Sophos heeft een nieuwe versie vrijgegeven van zijn XG Firewall met 17.1.0 als versienummer. Deze software wordt zowel op fysieke hardware als in een soft-appliance voor VMware, Hyper-V, Xen en KVM geleverd. Naast de betaalde varianten voor bedrijven biedt Sophos deze firewall voor thuisgebruik zonder kosten aan, zoals op deze pagina te lezen is. Voor de verschillende image- en updatebestanden kun je terecht op het MySophos-portaal. De aankondiging van deze uitgave ziet er als volgt uit:
SFOS 17.1.0 GA Released
Hi XG Community!
We now have SFOS v17.1.0 GA available. Here's everything you need to know. Right now, the release is available as manual upgrade to all SFOS versions via MySophos portal. Please see the following KBA - Sophos Firewall: How to upgrade the firmware: KBA 123285. On-the-box upgrade (new firmware available pop-up & Check for new Firmware) will be made available a little later. Also, On-the-box upgrade will be released in a staged manner i.e. increasing the staged count incrementally over time.
Check out all the enhancements in XG Firewall v17.1 including the new Cloud Application Visibility feature in our XG Firewall v17.1 demo video.
You can find the PDF of what's new here: Sophos XG Firewall v17.1 Whats New.pdf.
- Cloud App Visibility - brings the visibility pillar of CASB to XG Firewall, providing quick and easy Shadow IT discovery and visibility into data that may be at risk in cloud applications with great reporting on users and volume of data being uploaded and downloaded from cloud services.
- Synchronized App Control - gets further enhancements in managing newly discovered applications, including options to search, filter, and delete applications. You’ll also see the category assigned to the discovered app in the list for easy reference.
- Email Security - adds user management over individual SMTP block and allow lists via the User Portal. Domains or email addresses added to the Allow list will bypass policies (except for malware or sandboxing enforcement) and adding domains or addresses to the block list will automatically quarantine emails from those senders. In addition, more flexible SMTP policy exceptions are supported to provide parity with Sophos SG UTM.
- SSL VPN Port Option - one of the most requested features on XG Firewall is the option to customize the SSL VPN listening port.
- Firewall Enhancements - Enhancements have been made to the firewall and rule management to improve flexibility and streamline management even further. You can now double-click a firewall rule in the list to open it for editing. There's a new option to block Google QUIC's HTTPS over UDP forcing a fallback to TCP enabling full SSL inspection of the traffic. And there is now added flexibility in defining ACL exceptions to restrict access to services like the User Portal from a single alias, for example.
- Wireless Enhancements - XG Firewall v17.1 provides wireless networking enhancements including the option to set the channel width for wireless radios in the GUI as well as Radius Accounting.
- IPSec VPN IKEv2 Enhancements - XG Firewall v17 introduced new IKEv2 support for IPSec VPN connections and all stability and reliability enhancements, included in subsequent maintenance releases, are included with v17.1.
- New Hardware Support - Support for the latest XG Series desktop hardware connectivity and features, unveiled in an earlier maintenance release, is also included in XG Firewall v17.1
In case you are managing your Firewalls using SFM/CFM, Firewalls running SFOS 17.1 GA won’t accept application filter rules when applied from a device group or template. You can manage application rules from the device-level view in SFM/CFM until this limitation is addressed in SFOS 17.1 MR-1.