Sophos Firewall OS v19 is now entering the 2nd phase of the early access program (EAP) providing access to the full set of v19 features slated for general availability in April.
This latest v19 build adds a number of great new enhancements including Xstream FastPath Acceleration of IPsec VPN traffic which provides a tremendous performance boost and adds to the other Xstream SD-WAN capabilities added in EAP1.
As a reminder, here’s a complete overview of all the great new Xstream SD-WAN capabilities:
Sophos Firewall OS v18 introduced the Xstream Architecture that enables FastPath acceleration of trusted traffic flows. The new XGS Series hardware appliances added dedicated Xstream Flow Processors for hardware acceleration of trusted traffic flows. One of the great benefits of the programmable flow processor is that additional features and capabilities can be added to further improve performance.
SFOS v19 EAP2 adds IPsec VPN hardware FastPath acceleration for XGS Series appliances which automatically puts IPsec tunnel flows on the FastPath through the Xstream Flow Processor. This dramatically improves performance, moving some of the CPU-intensive processing required for IPsec tunnels to the Xstream Flow Processor such as ESP- encapsulation/encryption and decapsulation/decryption. This new feature takes full advantage of the hardware crypto capabilities within the Xstream Flow Processor and has the added benefit of freeing up CPU resources for other tasks like deep-packet inspection of traffic that needs it.
Xstream FastPath Acceleration for IPsec traffic works for both site-to-site and remote access VPN traffic, however, IPsec connections with weak cipher or auth algorithms (DES, 3DES, Two Fish, MD5) will not be off-loaded.
A list and side-by-side comparison of SD-WAN PBR enhancements in the latest v19 build
For the full list of all new capabilities in v19, refer to the What’s New guide.
Watch brief demo videos for many of the new features:
If you’re already participating in the EAP program for SFOS v19, you will see the new build available in your web-admin UI as a firmware update.
If you’re new to v19, now is the perfect time to participate in the early access program, try out the great new capabilities, and provide your feedback to help make this release the best it can be. Register here to download the early access program firmware.
Sophos Firewall OS v19 EAP2 (Build 271) is a fully supported upgrade from v17.5 MR14 and later, v18 MR3 and later and all previous versions of v18.5.
We welcome and encourage your feedback. Please use the feedback mechanism in the product on the top right of every firewall screen. You can also get assistance and interact with others in the EAP program through the community forums.
Check out how Sophos Firewall can transform your network with Xstream Protection and Performance.
I'd like to see Sophos XG appliances able to have Home license applied on them, they're a perfectly good bit of tin or have a resonable response from the partner sector. Utter joke dealing with re the model.
I'm testing the GA version right now and it still doesn't seem to be included there either. It's very sad what Sophos is delivering here.
Advanced Shell access is being added back into SFOS v19 GA. You can find additional context in the following forum thread.
Does this support advanced shell for home users or is that in the next update?
Does the 'Per Connection Authentication' support browsers like Google Chrome, I know with SATC - the way Chrome generates connections is not supported and users must use Firefox.