Sophos Firewall v18.5 GA is now available

Note: Version 18.5 is currently available for the new XGS Series hardware. Version 18.5 for XG Series hardware, virtual, software, and cloud deployments is expected to be available shortly.


This release includes support for a new range of hardware appliances, the XGS Series.

All XGS Series next-generation firewalls have a dual-processor architecture, which combines a multi-core x86 CPU with a dedicated Xstream Flow Processor for hardware acceleration. The Xstream Flow Processor is a Network Processing Unit (NPU), which accelerates trusted traffic flows, freeing up resources on the host CPU for more resource-intensive tasks, such as TLS inspection and deep packet inspection.

What's new in v18.5

Flexibility and performance enhancements

  • Version 18.0 delivered a data plane with a Virtual FastPath (VFP) to allow the offloading of trusted and previously security-verified traffic, using the same x86 CPU for the offloaded traffic. On the XGS Series, after inspecting the initial packets in a flow, the x86 CPU offloads trusted traffic to the Xstream FastPath, which runs on the Xstream Flow Processor and is specifically designed for FastPath operations.
  • The Xstream Flow Processor delivers and retrieves packets directly to and from the DPI engine's main memory. These enhancements deliver a significant increase in the overall network performance with a 5x improvement in latency with the zero-copy operation and up to a 5x increase in SSL/TLS decryption performance versus the previous hardware models.
  • The Xstream architecture saves cycles of the x86 clock by lowering memory bandwidth usage and allowing both processors to update the cache.
  • Port density and diversity: XGS Series appliances offer an increased number of fixed ports and include some new port connectivity, such as Power over Ethernet (PoE), which is now built-in on some desktop models. They also offer a broad range of Flexi Port modules and add-on options to adapt and extend connectivity.

More information available here: v18.5 GA Release notes


Migrating your configuration to v18.5

  • You can restore backups from 17.5 MR15 (and earlier) and 18.0 MR4 (and earlier) versions on XGS Series hardware models.
    However, to restore backups from 17.5 MR15 and 18.0 MR4 on the XGS Series, you must update the firmware to 18.5 GA. The setup wizard will ask you to update the firmware to this version. After you update the XGS Series firewall to the 18.5 GA firmware, you can restore backups from these versions from Backup and firmware > Backup and restore.
  • You can restore backups from earlier versions (17.5 MR14 and earlier, 18.0 MR3 and earlier) using the setup wizard.
  • To take a backup and restore the configuration between XG Series and XGS Series appliances, see Backup-restore compatibility check.
Parents
  • Who did the beta testing in the real world. Straight to GA is a big risk without some real world input.

    Ian

    • “V18.5 GA” is only applicable to the new XGS hardware; And has been well tested by Sophos Insiders – a group of partners and customers who helps Sophos by deploying a to-be-launched hardware in the production environment for months before the actual launch.
    • “v18.5 for existing XG hardware/ Virtual/ Software/ Cloud” is planned after sometime. And Sophos will be happy to bring that v18.5 build to our community contributors well before the release to get the feedback from you all.
Comment
    • “V18.5 GA” is only applicable to the new XGS hardware; And has been well tested by Sophos Insiders – a group of partners and customers who helps Sophos by deploying a to-be-launched hardware in the production environment for months before the actual launch.
    • “v18.5 for existing XG hardware/ Virtual/ Software/ Cloud” is planned after sometime. And Sophos will be happy to bring that v18.5 build to our community contributors well before the release to get the feedback from you all.
Children