Sophos XG 115 User Manual
Sophos XG Firewall
Unrivalled Security, Simplicity and Insight
Sophos XG Firewall brings a fresh new approach to the way you
manage your firewall, respond to threats, and monitor what’s
happening on your network.
Sophos XG Firewall
Sophos XG Firewall
Sophos XG Firewall provides comprehensive next-generation firewall protection
that blocks unknown threats, automatically responds to incidents, and exposes
hidden risks.
Blocks unknown threats
Sophos XG Firewall provides all the latest advanced
technology you need to protect your network from
ransomware and advanced threats including top-rated
IPS, Advanced Threat Protection, Cloud Sandboxing, Dual
AV, Web and App Control, Email Protection and a fullfeatured Web Application Firewall. And it’s easy to setup and
manage.
Automatically responds to incidents
XG Firewall is the only network security solution that is able
to fully identify the source of an infection on your network
and automatically limit access to other network resources
in response. This is made possible with our unique Sophos
Security Heartbeat™ that shares telemetry and health
status between Sophos endpoints and your firewall.
Exposes hidden risks
Sophos XG Firewall provides unprecedented visibility into
top risk users, unknown apps, advanced threats, suspicious
payloads and much more. You also get rich on-box reporting
included at no extra charge and the option to add Sophos
iView for centralized reporting across multiple firewalls.
Potent, powerful … fast
We’ve engineered XG Firewall to deliver outstanding
performance and security efficiency for the best return
on your investment. Our appliances are built using Intel
multi-core technology, solid-state drives, and accelerated
in-memory content scanning. In addition, Sophos FastPath
packet optimization technology ensures you’ll always get
maximum throughput.
Simply manage multiple firewalls
Sophos Firewall Manager provides a single console for the
complete central management of multiple XG Firewalls.
And if you also want to consolidate reporting across
multiple XG, SG, and Cyberoam appliances then with
Sophos iView, you can.
1
Sophos XG Firewall
Security features you can’t get anywhere else
XG Firewall includes a number of innovations that not only make your job a lot
easier, but also ensure your network is more secure.
A revolution in advanced threat protection –
Sophos Synchronized Security
An industry first, Synchronized Security links your endpoints
and your firewall to enable unique insights and coordination.
Security Heartbeat™ relays Endpoint health status and
enables your firewall to immediately identify and respond
to a compromised system on your network. The firewall can
isolate systems until they can be investigated and cleaned
up. Another Synchronized Security feature, Synchronized
App Control, also enables the firewall to query the endpoint to
determine the source of unknown traffic on the network.
Patented Layer-8 identity control
User identity takes enforcement to a whole new layer with
our patented Layer-8 identity based policy technology
enabling user level controls over applications, bandwidth and
other network resources regardless of IP-address, location,
network or device. It literally takes firewall policy to a whole
new layer.
Policy templates get you protected fast
Pre-defined policy templates let you protect common
applications like Microsoft Exchange or SharePoint quickly
and easily. Simply select them from a list, provide some
basic information and the template takes care of the rest.
It sets all the inbound/ outbound firewall rules and security
settings for you automatically – displaying the final policy in
a statement in plain English.
Automated user risk reports
The Sophos User Threat Quotient (UTQ) indicator is a unique
feature which provides actionable intelligence on user
behavior. Our firewall correlates each user’s surfing habits
and activity with advanced threat triggers and history to
identify users with risk-prone behavior.
Flexible deployment, no compromise
Unlike our competitors, whether you choose hardware,
software, or virtual, we don’t make you compromise – every
feature is available on every model and form- factor.
To find out more visit www.sophos.com/xgfirewall
XG Series Virtual AzureSoftware
Purpose-built devices
to provide the ultimate
in performance.
Install the Sophos Firewall
OS image on your own
Intel hardware or server.
Install on VMware,
Citrix, Microsoft
Hyper-V and KVM.
Protect your network
infrastructure in the
Azure cloud.
2
Sophos XG Firewall
Network Protection
All the protection you need to stop sophisticated attacks and advanced threats
while providing secure network access to those you trust.
Next-gen Intrusion Prevention System
Provides advanced protection from all types of modern
attacks. It goes beyond traditional server and network
resources to protect users and apps on the network as well.
Advanced Threat Protection
Instant identification and immediate response to today’s
most sophisticated attacks. Multi-layered protection
identifies threats instantly and Security Heartbeat™ provides
an emergency response.
Security Heartbeat
Creates a link between your Sophos Central protected
endpoints and your firewall to identify threats faster,
simplify investigation and minimize impact from attacks.
Easily incorporate Heartbeat status into firewall policies to
automatically isolate compromised systems.
Advanced VPN technologies
Adds unique and simple VPN technologies including our
clientless HTML5 self-service portal that makes remote
access incredibly simple or utilize our exclusive light-weight
secure RED (Remote Ethernet Device) VPN technology.
Web Protection
Comprehensive web protection and application control with powerful and
flexible policy tools ensure your networked users are secure and productive.
Powerful user and group web policy
Provides enterprise-level Secure Web Gateway policy
controls to easily manage sophisticated user and group
web controls. Apply policies based upon uploaded web
keywords indicating inappropriate use or behavior.
Advanced Web Threat Protection
Backed by SophosLabs, our advanced engine provides
the ultimate protection from today’s polymorphic and
obfuscated web threats. Innovative techniques like
JavaScript emulation, behavioral analysis, and origin
reputation help keep your network safe.
High performance transparent proxy
Optimized for top performance, our transparent proxy
technology provides ultra-low latency inspection and
HTTPS scanning of all traffic for threats and compliance.
Layer-8 Application Control and QoS
Enables user-aware visibility and control over thousands of
applications with granular policy and traffic-shaping (QoS)
options based on application category, risk, and
other characteristics.
Sandstorm Protection
Sophos Sandstorm uses next-gen cloud-sandbox technology to give your
organization an extra layer of security against ransomware and targeted attacks.
No Additional Hardware
It integrates with your XG Firewall and is cloud-delivered so
there’s no additional hardware required. Sophos Sandstorm
blocks evasive threats like ransomware, disguised as
executables, PDFs, and Microsoft Office documents —
sending them to a cloud-sandbox to be detonated and
observed in a safe environment.
3
Better Protected, Better Informed
Threat intelligence is fed back to your XG Firewall and the
file blocked or permitted. The process takes just a couple of
minutes with minimal impact for the user. And Sandstorm
gives you detailed threat reports for every incident so you
know exactly what’s going on.
Sophos XG Firewall
Email Protection
Full SMTP and POP message protection from spam, phishing and data loss
with our unique all-in-one protection that combines policy-based email
encryption with DLP and anti-spam.
Integrated Message Transfer Agent
Ensures always-on business continuity for your email,
allowing the firewall to automatically queue mail in the
event servers become unavailable.
Live Anti-Spam
Provides protection from the latest spam campaigns,
phishing attacks, and malicious attachments .
Self-serve Quarantine
Gives employees direct control over their spam quarantine,
saving you time and effort.
SPX Email Encryption
Unique to Sophos, SPX makes it easy to send encrypted
email to anyone, even those without any kind of trust
infrastructure using our patent-pending password-based
encryption technology.
Data Loss Prevention
Policy based DLP can automatically trigger encryption or
block/notify based on the presence of sensitive data in
emails leaving the organization.
Web Server Protection
Harden your web servers and business applications against hacking attempts
with a full-featured Web Application Firewall while providing secure access with
reverse proxy authentication.
Business Application Policy Templates
Pre-defined policy templates let you protect common
applications like Microsoft Exchange Outlook Anywhere or
SharePoint quickly and easily.
Reverse proxy
With authentication options, SSL offloading, and server load
balancing ensure maximum protection and performance
for your servers being accessed from the internet.
Protection from the latest hacks and
attacks
With a variety of advanced protection technologies
including URL and form hardening, deep-linking and
directory traversal prevention, SQL injection and cross-site
scripting protection, cookie signing and more.
4
Sophos XG Firewall
How to Buy
Every XG Firewall comes equipped with Base Firewall functionality including
IPSec, SSL VPN, and Wireless Protection. You can extend protection with our
bundles or by adding protection modules individually.
Network Protection Web ProtectionSandstorm Protection
All the protection you need to stop
sophisticated attacks and advanced
threats while providing secure
network access to those you trust.
Sophos Sandstorm uses next-gen
cloud-sandbox technology to give
your organization an extra layer
of security against ransomware
and targeted attacks.
Comprehensive web protection
and application control with
powerful and flexible policy tools
ensure your networked users
are secure and productive.
Security Heartbeat™ Web Server ProtectionEmail Protection
Links your Sophos endpoints with
your firewall to deliver unparalleled
protection from advanced threats
and reduce the time and complexity
of responding to security incidents.
Full SMTP and POP message protection
from spam, phishing and data loss
with our unique all-in-one protection
that combines policy-based email
encryption with DLP and anti-spam.
Harden your web servers and
business applications against
hacking attempts while providing
secure access to external users
with reverse proxy authentication.
A simple approach to comprehensive support
We build products that are simple yet comprehensive. And, we take the same approach with our support. With options
ranging from basic technical support to those including direct access to senior support engineers and customized delivery.
Standard
Licenses names
Support
Via telephone and email
Security Updates & Patches
For the life of the product
Software Feature Updates & Upgrades Included 90-days Included Included
Consulting
Remote consultation on your firewall configuration and
security with a Sophos Senior Technical Support Engineer
Warranty and RMA
For all hardware appliances
Technical Account Manager
Dedicated named technical account manager
Included with purchase
For 90 days
(business hours only)
Included with an active
software subscription
1 year (return / replace) Advance Exchange
Enhanced
Included in all bundles
Included
(24x7)
Included with an active
software subscription
(max. 5 years)
Optional
(extra cost)
Enhanced Plus
VIP Access
(24x7)
Included with an active
software subscription
Included
(up to 4 hours)
Advance Exchange
(max. 5 years)
Optional
(extra cost)
5
Loading...