Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Why doesn't Sophos XG Software support EFI-Boot?

Hi all,

I recently bought a new server for my SophosXG which I run at home. Unfortunately I did forget that SophosXG still does not support EFI boot, so I did not think about that when purchasing the server. So now, because the device only supports EFI-Boot, and no legacy boot (aka CSM) I am left with the pretty unsatisfying situation that I have to run a Hypervisor on my new server to run the XG on it and sacrifice much simplicity and some performance. 

I mean yes, I do understand that it does not support EFI boot, but why?

Firstly even open source firewalling solutions like OPNSense or pfSense are able to boot on EFI only systems. Furthermore - as touched on in this old thread - XG's underlying OS has even been switched to Ubuntu/Debian in XG Version 18 https://community.sophos.com/sophos-xg-firewall/f/discussions/115320/exchange-of-underlying-linux-distribution-when-going-from-sfos-17-5-to-sfos-18-x-update-process-and-other-implications . Those two Linux distributions themselves support EFI boot for an eternity now.

Can someone, maybe from Sophos directly, elaborate on the "why"? I really struggle trying to understand what might be the reasons not to support EFI boot in 2024.

Best Regards

espressodriven



Edited TAGs
[edited by: emmosophos at 7:28 PM (GMT -7) on 22 Apr 2024]