We'd love to hear about it! Click here to go to the product suggestion community
Here on Techbast, some tech "How To" for v18:
Screen Shots of interest (Dam it !!! Is that a scoop ???) v18 menu "Rules and Policies" that replaces the menu "Firewall":
Here I noticed three new tabs: "Firewall Rules", "NAT Rules", and "SSL/TLS Inspection rules". "Disable Rule" and "Delete Rule" are groupable and relocated. Also note the disabled "Drop All" I was told by Sophos techs not to ever do. Never knew why. Many filtering options.
You guys noticed "Create linked NAT rule", "Web Filtering", "Configure...Heartbeat" ? Actualy, the "Advanced Section" was replaced entirely. "Nat & Routing" is gone essentialy because NAT is now decoupled.
For your info:
To my knowledge, the first "official" pre-announcement document from Sophos news blog.
And the officially published features PDF. (Same one as I posted before.)
Curiously, EAP 1 & EAP 3 are mentionned, but not EAP 2 is still unnoticed ...
Sophos official Help v18:
Some more !!!
How to configure GRE Tunnel to connect two sites on firmware version 18: https://techbast.com/2019/10/sophos-xg-how-to-configure-gre-tunnel-to-connect-two-sites-on-firmware-version-18.html
How to authentication user domain using STAS on AD and Sophos XG on firmware version 18: https://techbast.com/2019/10/sophos-xg-how-to-authentication-user-domain-using-stas-on-ad-and-sophos-xg-on-firmware-version-18.html
Changes in the Firewall Rules: https://techbast.com/2019/10/sophos-xg-firewall-v18-changes-in-the-firewall-rules.html
Introduce enhanced DDNS support on firmware version 18: https://techbast.com/2019/10/sophos-xg-introduce-enhanced-ddns-support-on-firmware-version-18.html
How to configure Sophos Central Management & Reporting: https://techbast.com/2019/10/sophos-xg-v18-how-to-configure-sophos-central-management-reporting.html
How to configure SSL VPN Client-to-site on firmware version 18: https://techbast.com/2019/10/sophos-xg-how-to-configure-ssl-vpn-client-to-site-on-firmware-version-18.html
How to configure Advanced threat protection function on firmware version 18: https://techbast.com/2019/10/sophos-xg-how-to-configure-advanced-threat-protection-function-on-firmware-version-18.html
How to configure Web Filtering on firmware version 18: https://techbast.com/2019/09/sophos-xg-how-to-configure-web-filtering-on-firmware-version-18.html
Something you may have noticed is all TechBast articles are date 27 to 29 September ...
On TechBast, you can follow this link: https://techbast.com/?s=Sophos
Hi, could You share Your upgrade software version of *.*gpg file? ;-)
In reply to darnoK:
Read carefully. I'm just posting links to screen shots. I do not have a working copy of v18 in hand.
If you are patient and methodical you will find hundreds of pages related to v18 by now ... They started to pop up everywhere on the net already 4 days ago.
I have just posted those that were of greatest interest to me, and they happen to originate from TechBast.
These screen shots are interesting and shows Sophos is taking steps in the right direction. But I do not expect anyone to fall off their chair for that much.
As far as I am concerned, NAT decoupling is one of the most welcome feature. If they could have arranged objects in such a manner they could contain both IPv4 and IPv6 simultaneously. We would have cut the number of firewall rules by almost 2.
I wonder if Business Rules are gone. (Since NAT is now a separate set of rules)
It could have been called v17.6.0
In reply to Big_Buck:
that you for posting.
From reading the document the business rules are still included based on colour coding of the rules for the GUI.
In reply to rfcat_vk:
Read here: http://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/PDF/sfos_ug.pdf
Page 69, 22.214.171.124 Add an Exchange Autodiscover rule. Done much the same as before. But at page 108, 6.2 NAT rules. I expect to see linked NAT rules there. Linked to what once was Business Rules.
It is not obvious yet what was changed, but up to now, all linked CLI screens shows commands that are exactly the same as before.
Memory graphic screen shot could have been a clue. But it shows much of the same as before ...
if you refer to page 12 *which I read from you original post with that document) of that document you will see there is reference to business rules being displayed by a colour on the GUI.
Open the v18 "Help" PDF, then do some research with "Business Rule". All 12 occurrences are actually the same. They just : "Business Rules reset under certain conditions". They do not bother to mention that Exchange or WEB rules are actually Business rules. Business rules are morphed down to being merely templates. All that because NAT is decoupled. The whole concept is not worth mentioning anymore.
I can't wait see how the bug-prone reflexive rule will now work since they moved to the NAT rule menu. If logic applies, linked NAT rule will actually be two NAT rules bidirectional.
Cant wait to get my hands on it, Ive been checking the partner portal everyday for the download.
In reply to john_kenny:
unnecessary work to check every day the Sophos Partner Portal. Wait for this Thursday afternoon on the XG Firewall blog.
P.S. I just don't know if it sends talex or bulirich. Well, we have to be surprised.
In reply to alda:
Some birds were singing that release was delayed till end of October. Maybe they found a way to realign the boat ?
Big_BuckHow to authentication user domain using STAS on AD and Sophos XG on firmware version 18: https://techbast.com/2019/10/sophos-xg-how-to-authentication-user-domain-using-stas-on-ad-and-sophos-xg-on-firmware-version-18.html
Is that any different to V17?
In reply to M8ey:
One the first thing I looked at few days ago.
If you spot a change in the "troublesome-everyone-loves-to-hate-works-when-it-wants-unintuitive-way-too-complicated" STAS, you tell me ...
I'm not really surprised however since not much announcement regarding this was published lately. A tech at Sophos told me 2 years ago they were re-writting it from A to Z. With that much time passed, he meant A to ZZZ.