February 14, 2018 By VG.Admin
New SFOS will soon be released in version 17! I was already able to take a look at the release candidate and summarized its most important new updates here.
6 important features in SFOS Update v17
1. Synchronized App Control
A completely new feature is Synchronized App Control. XG Firewall has only been able to detect applications using signatures so far but, for example, with this you can block or even grant a guaranteed bandwidth (QoS). However, a large part of the traffic could not be classified. These included self-developed or unknown programs or applications that were deliberately not being perceived by using signatures.
Sophos has the possibility to recognize more applications with the v17, which is a drastic increase. However, synchronized security is required for this function. This means for you that you need “Sophos Central Endpoint Advanced” or “Intercept X” for your endpoints and “Sophos Central Server Protection Advanced” for your servers.
- Sophos Central Endpoint Advanced
- Sophos Central Intercept X
- Sophos Central Server Advanced
You give the possibility to your XG Firewall to communicate with them with Sophos Central on the endpoints. Sophos calls this the “Security Heartbeat”. This allows the firewall to ask the endpoint which processes are active on the system and the endpoint returns that data and it is now also possible to assign unclassified traffic. There is also a video about it here:
2. Managing firewall rules
If you own an XG, you are currently aware of how to manage firewall rules. It’s very confusing and you needed to create a kind of “grouping” by the name of the rule. The rules are now displayed more compact, can be grouped together and the most important information is displayed in the overview. The following video shows you how this looks:
3. Policy Test Simulator
There is now also a policy tester at SFOS as in the UTM. You can test your firewall or web proxy rules without having to connect to the client with a remote tool. The following video shows you how the “Policy Test Simulator” works:
4. Blocking Web-proxy Keywords
Some companies, especially schools, often needed to block a website as soon as a particular word could be found. You can now create a keyword list and fill it with supposedly “bad” words in the new v17. If then in the future such a word appears on a web page, one can write this call into the log or block the page altogether completely. There’s a video about it again:
5. XG Firewall Setup Wizard
It wasn’t quite elegantly solved to set up and run a XG firewall with previous setup wizard. The process was a bit painful. Luckily, Sophos worked for the v17 on the setup wizard and made a few changes:
- Password must be changed right from the start. This makes sense, since no XG firewall is connected with “admin” as username and password with the Internet.
- Design was vigorously prettied up from my point of view.
- Backup can be restored immediately.
- Internet connection is now no longer required.
- The Sophos ID and license can now be imported later. Once you start the appliance, you can install it with a 30 day trial license without first having to reach a license server first.
If you already have an Internet connection, there are three possibilities:
1. 30 days test license
2. Upload UTM license files (UTM to SFOS migration)
3. Entering XG License key
Check out the new setup wizard in this video:
6. Unified Log Viewer
If there is a problem somewhere in the network, in most cases it already helps in the log of the firewall. Log Viewer of the v16.5 was, however, really a big miss and you will definitely be aware of this when you look at the new “Unified Log Viewer”. Absolutely every little detail became better! New Log Viewer is my absolute favorite feature from v17! Look for yourself, you’ll love it!
- better clarity!
- all log information
- Search and filter across all logs
- Search in older logs
More minor improvements
New tools for NAT, IPS, Web and VPN settings
IKEv2 VPN
Better IPSec VPN compatibility with other systems
Wildcard FQDN - This makes it easy to unblock cloud services
NAT improvements - New protocols are supported, no longer just TCP and UDP
Email Protection - Smart Host, Greylisting and Recipient Verification
Microsoft Azure High Availability
Conclusion
New SFOS v17 shows completely new features, but also very important improvements of existing functions. This update changes our attitude towards XG Firewall completely. We would recommended this only for smaller projects, but this looks completely different, above all because of the Log Viewer and new clarity of the firewall rules, that is essential for clean configuration and fast troubleshooting, which was almost impossible with larger networks so far.
Since the v16 was already a huge milestone against the v15, we had already started to prefer the XG over UTM for smaller projects. But now it is clear to us: “XG First”, which is strictly wrong, because it would be “SFOS First”.
Learn more about
Sophos XG Firewall products.
You can now equip your hardware now with the new SFOS with a clear conscience, if you have a SG firewall with the UTM operating system. Licenses can be accepted, but the configuration not. This is not so bad from our point of view, because we already had several migrations from UTM to SFOS and in any case it is so good to rethink the configuration once again from scratch.
[embed]https://www.youtube.com/watch?v=UwPvYM-DyCM[/embed]
Original article from Sophos.