This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.5 coming soon

News from Sophos Partner Portal:

The product team is hard at work on the next release of Sophos UTM with the upcoming beta for UTM 9.5, expected to be available in March. UTM 9.5 improves protection, performance, and management with some of your most requested features for the web application firewall, Sandstorm sandboxing, and much more. Here’s what’s new:

Web Application Firewall:

Web Server Protection in Sophos UTM includes a full-feature web application firewall (WAF) that is a leading replacement for Microsoft’s discontinued Forefront TMG product. And believe it or not, there are still lots of customers out there who haven’t yet replaced their TMG installation with something offering modern protection. Sophos UTM provides the ultimate TMG replacement solution, and it gets even better with UTM 9.5:

  • WAF URL Redirection enables the UTM to automatically redirect traffic for a protected URL to an alternate back-end path that greatly simplifies back-end system setup
  • WAF Policy and Authentication Templates for common Microsoft business applications provide faster and easier deployment for common servers, such as Exchange and SharePoint
  • WAF True-File-Type (TFT) protection can block downloads or uploads based on MIME type rather than just extension, providing better control and protection
  • WAF TLS version allows the option to specify the required TLS version required for a virtual server, which enables PCI compliance by excluding TLS1.0
  • WAF proxy protocol support uses the client IP inside the Proxy Protocol header to make policy decisions and logging

Sophos Sandstorm

Sophos Sandstorm has been one of our fastest growing products since it was introduced in UTM 9.4, and justifiably so, as it provides essential cloud sandboxing protection to catch the latest advanced threats like ransomware before they can enter the network. It’s effective, simple, and affordable. UTM 9.5 delivers some highly requested Sandstorm features, including:

  • Sandstorm data center selection, which enables a preferred regional data center to be manually selected for Sandstorm analysis
  • Sandstorm scanning exceptions, which enables certain file types to be excluded from Sandstorm analysis
  • Sandstorm activity reporting, enhanced to include files processed via e-mail protection

Management Enhancements

Sophos UTM already provides industry leading performance and usability, but we’re making it better than ever with UTM 9.5. Check out some of our new improvements:

  • New 64-bit PostgreSQL Database architecture update for the reporting database to improve report generation performance, especially with larger data sets
  • Single archive log download, enabling the convenient export of all UTM logs in a single archive file which allows for easier import into Sophos iView
  • Certificate expiration notification, providing a 30-day warning for certificates due to expire – enabling renewals to be made in advance, maintaining continuity
  • Support access via SSH, which provides an extension to the existing remote support access feature without the need to share login credentials
  • SMTP proxy listening address support, enabling better control over the SMTP proxy behavior without the need to rely on firewall rules
  • SNMP monitoring, extended to full file system, enabling file system usage to be available via SNMP


This thread was automatically locked due to age.
  • Hi, Miha, glad to have you involved in the UTM Community!  Apparently, you've been around for awhile, but it's the first I've come across one of your posts.

    And such a thoughtful one it is!  Thanks for sharing this with the rest of us.

    I haven't done a beta in several years, but this one sounds like it might be worth a try.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • is this all thats going to be in 9.5 ? 

    i see nothing about heavily requested features:

    - improved application control

    - improved ipv6 support (nat64, selectable smtp protocol, red over ipv6)

    - lets encrypt support 

    ---

    Sophos UTM 9.3 Certified Engineer

  • So how do i sign up for beta? I can't access the beta forum anymore

    Sophos UTM 9.3 Certified Engineer
    Sophos UTM 9.3 Certified Architect
    Sophos XG v.15 Certified Engineer
    Sophos XG v.17 Certified Engineer
    Sophos XG v.17 Certified Architect

  • Hi,

    going on past performance there will be a new forum which people will be invited to join.

    I hope they invite all the previous beta testers.

    The teaser above I think only covers the key new features, not additions to the existing features would be my guess.

    Depends on whether you are a reseller/partner you will get more information that I.

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • I was hoping for a bit more connectivity options eg GRE tunnel which could end up being a bit of a deal breaker for me. I understand it's in the CLI for XG but nothing in the gui and XG is a step too far for me at the moment.

    I'd like to see better real time monitoring along the lines of the Cisco ASA as I don't really rate the live log and revert to tcpdump etc

  • Louis, you can make a GRE tunnel at the CLI in UTM, too.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob, I seem to be harping on a bit about GRE. It's good to know that it's in the CLI of the UTM which makes me think why they don't present it in the GUI in the next version?

    It would be such an easy win/win for them for those of us who require it and I do think Sophos should be trying to match what Cisco's can do if they want to truly break into that market.

  • Sounds great and I would be happy to beta test..

     

    It would be great if 9.5 would also would fix country blocking exceptions.

    They haven't worked for a while and at the moment we are under heavy loads of spam, forcing me to block the worst regions.

    Thought I could except some business partners, but turns out the exceptions are still broken in 9.4

     

    Looking forward to 9.5 :-)

  • Hi,

     

    Looking very much forward to the beta.

  • Also unhappy that still no Let's Encrypt support.