Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
is there a roadmap for the XGs for the next major versions and the planned functions?
In reply to Bjoern Freiherr:
Then what are the changes in 17.5? In the last roadmap I have seen there were 17.2, 17.3 and 18, no 17.5.
In reply to Steppenwolf:
17.5 beta should be already available in October.
Quick overview of the key new features in v17.5:
In reply to KingRolo:
were is v17.5.b hiding?
In reply to rfcat_vk:
Never heard of 17.5.b unless someone in marketing invented the term.
In short, the originally planned 17.2 and 17.3 with lists of features have been replaced with 17.5 and the list of features above.
Also see community.sophos.com/.../xg-firewall-v17-5-is-coming-soon where they mention "We are expecting the beta to be available in the coming days".
In reply to Michael Dunn:
v17.5.b is the beta version of v17.5 to give it a name.
Bumping this thread version December 2018.
Merry Christmas and Happy new year.
Sorry to hear the UTM/EXIM is the point of comparison for mail filtering, since UTM/EXIM:
Email filtering seems like the weakest component in UTM, so if XG is reaching up to meet UTM, it is reaching up to a pretty low goal.
In reply to DouglasFoster:
Is it still the same with EXIM version 4.91 ? Those first three items are deal killers for me. I read that DKIM can be implemented on EXIM by calling external services. Same for anti-spam et.c. I do not know yet how EXIM was implement on XG. Possibly it was done by Sophos already ...
In reply to Big_Buck:
No one has rebuked me yet...
I would be hapoy to be wrong, or to be the motivation to implement features that should have been in place 10 years sgo.
Well ... Let's start :) !!!
This guy here: https://forum.directadmin.com/showthread.php?t=55929 as somewhat integrated EXIM with OpenDMARC.
I haven't checked yet, but maybe we have something equivalent in XG now in v17.5.
Currently, I am a UTM user, but I bounce over to the XG group occasionally to see if a migration would be worth the pain.
I read the EXIM documentation to see if I could do something under the covers to improve on the UTM SPAM filter, which is where I realized that EXIM did not examine the FROM header at all. That exercise was at least a year ago, so it is possible that the situation may change in a newer release. EXIM has a couple of technologies for writing filter definitions. It may be possible to create Reverse DNS filters using the EXIM filter mechanisms, but I could not easily see where these files existed inside UTM. If I had found them, I assumed that the UTM interface would overwrite them, and I knew that any under-the-cover manipulation would make my device unsupportable, so I gave up.
I already had another product that is my primary mail filter so we have kept it going. UTM/EXIM provides a second look which captures some things that the primary device misses.
Sophos Email Appliance appears to be Sophos' flagship mail product. It does DMARC enforcement, but does not have Reverse DNS filtering, so I was underwhelmed.
I have been looking for a product that does everything that I think a minimally-acceptable mail product should do. So far, the solution will cost about 8 times what I am paying now for my primary mail device. I do not think I can sell that expense up the management chain. So I am still looking.
I have stopped using Sophos Mail Gateway , I also stopped using XG mail gateway, and turned back to Symantec Mail Gateway (Brigthmail).
My renewal with Sophos is in few months. At this moment, I intend to swap back endpoint protections to Symantec. Sophos SEC installation is way too complicated. Ports here, ports there, password here, password there, users here, users there, folder permissions here, folder permissions there. It never ends. And unexisting uninstall. Yes, Uninstall is manual. And maintenance requires way too much interventions. For XG, I am not fixed yet. But if things progress this year as slow as it was last year, I will migrate to a more common and streamline product as well. XG as it is, is too unintuitive and requires way too much care.
Man, With all the people thinking about leaving XG, I wonder if Sophos is actually selling more than people leaving.
In reply to tom greene:
Not really - the XG is getting to be a great product. Sure it has shortcomings but in general it does what we want.
Not a fan of XG for Mail Scanning or controlling my WiFi but web policies, Firewall, Authentications, VPNs etc its quite stable (now)
In the late v16s firmware I was ready to chuck it out and get something that worked. I have since bought an XG450....
In reply to M8ey:
I agree it is getting to be a great product, but even today it is still missing some fundamental pieces to make it equal to the UTM.
Just today I was putting together a quote, and couldn't use the XG because it is missing a proper DHCP, DNS & NTP server, a to name a few modules which are in dire need of updating.