With the Sophos Switch Series, we’re introducing a new range of network access layer switch models. Our cloud-managed switches can be managed in Sophos Central or as standalone switches, providing extensive features to simplify network configuration and monitoring at prices affordable to small and medium-sized businesses. With advanced management, Sophos switches optimize network performance to allow companies to focus on growing their business. 

Sophos Switch models

The initial release includes eight different switch models with various port configurations and models with and without Power over Ethernet (PoE). We offer two series within our model line-up: the 100 Series models have 1GE ports and either SFP or SFP+ and the 200 Series models offer 2.5GE ports plus SFP+ (24- and 48-port models in the 200 Series are expected towards mid-2022). The entry-level CS101-8/8FP desktop models are targeted for home/small businesses while the 24- and 48-port models in the 100 series and the 8-port CS210-8FP are targeted for medium-sized businesses with better performance. 

  • CS101-8
  • CS101-8FP
  • CS110-24
  • CS110-24FP
  • CS110-48
  • CS110-48P
  • CS110-48FP
  • CS210-8FP

Key features

  • 10/100/1000Base-T /2500Base-T Gigabit Ethernet ports (differs by model).
  • Dedicated SFP or SFP+ interfaces for longer connectivity via fiber uplinks and for uplink redundancy and failover.
  • IGMP and MLD snooping provide advanced multicast filtering.
  • 3ad Link Aggregation.
  • Access Control List/ Port Security.
  • 1X and RADIUS Authentication.
  • SNMP v 1/v2c/v3.
  • Voice VLAN for fast and reliable deployment of VoIP.
  • Energy Efficient Ethernet (IEEE802.3az) support better energy-saving when more EEE compliant end devices are available in the market.
  • Advanced QoS with IPv4/IPv6 ingress traffic filtering (ACLs) and prioritization.
  • PoE-capable switches with IEEE 802.3af/at support and additionally 802.3bt support on CS210-8FP.
  • Easy to manage via Web-based Management GUI for switch deployment.
  • Standard-based technology, ensuring interoperability with any standard-based devices in the existing network.
  • Dual firmware images, improving reliability and uptime for your network.
  • Easy to manage in the cloud via Sophos Central

Web-based Switch Management (Switch local GUI):

All supported switch features can be locally managed from the very first release by using the switch web GUI. This gives all the flexibility of the standalone configuration of the switch.

For a detailed switch feature list, please refer to the Switch User Manual


Cloud management in Sophos Central:

Sophos Central provides the option to manage multiple switches and sites. By adding a number of switches to a single site, you can push the configuration to all the switches at that site at the same time. Admins can create multiple sites in Sophos Central and add different switch configurations for a specific site where all switches can be grouped.

In the first release, Sophos Central provides VLAN and port management options for a site or switch. Admins can manage the switch configuration for a Sophos Central registered switch along with firmware management and some basic remote switch management features for a specific switch.


Site management – Create a site, add different VLAN and port configuration settings to it and group the different switches that belong to that site. An admin can also choose to configure all switches at once by pushing the site configuration to them.

Firmware management – Sophos Central allows admins to schedule a firmware upgrade for a switch at a specific time or swap the firmware, which allows the user to select the backup firmware partition by clicking on the switch firmware version. 

VLAN management - Configure (create/update/delete) VLANs in Sophos Central and assign them to the necessary switch ports directly from Sophos Central.

Port management – Map VLANs to specific switch ports and enable/disable specific ports or change the port speed of the switch.

Status and Alerts – On the switch inventory page, you can monitor the switch status (registered, disconnected, waiting for synchronization, synchronized, firmware too old and task pending ). Whenever there is config push failure or a switch is disconnected from Sophos Central, an alert will display the respective message. 

Diagnostics – Turn on the remote debugging option whenever you need the Sophos support team assistance to troubleshoot switch-related issues. This feature allows the support team to collect switch-related logs.


Limitation: The current GA release offers limited switch feature management from Sophos Central (VLAN, port settings, firmware management and remote device control ). Further, more advanced switch features will be added in later software releases.

Known issues

Issue Key



LOCAL UI:  "show current running-config" shows the port as "SHUTDOWN" even when it is up.


LOCAL UI:  MAC address learning per port limitation is not working 


LOCAL UI: The device UI only shows the uplink indicator for standalone ports, it does not show it if the ports are part of a LAG


LOCAL UI :   User should specify the encryption mode for SSH access, SSH admin@<ip> -c <mode> [supported modes 3des-cbc, aes128-cbc, aes256-cbc]


LOCAL UI: Unable to configure special characters in SNMP password


LOCAL UI: Only a maximum of 256 VLANs can be configured


LOCAL UI: Users cannot add VLAN names with special characters 


LOCAL UI:  SFP ports should not show 10M or 100M half-duplex mode


LOCAL UI: No warning message while moving to a different page with unsaved config


LOCAL UI: Non-PoE switch port GRID will show PoE ports label and power usage percentage


LOCAL UI: Uplink tick is not displayed when the gateway’s MAC address expires from the ARP cache


Cloud UI:  Switch alerts count in summary page is limited to max 100, even though real alerts are more.


Cloud UI  Diagnostics: Switch Web UI redirect links are not navigating to specific Local web UI page


Cloud UI: Locally configured VLANs will not be synced to Sophos Central


Cloud UI: VLAN push from Sophos Central removes locally configured VLAN (it also removes LAG if configured on the same VLAN)


STP: BPDUs from the uplink bridge is not forwarded when STP is disabled.


POE: Port MGMT: CLOUD UI uplink port identification is not updated in some cases


POE: CS110-48FP Long GUI refresh time to configure - Power Supply sub menu


POE: CS210-8FP Sometimes PoE does not auto recover after an overload condition

Support access for Sophos Switch

Sophos support access can be activated for switches which are registered and connected to Sophos Central only. For switches not registered in Sophos Central, troubleshooting/debugging will be limited.