I'm looking to add a backup cellular ISP service to my home network such that in the event my primary ISP is down, Sophos XG will use the backup cellular ISP. However, I really only want to use the backup cellular ISP to maintain internet connectivity for certain devices and not everything on my network. Is there any way to do this with Sophos XG?
After reading the SD-WAN policy routing help section several times, watching this video and experimenting with my setup, it seems having an SD-WAN policy route set to 'Any' for all of the traffic selector options (e.g. source networks, destination networks, etc.) is not required with the following assumptions:
Based on this setup, your backup gateway should not be used when your primary gateway is down. Again, the goal is to only use a backup gateway for certain devices when the primary gateway is down.
To use the backup gateway for a specific application, device, network, etc., you must create an SD-WAN policy route as desired (e.g. 'Source networks' set to your device static IP address), and set the 'Primary gateway' and 'Backup gateway'.
For a device that isn't associated with a SD-WAN policy route, it will simply use the static routes then jump to the default route (WAN link manager). However, the default route in this case should only allow the primary gateway to be utilized since we didn't specify the backup to be used. For any device that does have an SD-WAN policy route, it will first use the static routes followed by the created SD-WAN policy route which specifics it can use either the primary gateway or backup gateway, so in the event the primary gateway goes down, only these device(s) will use the backup gateway.
Would be great to get confirmation from one of you smart Sophos XG folks if the above is accurate. 
---
Sophos XG guides for home users: https://shred086.wordpress.com/
