Sophos Utm Firewall


Many of our loyal SG UTM customers, have become curious since the release of XG Firewall v18 and are asking what it potentially means for them.

We’ve had a lot of questions about the new features, how this release now compares to SG UTM and if this is perhaps the time to take a look at XG Firewall.

SG UTM features added in XG Firewall v18

This knowledge base article provides links to a series of guides which describe how to configure your UTM to allow access through the Web Application Firewall. Applies to the following Sophos product (s) and version (s) Sophos UTM v9.1, Sophos UTM v9.2, Sophos UTM v9.3. Free firewall for business use Provides fundamental network security functions for any business Available as software or virtual appliance without user/IP limitations Can be easily upgraded to a fully featured Sophos UTM appliance. Sophos UTM ISO for Software Appliance; Why do I use PCI Passthrough? With PCI Passthrough, all traffic goes directly to the virtual firewall and cannot escape from a virtual switch and has no logical contact with the hypervisor (the Ubuntu server). Sophos Sandstorm uses next-gen sandbox technology, giving your organization an essential layer of protection against ransomware and targeted attacks. It integrates seamlessly with your UTM and is cloud-delivered, so there’s no additional hardware required. Easy to try, deploy and manage Effective at blocking evasive threats. A few SG UTM features are still making their way to XG Firewall and are planned for future releases. AWS support will initially have a baseline feature set which will increase over the course of this year, and scheduled firmware updates are also coming soon to Sophos Central.

Let’s first address the new enhancements in XG Firewall v18 that many of you identified as top priorities:

Flow monitor

One of the most popular features in UTM 9, the flow monitor allows you to view traffic flows and bandwidth consumption in real time. It’s now available in XG Firewall. You can view connections by application, user, or host, and easily filter or sort the results.

Plug-and-play HA

One of the hallmark features of SG UTM has long been plug-and-play HA. A similar experience is now available in XG Firewall with the QuickHA option where you simply specify a port, connect your devices, and go.

Actionable logs

Another welcome addition to XG Firewall is the ability to take actions directly from the log viewer. This is thanks to new context-sensitive options that enable you to refine a search or filter on any content in a log entry, as well as take actions such as block or allow traffic.

Other SG UTM features now in XG Firewall

These include DKIM anti-spam, category-based web quotas, SNMP v3 support, VLANs on bridge interfaces, interface renaming, Kerberos support, route-based VPN, SD-WAN link balancing and routing policies, and so much more.

Sophos utm essential firewall

A few SG UTM features are still making their way to XG Firewall and are planned for future releases.

AWS support will initially have a baseline feature set which will increase over the course of this year, and scheduled firmware updates are also coming soon to Sophos Central.

After that, you’ll see DLP custom pattern support, HA support for three or more nodes, and HA support for XG Series w-models with integrated wireless in upcoming releases.

What do the new innovations in v18 mean for you?

Improved performance: XG Firewall v18 introduced the new Xstream Architecture with an all new high-performance proxy-less DPI engine for efficient stream scanning in a single engine, and the new Network Flow FastPath for accelerating trusted traffic and important applications.

Unmatched TLS inspection and encrypted traffic visibility: The new Xstream TLS Inspection engine now natively supports TLS 1.3 without downgrading and delivers over twice the performance of the previous solution.

Enhanced zero-day threat protection: XG Firewall v18 brings new artificial intelligence and machine learning-based threat protection from file-based threats. Combined with the industry-leading IPS engine in the new Xstream Architecture, and dynamic sandboxing analysis, XG Firewall is now the most formidable defense against the latest advanced threats.

Reliable SD-WAN app routing with Synchronized Security: Customers deploying both XG Firewall and Sophos Intercept X Endpoint get even more value than ever from their Synchronized Security Solution.

Synchronized SD-WAN leverages the added reliability that Synchronized Application Control delivers to better optimize and accelerate important applications in SD-WAN deployments. This adds to the extensive benefits that Synchronized Security already provides in monitoring endpoint health and using dynamic firewall rules to automatically isolate compromised hosts to prevent lateral threat movement and data loss.

Easy and powerful Central Cloud Management: Sophos Central cloud management not only enables you to manage all your Sophos products from a single-pane-of-glass but also offers rich XG Firewall features for group firewall management, monitoring, reporting, and zero-touch deployment… all at no extra charge!

Getting started

If you’re interested in taking advantage of all the great new enhancements in XG Firewall, you can do so for free. Your license can be transferred over at no extra charge. And, your local partner or Sophos Professional Services team will be happy to help.

Sophos Utm Firewall

Your existing SG Series hardware is fully supported (except for the SG 105 which lacks the minimum required 4 GB of memory). However, you may want to take this opportunity to consider refreshing your hardware.

If you’re not quite ready to take the plunge, you can still take advantage of many of the new capabilities in XG Firewall such as Synchronized Security, by installing an XG Series appliance inline with your existing SG UTM. The built-in bypass ports make this a risk-free solution, and it can be a great way to help with the transition from UTM to XG when you’re ready.

Thank you!


On behalf of everyone at Sophos, let me take this opportunity to acknowledge your ongoing loyalty and helpful product feedback.

You’ve not only been tremendous influencers and contributors to the success of SG UTM, but you’re also now helping to build XG Firewall into a world-class next-gen firewall solution. Thank you!


A while back we talked about how you can upgrade your network security with a Sophos UTM for free as a home user.

Sophos Utm Download Iso

Here we will explain the basic premise of firewalls and at the same time tell you how you can build one to suit your network.

Sophos utm forum

The firewall is your gatekeeper, your first line of defense, shielding you from the outside world also known as the Internet. The firewall stops unsolicited traffic from the Internet from accessing your network and only allows responses to traffic originating from the inside back through.

You can also control what traffic is allowed from the inside, and only allow those services that you approve of to talk to the outside world.

How to set up your UTM firewall

To set up your UTM firewall, you need to define network addresses, basic firewall rules and NAT (Network Address Translation).

Sophos Utm Firmware Download

The great thing about Sophos UTM is that it will help you get things set up in no time. The built-in Basic System Setup will do all this for you.

Sophos Utm Firewall Rule

You just need to tell it what your internal and external addresses should be and what services you want to use.

Sophos Utm Firewall Log

Once completed the necessary interface definitions, firewall rules and NAT, masquerading rules will have been created for you and network traffic can flow.

It’s that easy.

Learn more about firewalls and Sophos UTM

Zf gearbox oil. If firewalls intrigue you, you can read up more about how they work in this Naked Security blog post.

And if you’re looking to replace or upgrade your existing firewall, visit to learn more about why you should choose Sophos.

Plus, watch our video series about Sophos UTM to see it in action.