series Appliances
Sophos SG Series Appliances: SG 550, SG 650
Technical Specifications
The Sophos SG 550 and SG 650 are high-performance firewalls equipped to provide protection for larger distributed
organizations and data center environments. They offer the fastest Intel CPU technology available today to effortlessly
handle use as an all-in-one solution or a powerful next-generation firewall. The models offer either 4 (SG 550) or 6 (SG 650)
FleXi Port expansion bays to tailor your connectivity to your environment. An 8 port GbE copper module is supplied as a
default. Hot-swappable dual SSDs and power supplies are standard redundancy features in this class. Cluster up to 10 of
these appliances for larger deployments or simply add an additional appliance as a failover for high availability.
Front View SG 550
2 x hot-swap
SSD (RAID-1)
Navigation
for LCD
2 x management port
2 x USB 2.0
1 x COM (RJ45)
Multi-function LCD display
Front View SG 650
2 x hot-swap
SSD (RAID-1)
Navigation
for LCD
2 x management port
2 x USB 2.0
1 x COM (RJ45)
Multi-function LCD display
Back View
1 x USB 3.0 1 x VGA port Power switch
4 expansion bays for Flexi Port
modules. 1 x 8 port GbE copper module
supplied as default (removable)
6 expansion bays for Flexi Port
modules. 1 x 8 port GbE copper module
supplied as default (removable)
Performance SG 550 Rev. 2 SG 650 Rev. 2
Firewall throughput 45 Gbps 65 Gbps
VPN throughput 8 Gbps 10 Gbps
IPS throughput 12 Gbps 16 Gbps
Antivirus throughput (proxy) 3.5 Gbps 5 Gbps
Concurrent connections 12,000,000 20,000,000
New connections/sec 100,000 160,000
Maximum licensed users unrestricted unrestricted
Physical interfaces
Storage (local
quarantine/logs)
Ethernet interfaces
(removable)
No. of FleXi Port slots 4 6
FleXi Port modules (optional) 8 port GbE copper
I/O ports 2 x USB 2.0 (front)
Display Multi-function LCD module
Power supply 2 x hot-swap internal auto-ranging
2 x integrated hot-swap SSD (RAID)
8 GbE copper
8 port GbE SFP
2 port 10 GbE SFP+
4 port 10 GbE SFP+
2 port 40 GbE QSFP+
*
*
*
*
1 x USB 3.0 (rear)
2 x Mgmt Port (eth0/eth1, front)
1 x COM (RJ45) (front)
1 x VGA (rear)
100-240VAC, 50-60 Hz PSU
4 x swappable fan
2 x hot swappable
power supply
Environment
Power consumption SG 550: 270.5W, 922.98BTU/hr (idle)
Operating temperature 0-40°C (operating)
Humidity 5%-90%, non-condensing
416.1W, 1419.79BTU/hr (full load)
SG 650: 320.5W, 1093.59BTU/hr (idle)
493.1W, 1682.53BTU/hr (full load)
-40 to +70°C (storage)
Product Certifications
Certifications CB, UL, CE, FCC Class A, ISED,
VCCI, RCM, CCC, KC, BIS
Physical specifications
Mounting 2U sliding rails (included)
Dimensions
Width x Depth x Height
Weight 17.8 kg / 39.24 lbs (unpacked)
* Transceivers (mini GBICs) sold separately
438 x 600 x 88 mm
17.24 x 23.62 x 3.46 inches
27 kg / 59.53 lbs (packed)
12
Page 14
Sophos SG Series Appliances
Flexible licensing options
Total Protect and Total Protect Plus bundles
Most Sophos customers choose our Total Protect bundles. They give you everything you need to secure your organization in
one easy-to-manage license: an SG appliance, a FullGuard or FullGuard Plus subscription, and your technical support.
FullGuard/FullGuard Plus
FullGuard combines all our core licenses in one cost-effective subscription for complete security: Essential Firewall,
Network Protection, Web Protection, Email Protection, Wireless Protection and Web Server Protection. FullGuard Plus
additionally includes Sandstorm Protection.
BasicGuard
Our BasicGuard subscription incorporates all the essential security features you need for your small business. Should you
want to extend your protection even further, you can upgrade to a FullGuard license at any time. BasicGuard is only available
with the SG 105, SG 115, SG 105w and SG 115w appliances.
Individual modules
All our modules are also available as individual subscriptions. Simply choose the ones you need.
Modules Licensing options
Individual
Modules
Essential Firewall - Free
Network Firewall, NAT, Native
Windows Remote Access
Network Protection
IPSec/SSL, ATP, VPN, IPS, DoS Protection
Web Protection
URL Filtering, Application Control,
Dual Engine Antivirus
Email Protection
Anti-spam, Email Encryption and
DLP, Dual Engine Antivirus
Wireless Protection
Wireless Controller, Multi-SSID
Support, Captive Portal
Webserver Protection
Web Application Firewall,
Reverse Proxy, Antivirus
Sandstorm Protection
Cloud-based Sandboxing
subscriptions BasicGuard FullGuard FullGuard Plus
Yes Full Full Full
Yes Basic Full Full
Yes Basic Full Full
Yes Basic Full Full
Yes Basic Full Full
Yes - Full Full
Yes Optional Optional Full
Extend your security
Sophos RED Simply secure your branch offices by forwarding all traffic to the central Sophos UTM. Installation requires no
technical training and there is no ongoing maintenance.
Sophos WiFi Access Points Configurationless access points are instantly protected by the UTM, letting you create secure
networks for your employees or guest hotspots for your visitors.
VPN Clients Secure SSL or IPsec VPNs provide mobile and home workers with secure remote access from any location
at any time.
Free UTM Manager Centrally manage multiple UTM devices through IPsec VPN tunnels; deploy policies in just a few clicks.
13
Page 15
Sophos SG Series Appliances
Awards and Reviews
Sophos SG Series UTM has garnered many awards over the years for the level of protection, usability and performance.
For example, in 2017, Sophos was once again named by Gartner as a Leader in the Magic Quadrant for Unified Threat
Management* – for the sixth year in a row. Download the full report to find out what Gartner says about us.
“It all adds up to an appliance that gets it right on almost
every level: easy deployment, a huge range of features and
a tempting price make the SG 115w the perfect choice for
SMBs.”
Independent test vendor Miercom conducted rigorous
testing of the Sophos SG Series alongside comparative
appliances from other vendors. They found the Sophos SG
230 and SG 210 proved best in competitive performance
tests compared to other leading UTM product solutions.
Sophos UTM is tested by trained ICSA Labs firewall
analysts and continuously deployed in the ICSA Firewall
Lab to routinely test products against the latest security
vulnerabilities.
* Gartner Magic Quadrant for Unified Threat Management, Jeremy D’Hoinne, Adam Hils,
Rajpreet Kaur, 20 June 2017.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest
ratings. Gartner research publications consist of the opinions of Gartner’s research
organization and should not be construed as statements of fact. Gartner disclaims all
warranties, expressed or implied, with respect to this research, including any warranties of
merchantability or fitness for a particular purpose.
United Kingdom and Worldwide Sales
Tel: +44 (0)8447 671131
Email: sales@sophos.com
© Copyright 2018. Sophos Ltd. All rights reserved.
Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK
Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are
trademarks or registered trademarks of their respective owners.
18-05-03 BRNA (2908-DD)
North American Sales
Toll Free: 1-866-866-2802
Email: nasales@sophos.com
Try it now for free
Register for a free 30-day evaluation
at sophos.com/try-utm
Australia and New Zealand Sales
Tel: +61 2 9409 9100
Email: sales@sophos.com.au
Asia Sales
Tel: +65 62244168
Email: salesasia@sophos.com
Loading...