Sophos Central Switches - anyone got any secrets they want to share?

They were briefly mentioned in the Sophos XG Academy webinars (last session, future og XG, at the last part).

Im really interested in learning more of what to expect!
Were currently evaluating Fortinet as replacement for Sophos UTM because they have switches that tie into the Fortigate platform.
If Sophos has something alike coming up in the forserable future, it might tip the decision back to Soohos XG.



Added TAGs
[edited by: Erick Jan at 3:37 AM (GMT -8) on 11 Jan 2024]
Parents
  • There are some shortcomings with Sophos switches. Fortinet has far better lineup here as far as ap-switch-fg-extender. But at the end, it depends on what you need so Sophos may fit the shoes. 

  • Please expand on shortcomings if you have tested or used Sophos switches.  Currently integration into central is the biggest selling point, other than that, similar to others. 

    I think Sophos would do well to sell add-on apps w switches, IE: 802.10 access / management via central, new device notifications (security), etc.  Integration of switches, central and FW for holistic security management. -- NAC.

    IE: Sophos takes leadership w 802.10 -

    1.  Install Switch / basic setup. 

    2.  Tell Central to add 802.10 feature $$ - MAC BASED switch device security

    3.. Switches and FW take inventory of devices and ports at each switch / location.

    4.  User says allow for discovered devices / MAC addresses, adds friendly labels, host names, etc.

    5.  User says whether devices can change ports or switches, (mobility OK)?   - device DB created.

    6.  User enables switch lock down w config, 

    6.  User can lock down so that any new device must be authorized by IT, portal reg, etc.

    Many other iterations here, but why can't Sophos have something basic as above, and maybe a more advanced tier $$$ for those who need?

  • I have them 8 under my desk getting ready to be sent back. Primary reason is this: 

     CS110-24FP - max 4 vlan interfaces can get ip assigned and no static routing ? 

    all what you have wrote here is available at competing offering for long time. I was hopping for Sophos not to get in to this game but to integrate with one of Tier-1 switch/ap suppliers for security part (Extreme for example).  

  • Ouch, sorry they are not what you need for your application.  Features and limitations should be completely disclosed, marketing and technical people @ Sophos need to be on the same page...

Reply Children