Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall - Roadmap?

Hej,

is there a roadmap for the XGs for the next major versions and the planned functions?

Thanks.



This thread was automatically locked due to age.
Parents
  • Forgot to put a follow up/bump here, on the road to XGv18 in two years.

    SFOS 17.1.3 MR-3 released these days. Bug fix mostly.

    Paul Jr

  • Hey Paul,

    V17.5.b is supposed to be due this week.

    Ian

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Well ... Let's start :) !!!

    This guy here: https://forum.directadmin.com/showthread.php?t=55929 as somewhat integrated EXIM with OpenDMARC.

    I haven't checked yet, but maybe we have something equivalent in XG now in v17.5.

     

    Paul Jr

  • Currently, I am a UTM user, but I bounce over to the XG group occasionally to see if a migration would be worth the pain.   

    I read the EXIM documentation to see if I could do something under the covers to improve on the UTM SPAM filter, which is where I realized that EXIM did not examine the FROM header at all.   That exercise was at least a year ago, so it is possible that the situation may change in a newer release.  EXIM has a couple of technologies for writing filter definitions.   It may be possible to create Reverse DNS filters using the EXIM filter mechanisms, but I could not easily see where these files existed inside UTM.   If I had found them, I assumed that the UTM interface would overwrite them, and I knew that any under-the-cover manipulation would make my device unsupportable, so I gave up.   

    I already had another product that is my primary mail filter so we have kept it going.   UTM/EXIM provides a second look which captures some things that the primary device misses.

    Sophos Email Appliance appears to be Sophos' flagship mail product.   It does DMARC enforcement, but does not have Reverse DNS filtering, so I was underwhelmed.

    I have been looking for a product that does everything that I think a minimally-acceptable mail product should do.   So far, the solution will cost about 8 times what I am paying now for my primary mail device.  I do not think I can sell that expense up the management chain.   So I am still looking. 

  • Hello

    I have stopped using Sophos Mail Gateway , I also stopped using XG mail gateway, and turned back to Symantec Mail Gateway (Brigthmail).

    1. Took Sophos too long to upgrade to SMBv2.
    2. Far more easier to use.  By that, I also mean far more intuitive.
    3. Complete reporting.  And all features required for a mail appliance running for a Bank !!!
    4. Around $CAN 15 per user for the appliance "Only" licence.  Cheaper if you combine with EndPoint Protection.
    5. For some incomprehensible reasons, "Symantec Enterprise" license do not exist anymore.
    6. I also tested Spam Titan, but in 2018, it had too much false alarms.  It was rock solid before ...

    My renewal with Sophos is in few months.  At this moment, I intend to swap back endpoint protections to Symantec.  Sophos SEC installation is way too complicated.  Ports here, ports there, password here, password there, users here, users there, folder permissions here, folder permissions there.  It never ends.  And unexisting uninstall.  Yes, Uninstall is manual.  And maintenance requires way too much interventions.  For XG, I am not fixed yet. But if things progress this year as slow as it was last year, I will migrate to a more common and streamline product as well.  XG as it is, is too unintuitive and requires way too much care.

    Paul Jr

  • Man, With all the people thinking about leaving XG, I wonder if Sophos is actually selling more than people leaving. 

  • Not really - the XG is getting to be a great product. Sure it has shortcomings but in general it does what we want.

    Not a fan of XG for Mail Scanning or controlling my WiFi but web policies, Firewall, Authentications, VPNs etc its quite stable (now)

     

    In the late v16s firmware I was ready to chuck it out and get something that worked. I have since bought an XG450....

     

    Sophos XG 450 (SFOS 18.5.1 MR-1)

    Sophos R.E.D 50 x 2

    Always configuring new stuff.....

  • I agree it is getting to be a great product, but even today it is still missing some fundamental pieces to make it equal to the UTM.

    Just today I was putting together a quote, and couldn't use the XG because it is missing a proper DHCP, DNS & NTP server, a to name a few modules which are in dire need of updating.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • The following informations about upcoming releases have reached me via Newsletter.

    Last week we released MR1 for XG Firewall, which contains a couple of important fixes for the Early Access Program (EAP) for Central Management of XG Firewall.

    The next MR to be released to all customers will come on February 10 with much anticipated support for our new APX Wireless Access Points and Airgap Support. Expect more news and information on that as we get closer to launch day. This maintenance release will be called MR3.

    Then we expect another Maintenance Release in early March (MR4), with additional features like Encrypted Backups and Backup Management from Sophos Central.

    In Summary:

    • MR1 – Central Management EAP Fixes – Available Now
    • MR3 – APX and Airgap Support – February 10
    • MR4 – Backup Features - March

    If you have any questions about the updates, please contact your Sophos representative for more information.

    Please send me Spam gueselkuebel@sg-utm.also-solutions.ch

  • Hello

    Any development on what's coming in March ? I mean, is there anything more covered than just Backup ?

    Paul Jr 

  • Hello Big_Buck,

    maybe we will know something new this Friday, because this Friday is for Sophos partners planned presentation of a roadmap.

    Regards

    alda

  • Where you can subscribe to that presentation as a partner?

Reply Children
No Data