Hi XG Community!

The team is hard at work putting the finishing touches on the next major release of XG Firewall, and it is a huge release, bringing XG Firewall management to Sophos Central, new Synchronized Security features, Wireless APX support, and a ton of top requested features from customers and partners.

Please visit the XG Firewall v17.5 Early Access Program page for more info regarding the public beta!

What's New

Here’s a quick overview of the key new features in v17.5:

Sophos Central Management of XG Firewall – with new features for backup and firmware management as well as a new zero-touch deployment option

– with new features for backup and firmware management as well as a new zero-touch deployment option Synchronized Security Features - including Lateral Movement Protection to prevent threats from spreading on the same network segment and Synchronized User ID to eliminate the need to integrate with Active Directory for user identification

- including Lateral Movement Protection to prevent threats from spreading on the same network segment and Synchronized User ID to eliminate the need to integrate with Active Directory for user identification Wireless APX Access Point Support – provides support for the new Wave 2 access points providing faster connectivity and added scalability (and will come shortly following the main v17.5 release in MR1).

– provides support for the new Wave 2 access points providing faster connectivity and added scalability (and will come shortly following the main v17.5 release in MR1). Education Features – such as policy-based control over SafeSearch and YouTube restrictions, block-page overrides, and Chromebook authentication support

– such as policy-based control over SafeSearch and YouTube restrictions, block-page overrides, and Chromebook authentication support Email Features – with Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim which closes a couple of top requested feature differences with SG UTM.

– with Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim which closes a couple of top requested feature differences with SG UTM. IPS Protection - is enhanced with the Cisco Talos IPS pattern library and more granular categories.

- is enhanced with the Cisco Talos IPS pattern library and more granular categories. Management Enhancements – including enhanced firewall rule grouping with automatic group assignment and a custom column selection for the log viewer

– including enhanced firewall rule grouping with automatic group assignment and a custom column selection for the log viewer VPN and SD-WAN Failover and Failback – including new IPSec failover and failback controls and SD-WAN link failback options.

– including new IPSec failover and failback controls and SD-WAN link failback options. Client Authentication – gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing.

– gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing. Airgap Support – enables XG firewall to be updated via USB in situations where XG Firewall can’t get updates automatically via an internet connection due to an “airgap” or physical isolation. (Coming shortly following the main v17.5 release in a MR)

– enables XG firewall to be updated via USB in situations where XG Firewall can’t get updates automatically via an internet connection due to an “airgap” or physical isolation. (Coming shortly following the main v17.5 release in a MR) Sophos Connect IPSec VPN Client – free for all XG Firewall customers that makes remote VPN easy for end-users. (Being launched as an early access program at the same time as v17.5)

Please stay tuned for more upcoming information regarding this exciting release!