Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Related
Recommended
PMParth
Sophos Firewall OS v19.5 MR3 is Now Available

The adoption rate of our new Sophos Firewall v19.5 firmware continues to be our fastest ever, with the vast majority of Sophos Firewalls now running the latest release.

We are pleased to announce the availability of our third maintenance update for v19.5. Sophos Firewall OS v19.5 MR3 adds several important performance, reliability, stability and security fixes.

What’s New in SFOS v19.5 MR3

Updated SSD firmware for select models:

  • Among the fixes, this release includes updated SSD firmware for select SSD models within the XGS 2100, XGS 2300, XGS 3100, XGS 3300 and XGS 4300 to optimize performance and reliability.

Sophos ZTNA Gateway integration into Sophos Firewall (Coming Soon):

  • This release includes support for our upcoming release of Sophos ZTNA Gateway integration into Sophos Firewall that will make ZTNA deployments easier than ever.  If you have remote workers who need access to systems or applications behind the firewall, ZTNA makes it super easy and secure, and the integrated ZTNA gateway in Sophos Firewall means you don’t need to deploy anything additional on your network to support ZTNA secure access.  This new ZTNA gateway capability will be enabled for early access as part of Sophos ZTNA on Sophos Central in September. Please stay tuned for an announcement on this topic.

Issues resolved:

  • Resolves 65+ important performance, reliability, stability and security fixes.

Check out the v19.5 MR3 release notes for full details.

How to get the Firmware and Documentation

Sophos Firewall OS v19.5 MR3 is a free upgrade for all licensed Sophos Firewall customers and should be applied to all supported firewall devices as soon as possible to ensure that you have all the latest security, reliability and performance fixes.

This firmware release will follow our standard update process.  You can manually download SFOS v19.5 MR3 from the Licensing Portal and update anytime. Otherwise, it will be rolled out to all connected devices over the coming weeks. A notification will appear on your local device or Sophos Central management console when the update is available, allowing you to schedule the update at your convenience.

Sophos Firewall OS v19.5 MR3 is a fully supported upgrade from all previous versions of v19.5 and all previous versions of v19.0 including the latest v19.0 MR3. Please refer to the Upgrade Information tab in the release notes for more details.

Full product documentation is available online and within the product.

Sincerely,

Sophos Firewall Product Team

  • in reply to LuCar Toni

    Will the Firewall be able to act as a "on-premise" ZTNA Gateway or will be only for (Sophos Cloud) ZTNaaS?

  • The firmware came too late, our XGS2100 died with a defective SSD.
    The Sophos XGS2100 contains a cheap consumer / laptop SSD (    Phison PS3117-S17T).  

    And the replacement firewall has just this SSD installed again.Rage


    Even the cheap XG105W Model has a SSD for commercial and industrial applications (Suitable for interactive devices, medical applications and personal computing).

    is there a way to extract the firmware update from MR 19.5.3 and install it under 19.5.2?

  • in reply to Jindrich

    DHCP Option 234 is a Sophos specific Wireless DHCP Option. So not "most used option" in a greater sense. 

    But it is not a predefined object. You have to create it on your firewall, if you need it. If you use central wireless, it does not need to exist anymore. 

    And if you created it, it should not disappear (checked one firewall, it is still there, after creation a while ago). 

  • After the upgrade DHCP option dhcp_magic_ip(234) has disappeared (already in MR-2 and no fix in MR-3 for that...).
    It is actually the most commonly used option ...

    Otherwise I have tested MR-3 with the following devices (in bigger deployments) and so far so good:

    XGS3100, XGS2100, SD-RED-20, SD-RED60, APX530.

  • in reply to Prism

    So right now you would have to edit each resource to change the Gateway to use the firewall. There are plans to streamline this work in a better way for the future. 

Unfiltered HTML