For an IT-guy like me who feels IT-security is an important thing, both at work and at home it is really welcome that Sophos is offering XG Firewall free of charge for home use.
XG Firewall offers the following subscription modules for individual purchase or as part of bundles:. Sandstorm Protection. Network Protection. Web Protection. Email Protection. Web Server Protection. XG Firewall Feature List. For a complete list of features in each module. The key differences from Sophos UTM are.
You can sign up for Sophos Home, a free anti-virus solution where you can manage up to three computers from a central management console.
Besides Sophos Home, for a long time Sophos also provides their firewall solution completely free of charge for use in home environments. Both the Sophos UTM and Sophos XG Firewall products are available for free.
Sophos UTM is a firewall that has been around for many years now. It has evolved from the Astaro firewall which Sophos has acquired back in 2011.
The Sophos XG 210 firewall is one of the best mid-range firewalls that offers superior performance with a simple management interface. These XG 210 firewalls are rated for 101-200 users, 16 Gbps firewall throughput, and 1.5 Gbps VPN throughput. Every XG Firewall comes equipped with Base Firewall functionality including IPSec, SSL VPN, and Wireless Protection. You can extend protection with our bundles or by adding protection modules individually. Sophos XG Firewall Value Bundles. For the ultimate in protection, value, and peace-of-mind, get one of our convenient Value Bundles. Azure Firewall is ranked 22nd in Firewalls with 10 reviews while Sophos XG is ranked 6th in Firewalls with 70 reviews. Azure Firewall is rated 7.4, while Sophos XG is rated 8.0. The top reviewer of Azure Firewall writes 'Easy to set up, good integration, and the technical support is good'. I have deployed Sophos XG 135 in my organization and the firewall is working as per our requirements. Sophos XG is the best for a firewall for SME organizations.It is cost-effective and easy to manage. SSL VPN and AD Integration are working fine.
Sophos’ latest firewall product is called XG Firewall; a completely rewritten firewall really aiming at the future. This blogpost describes how to get and install Sophos XG Firewall Home Edition.
From the Sophos website:
“Our Free Home Use XG Firewall is a fully equipped software version of the Sophos XG firewall, available at no cost for home users – no strings attached. Features full protection for your home network, including anti-malware, web security and URL filtering, application control, IPS, traffic shaping, VPN, reporting and monitoring, and much more.”
This blogpost contains several steps. Use the following links to jump directly to any step or continue reading for a step-by-step instruction.
1: Get the software
2: Install the software
3: registering and activating the firewall
4: Installation finished
Step 1: Get the software
Go to the Sophos website and click on Get Started.
Here you need to register for your free serial number that you need later during installation. You will receive the serial number by email. After filling in the details and submitting them, you’ll see the following page that confirms successful registration.
From here you can immediately download the ISO file that you need to install the software. When installing on a real physical computer, you need to either burn the ISO to a rewriteable CD/DVD or to a USB memory stick using the Rufus tool. When using Rufus remember to write in DD image mode, not ISO image mode.
Step 2a: Install the software
Before installing the firewall beware that the installation will completely erase disk in the machine.
After starting the installer you get one warning that the disk will be erased and the opportunity to stop the installation.
Press ‘y’ to continue. The installation will start and after a short wait it will tell you that the installation has finished. Remove the installer disk and press ‘y’ again to reboot the machine. After restarting the system greets you with a password prompt.
Step 2b Basic configuration
Enter the default password: admin en press enter, next the End User License Agreement will show.
If you agree with the EULA, then press A, and the main menu will show:
The firewall is now ready to be setup from a web browser. It may however be convenient to first configure the IP-address of the LAN interface. The default IP-address is 172.16.16.16 which may not be reachable from the computer you use to configure the firewall. To change the IP-address press 1 in the Main Menu for Network Configuration, then 1 for Interface Configuration. The system will show the currently configured and/or assigned IP-addresses for the LAN and WAN interface. First it will show the LAN interface (172.16.16.16/255.255.255.0), then after continuing it will show details of the WAN interface.
After showing both interfaces the system asks if you want to set the IPv4 Address. Choose ‘y’ and Enter to do so and fill in the correct values for your own network:
Sophos Xg Firewall Costco
After entering the correct values for use in your own network it will show the configuration is Done. The WAN-port cannot be set from here at this time. After confirming the system will ask if you want to also set the IPv6 Address. If necessary then do so, otherwise just hit Enter for no.
The Network configuration menu will show again. Press 0 to exit to the main menu and 0 again to exit from the menu and log out.
Step 3a: registering and activating the firewall
After setting up and preparing the IP-address of the firewall it’s time to start a browser on your management computer and browse to: https://<ipaddress>:4444 where <ipaddress> of course is the IP-address you have given the firewall’s LAN port.
You will see a certificate warning when you open the page. This is because of a self-signed certificate on the firewall.
It is safe to skip this specific warning, so by clicking on Advanced, you can continue loading the website (different web browsers may show the warning somewhat different).
After clicking on ‘Click to begin’ you first need to change the default admin password. Also if the WAN-port is already connected correctly (DHCP-address from modem or router) then you can leave the checkbox to install the latest firmware automatically during setup enabled. Also you need to once more accept the EULA and acknowledge Sophos’ Privacy Policy to continue.
After continuing, you’ll need to setup the firewall’s name and time zone.
Next step is to register the firewall (you can skip this step for the first thirty days, but after this time you must register to keep the firewall up-and-running. You will have received the serial number by email after step 1 of this instruction.
After entering the serial number your firewall should be registered. For this you need to create a Sophos ID or log in to it if you already have one. From your Sophos ID you will always have access to your serial number and downloads at a later time.
After registering the license can immediately be synchronized with your firewall
3b. finishing basic configuration
Sophos Xg Firewall Price In Pakistan
After continuing the next step is to configure the LAN settings. Your IP-address is most likely already configured correctly, but you can also enable a DHCP server on the LAN if you need it or just disable it if you don’t.
Then the setup will ask you if and which network protection features you would like to need.
The first three options are valid for Home Use, the last one about Sandstorm will not work for the Home use version.
The explanation under each of the features should be enough explanation.
Next step is to configure whether or not you would like to receive weekly backups by email automatically.
If you do want to receive the weekly backups, you also need to enter a password that is used to protect the configuration backup files. Do not loose this password, otherwise you will not be able to restore the backup at a later moment.
Next the system will show you a summary of all the selected options during the install, and after clicking on Finish the system will apply all the settings and restart automatically after it finishes.
You can now just wait, the page will refresh once the firewall has restarted and it will show you the login screen.
3c. First login
After logging in for the first time the system will ask you to create a secure storage master key. You can skip this step, but it will come back each time you login, so it’s best to create one and make sure to safe it somewhere secure. You will need this key once you need to restore a backup or when you need to import a configuration.
The system will ask you to confirm that you stored the key in a safe place so you can recover should you need it again (possibly not until after a few years).
Step 4: Installation finished
The basic installation is now ready. If you enabled a DHCP server then you can connect new computers to the LAN-side of the firewall and they will automatically receive a local IP-address and have their default gateway set correctly. In fact these machines should immediately have access to the internet protected by your newly setup XG firewall.
Now your basic setup is complete, you may also want to read my article: Configure XG-firewall for Home use.
This article lists a few additional steps I recommend in a home-network.
Furthermore I highly recommend you to register an account in the Sophos Community. That’s the place where you can find a lot of information and highly skilled people that can quickly help you in case you run into problems or if you have some questions on how to configure certain settings in your situation.
If you like this post about Sophos XG, you may also like my other posts about Sophos.
Sophos XG Firewall provides comprehensive next-generation firewall protection that exposes hidden risks, blocks unknown threats, and automatically responds to incidents.
Exposes hidden risks
Sophos XG Firewall provides unprecedented visibility into top risk users, unknown apps, advanced threats, suspicious payloads and much more. You also get rich on-box reporting included at no extra charge and the option to add Sophos iView for centralized reporting across multiple firewalls.
Blocks unknown threats
Sophos XG Firewall provides all the latest advanced technology you need to protect your network from ransomware and advanced threats including top-rated IPS, Advanced Threat Protection, Cloud Sandboxing, Dual AV, Web and App Control, Email Protection and a fullfeatured Web Application Firewall. And it’s easy to setup and manage.
Automatically responds to incidents
XG Firewall is the only network security solution that is able to fully identify the source of an infection on your network and automatically limit access to other network resources in response. This is made possible with our unique Sophos Security Heartbeat™ that shares telemetry and health status between Sophos endpoints and your firewall.
Potent, powerful… fast
We’ve engineered XG Firewall to deliver outstanding performance and security efficiency for the best return on your investment. Our appliances are built using Intel multi-core technology, solid-state drives, and accelerated in-memory content scanning. In addition, Sophos FastPath packet optimization technology ensures you’ll always get maximum throughput.
Simply manage multiple firewalls
Sophos Xg 106 Firewall Price
Sophos Central is the ultimate cloud-management platform – for all your Sophos products. It makes day-to-day setup, monitoring, and management of your XG Firewall easy. It also provides helpful features such as alerting, backup management, one-click firmware updates and rapid provisioning of new firewalls. Optionally, Sophos Firewall Manager (SFM) provides powerful multi-device management tools for easy provisioning of consistent policies across your entire estate. And if you also want to consolidate reporting across multiple XG, SG, and Cyberoam appliances you can easily do that with Sophos iView.
Security features you can’t get anywhere else
XG Firewall includes a number of innovations that not only make your job a lot easier, but also ensure your network is more secure.
Sophos Xg Firewalls
Synchronized Security
An industry first, Synchronized Security links your endpoints and your firewall to enable unique insights and coordination. Security Heartbeat™ relays Endpoint health status and enables your firewall to immediately identify and respond to a compromised system on your network. The firewall can isolate systems until they can be investigated and cleaned up. Another Synchronized Security feature, Synchronized App Control, also enables the firewall to query the endpoint to determine the source of unknown traffic on the network.
Unified Firewall Rules
User identity takes enforcement to a whole new layer with our identity based policy technology enabling user level controls over applications, bandwidth and other network resources regardless of IP-address, location, network or device. It literally takes firewall policy to a whole new layer.
A Firewall That Thinks Like You
Pre-defined policy templates let you protect common applications like Microsoft Exchange or SharePoint quickly and easily. Simply select them from a list, provide some basic information and the template takes care of the rest. It sets all the inbound/outbound firewall rules and security settings for you automatically – displaying the final policy in a statement in plain English.
Sophos Xg Firewall Price
Insights into Top Risk Users
The Sophos User Threat Quotient (UTQ) indicator is a unique feature which provides actionable intelligence on user behavior. Our firewall correlates each user’s surfing habits and activity with advanced threat triggers and history to identify users with risk-prone behavior.
Flexible deployment, no compromise
Unlike our competitors, whether you choose hardware, software, virtual or Microsoft Azure, we don’t make you compromise – every feature is available on every model and form-factor.