Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 2904 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Hardware / Sophos Firewall Manager / Sophos Central

BeEf

Hello,

we are currently developing a new Strategy for our firewalls. I did some research on the website but did not find clear answers to some of my questions.

We currently use 5*SG135 and two SG330 that are clustered. Furthermore approx. 30 REDs and some Wifi APs. All devices are configured through their webinterface or commandline.  In the future we need a firewall that has at least 4 10 GBit/s SFP+ connectors.

1) Is it possible to upgrade these and some high level Firewalls (SG 450/550/650) to the XG Software? Just the new software with the old hardware. With or without additional costs?

2) Is it even possible to downgrade an existing XG hardware to SG (same models as above)? 

3) Do I understand it right that Sophos Central can not be used to configure SG and XG firewalls. I am not sure about this but did the demo which looks like the focus is on Mobile, Wifi and Endpoint protection.

4) Sophos iView Reporting can work with SG UTM and XG Firewalls?

5) The Sophos Firewall Manager works only with XG Firewalls ?

6) You can not directly upgrade a SG to XG? Usually you do  the migration from SG to XG by hand but there is some kind of Migration tool?

 

Best regards,

Bernd

 

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Bernd, please ask these questions of Sophos Sales and then let us know how they are answered for Europe.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    This week we had a meeting with a Sophos Enterprise Sales Executive.

    - Besides the display and some optical things the hardware seems to be identical (corresponding SG and XG models).

    - It is possible to Upgrade from SG to XG. In order to do this sophos needs to be involved. 

    - It is probably possible to downgrade from XG to SG. However this seems not to be officially supported by sophos.

    - The firewall manager only works with XG firewalls.

    - We did not explicitly talk about migration tools. However as the XG is a completely different product with different concepts it seems to be necessary to redo the configuration by hand with the new paradigms.

    Best regards,

    Bernd

  • 0 in reply to BeEf

    Hi, 

    to talk a little bit about the migration process.

    First of all SG / XG is the Hardware. UTM / SFOS is the OS running on the Hardware. 

    Most of the time, in the discussion with couple of customers, most of their UTM backups/configs are older than the SG hardware (>5 Years). Those configs are touched by many people and are full of "mistakes", unnecessary configurations like firewall rules for proxy traffic etc. So i would suggest to perform a scratch installation. Even saw SG400 series with 5k+ Objects. Because multiple administrators used their own prefix of network objects. Why not? UTM does not stop you to do it. 1k firewall rules? Yeah go for it and demand a migration. 

    As you can see, it clearly needs a reconfiguration. I would suggest to start with smaller offices to "learn" how to configure XG properly. 

     

    - It is possible to Upgrade from SG to XG. In order to do this sophos needs to be involved. 

     

    We do not need to be involved in the UTM to SFOS migration. Simply install SFOS on your SG and proceed the Wizard. It will lead you to a step which needs your myUTM license. And if you upload your myutm license file there, SFOS will migrate the license out of myutm to mysophos (XG). 

     

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to BeEf

    Hi, 

    to talk a little bit about the migration process.

    First of all SG / XG is the Hardware. UTM / SFOS is the OS running on the Hardware. 

    Most of the time, in the discussion with couple of customers, most of their UTM backups/configs are older than the SG hardware (>5 Years). Those configs are touched by many people and are full of "mistakes", unnecessary configurations like firewall rules for proxy traffic etc. So i would suggest to perform a scratch installation. Even saw SG400 series with 5k+ Objects. Because multiple administrators used their own prefix of network objects. Why not? UTM does not stop you to do it. 1k firewall rules? Yeah go for it and demand a migration. 

    As you can see, it clearly needs a reconfiguration. I would suggest to start with smaller offices to "learn" how to configure XG properly. 

     

    - It is possible to Upgrade from SG to XG. In order to do this sophos needs to be involved. 

     

    We do not need to be involved in the UTM to SFOS migration. Simply install SFOS on your SG and proceed the Wizard. It will lead you to a step which needs your myUTM license. And if you upload your myutm license file there, SFOS will migrate the license out of myutm to mysophos (XG). 

     

    __________________________________________________________________________________________________________________

Children
No Data
Unfiltered HTML