Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall - Roadmap?

Hej,

is there a roadmap for the XGs for the next major versions and the planned functions?

Thanks.



This thread was automatically locked due to age.
Parents
  • I understand that there could be some more communication about the road map and active development from Sophos, but it's also not very useful to constantly complain in the forums. If you're a Sophos partner, you can get some information from your rep at anytime. If you're not, then contact your partner regarding this information.

    I'm a Sophos Partner myself and some updates were given during the Sophos Discover Partner Conference last week. Since I don't think any of this has been shared yet publicly, here is some info to give you a bit of an insight:

    - No major features are going to be developed for v17.5 since all focus is on getting v18 ready for release (bug fixed will still be rolled out in MRs as needed)

    - There will be an early access program for v18 in July

    - GA for v18 is planned for November

    - there is no full feature list for v18 available yet, only internally at Sophos but v18 contains TONS of new features and improvements

    - v18 will separate NAT from firewall rules and have more configuration options (which some users have complained about)

    - v18 will improve overall performance by 30%+ and new XG hardware (optimized for new packet processing engine) will be released in early 2020 to bring even more performance

      

    Hope this helps a little. I'm sure there's more to come as we get closer to the July EAP release.

Reply
  • I understand that there could be some more communication about the road map and active development from Sophos, but it's also not very useful to constantly complain in the forums. If you're a Sophos partner, you can get some information from your rep at anytime. If you're not, then contact your partner regarding this information.

    I'm a Sophos Partner myself and some updates were given during the Sophos Discover Partner Conference last week. Since I don't think any of this has been shared yet publicly, here is some info to give you a bit of an insight:

    - No major features are going to be developed for v17.5 since all focus is on getting v18 ready for release (bug fixed will still be rolled out in MRs as needed)

    - There will be an early access program for v18 in July

    - GA for v18 is planned for November

    - there is no full feature list for v18 available yet, only internally at Sophos but v18 contains TONS of new features and improvements

    - v18 will separate NAT from firewall rules and have more configuration options (which some users have complained about)

    - v18 will improve overall performance by 30%+ and new XG hardware (optimized for new packet processing engine) will be released in early 2020 to bring even more performance

      

    Hope this helps a little. I'm sure there's more to come as we get closer to the July EAP release.

Children
  • Thanks - that's helpful.

    However, I think the key point of this discussion is that Sophos does not communicate these details to the larger community. Perhaps that's by design (or by contract), but there are many IT-departments that need to get an idea of the capabilities and features (current and planned) before engaging a reseller.

  • Having worked for a technology vendor in the past, I know something of the legal constraints that they are under.   We could only discuss unannounced products or product features under a non-disclosure agreement, using a standard script and PowerPoint slides that had been approved by the legal department, after a formal approval process.   Approvals were not assured.  Product announcements were only made when a delivery date was pretty certain.

    Development is an imperfect process.   When it goes badly, delivered features or delivery dates get deferred.   If a vendor sells a product based on a promise to have feature X by date D, then the vendor cannot deliver for any reason, the vendor is at risk of a fraud charge. 

    The other person's post is correct.   If you need a feature today, or will need it within your planning horizon, buy a product that has it today. 

  • DouglasFoster said:

    The other person's post is correct.   If you need a feature today, or will need it within your planning horizon, buy a product that has it today. 

     
    Or take the Apple approach.  Keep everything super secret and only announce the day that you start selling.  It has gotten a little looser since Steve Jobs, but no one could ever "plan" based on upcoming iPhone features or release date.
     
  • I understand your concern and agree that Sophos could do a better job at communicating the roadmap, but as others already stated there might be limitation etc. for that. However, big features that are set to be released at some point in the future could and should be listed somewhere, even if it's without a release date. There's lots of good stuff in the pipeline and I think customers would be happy to hear about them. Hopefully we'll know more soon regarding the details of v18 and I'll be happy to post an update if something is released to partners.

  • Ok.  The point I bring often that bothers me most is the pace at which development goes.  It does not match what's elsewhere in the industry.

    I understand that a road-map is just a road map, and all Developers have to maintain controls on it, but then, let's compare.  Up to recently, road-maps from Intel were clockwork (with some glitches these days, I know).  If they told it would be delivered 13.5 months from now, they would.  Yet, at the end of the day, I do not care much about road-maps anyway.  It's vaporware.  Wish list.

    What I care about is what I have in my hands.  And the historical rate at which I receive updates/upgrades.  I have been with Sophos for more than 2 years, I can safely state development pace is very slow.

    There's also the way development is prioritized.  SD-WAN may seem sexy, but meaningful and use full logs, full featured DHCP, time relay/reliable source, for example, should have been tried and tested options available since day one.  Routing have been insanely complicated.  For those who master CLI, it is not such a draw back.  But for those who are not sitting behind the console all day long stuck with the interface, XG's GUI and its limitations is a real problem.

    v18 will be released one day, but we all know there will be bugs, because the history is there to back these sayings.  v15, v16, v17 were bumpy roads, to say the least.

    It may look like complaining to some.  But it will look realistic to others.  Mileage will vary with your level of competence.

    If you're a deep linux CLI geek, with lots of other firewalls vendors experience, I look like complaining.

    If you're a casual small business user/manager, you just felt my pain.  But isn't this is where UTM market belong ?  Large organization owns dedicated appliances.  UTM is meaningless to them.

    Paul Jr 

  • How about Cyber / Sec / OpSec? Firewalls and UTMs are security products, yet on some security basics Sophos still falls far short.

    For instance, it's baffling that XG still offers CLI-access to only one single account. If multiple administrators need to use the CLI they would have to share that account... To boot, if I'm not mistaken that account has to be named "admin".

  • new XG hardware (optimized for new packet processing engine) will be released in early 2020 to bring even more performance?

     

    Is there any news when new hardware will be released? xg 330 v3?

  • jan-h said:
    Is there any news when new hardware will be released?

     

    Hey Jan,

    I had a meeting with my Sophos rep last week and they said there was a Launch of V18 and Hardware in the coming couple of weeks. (Australia)

     

    Cheers

    Sophos XG 450 (SFOS 18.5.1 MR-1)

    Sophos R.E.D 50 x 2

    Always configuring new stuff.....

  • 18 GA is released.

    Paul Jr

  • Big_Buck said:

    18 GA is released.

    Paul Jr

     

     

    Installed and all I can say is what an improvement, one hell of a lot faster.

    Tim Grantham

    Enterprise Architect & Business owner