Vendor: Sophos
Price: $249 per year on a three-year term for TotalProtect Plus & Enhanced Support on an XG 85.
Contact: sophos.com/xgfirewall

Quick Read

Strengths:
When a threat is detected, action will be taken by the firewall per the rules incorporated into the health status of a network.
Weakness:
None that we found.
Verdict:
This has a robust reporting system with hundreds of pre-built, included reports that can be customized to make this a fantastic security solution for those looking to pull that information into reports.

Rating Breakdown

SC Labs Reviews

Reviews from our expert team

Features:
Rating: %s
Documentation:
Rating: %s
Value for Money:
Rating: %s
Performance:
Rating: %s
Support:
Rating: %s
Ease of Use:
Rating: %s
Rating: 5.00/5 5.00/5

Summary

Sophos XG Firewall allows organizations to see and manage its security posture in one place. At a glance visibility shows traffic light style indicators of hidden risk on the network such as top risk users, suspicious payloads, endpoint health, advanced threats, network attacks and more. It also features a fully integrated on box historical reporting, a full-featured Web Application Firewall and full email protection with anti-spam, email encryption and data loss protection.

Sophos XG Firewall provides next-generation firewall network protection, web protection, application control, sandboxing protection, email protection and web server protection. It exposes hidden risks with a visual dashboard and rich, on-box bundled reporting for free. It identifies unknown cloud and networked applications as well as risky users and suspicious payloads. It stops unknown threats with a full suite of protection that is easy to manage and uses deep learning and a top performing IPS engine. This firewall responds when there is an incident on the network. It has a unique security heartbeat that integrates EP health into the rules to automatically isolate infected systems.

Hardware advantages include flexible connectivity, business continuity and easy management, high performance solid-state storage on every model.

The Security Heartbeat is constantly sharing information and is used to identify active threats. You can click through to the ATP widget for information like the threat path, filename and the like. The firewall will act when a threat is detected, according to dynamic firewall rules. The compromised host is isolated from other parts of the network and healthy systems. Administrators do not need to do anything to automatically isolate threats as a result of the dynamic firewall rules and lateral movement protection coordinated with the endpoints. As soon as the server has been returned to a healthy state, connectivity will be restored to the other parts of the network.

Integrating the endpoint with the firewall also allows for the identification of applications that would not otherwise be identified. You can customize and modify attributes of the automatically categorized application to essentially block the applications you do not want and prioritize the ones you do. The dashboard is organized and provides a lot of information. Here, you can also see unsanctioned application usage, what sites are being used by which users, where they are located, and how much data is being uploaded or downloaded.

Pricing starts at $1,000 for the appliance and $249 per year for a subscription on a three-year term for TotalProtect Plus & Enhanced Support on an XG 85. Support is offered 24/7 by phone and email, as well as through a website.