Thanks David. Paul Bone Network Consultant/Engineer From: David Rickard <david.rick...@bnu.ac.uk> Sent: 20 March 2023 09:57 To: Martin Hepworth <max...@gmail.com>; Paul Bone <paul.b...@probitas-solutions.tech> Cc: uknof@lists.uknof.org.uk Subject: RE: [uknof] Sophos XGS Firewalls
Chiming in, we’ve got a few in use, and they’re ‘OK’ but they won’t set the world on fire. There’s some slightly odd issues with the routing functionality (i.e. they won’t announce IPSEC VPN routes!!!!), but the security side of things works well. They still don’t support IPv6 PPPoE which is a bit naff, and Sophos seem disinterested in adding it any time soon for some reason. The central management platform is good enough, but there’s weird quirks of the whole management, like not being able to rename certain objects, and only having a name entry (no descriptions). Also beware the EoL practices as they can catch you out and suddenly go EoL – an EoL device cannot have a new subscription attached to it, and a device with no subscription is pretty much useless anyway, so you need to be prepared to replace them. I’d consider it a teenager in grownup clothing. There’s a lot of maturing in to do in the XG platform still. Regards David From: uknof <uknof-boun...@lists.uknof.org.uk<mailto:uknof-boun...@lists.uknof.org.uk>> On Behalf Of Martin Hepworth Sent: 14 March 2023 08:53 To: paul.b...@probitas-solutions.tech<mailto:paul.b...@probitas-solutions.tech> Cc: uknof@lists.uknof.org.uk<mailto:uknof@lists.uknof.org.uk> Subject: Re: [uknof] Sophos XGS Firewalls CAUTION: This email originated from outside of the organisation. Do not click links, open attachments or respond unless you recognise the sender and know that the content is safe. ________________________________ Used in $job-1 They still aren't as feature rich as the old sg series, but the performance of dpi etc is great with the 2300 and upwards having the extra silicon to use They really want to be part of the whole Sophos ecosystem with central mgmt across an estate etc and feel odd when used in standalone mode. So if yr customers already use Sophos xdr it's a really good compliment to provide a more holistic solution.. standalone a bit meh On Mon, 13 Mar 2023, 20:47 Paul Bone, <paul.b...@probitas-solutions.tech<mailto:paul.b...@probitas-solutions.tech>> wrote: Just wondering if anyone has any stories to share on the Sophos XGS Firewalls? Good or bad. Some of my customers are looking at implementing them as others in their vertical market in the US are already keen users but I’ve not really come across them much. Thanks Paul
