This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG V18 MR3

Hello Sophos,
can we still expect the XG V18 MR 3 this week ?




[locked by: FloSupport at 4:35 PM (GMT -7) on 13 Oct 2020]
Parents
  • It'll arrive when ready is my home, better be late, but right

  • Hello Mike,

    so I can only recommend one thing to you, start using another solution from another vendor.
    Trust me, I've been using Astaro / Sophos UTM solutions since 2003 and it is hell for the last 5 years. You won't find such a low-quality and unreliable product like XG anywhere else in the world.

    Trust me, I really have many and many years of experience with these products and such a bad situation in quality and reliability has not been in the past.

    If you are a home user, I understand your enthusiasm. But if you are a corporate network administrator or a supplier of security solutions for companies, this is hell ....

    Regards

    alda

  • I mean, medium to big companies don't care about DHCPv6-PD, and thats the point. Sophos want to stop appealing to the home/small busines and go bite the medium/large companies.

    They care about DPI/Scanning TLS, routed based vpn, decoupled NATs and rules, etc.

    So yeah, that's why and I don't blame them, the money is in the biggest corporations, not small business. And they have to include functions that are present in bigger fw companies (vrf?, central management?, etc)

  • Its good to know that Sophos doesn't want my business anymore, I guess that makes my renewal decision next year easy.

  • Hello Bill,

    believe me, you will not definitely alone who decides like you in the near future. Many current Sophos customers are planning the same decision as you. Only Sophos doesn't know about it yet ....

    Regards

    alda

  • Hi ,
    We apologize for any inconvenience you have experienced. We are actively working on initiatives to improve the overall Support experience and appreciate your patience. will follow up with you via PM regarding your specific support cases.

    For other Community users seeing this, If you had concerns regarding a specific support case, please don’t hesitate to reach out to myself via PM and i'll be happy to help follow up.

    Regards,

    Florentino
    Director, Global Community & Digital Support

    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • Hello Alda,

    Thank you for replying to my PM.

    Once I get the cases from you I will follow-up accordingly!

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Its a shame, I do like Sophos XG and the value for the money is good.  If they are truly wanting big enterprise customers only, I would say good luck.  XG as it exists right now is not nearly a good enough product to break into that market, the terrible logging alone would be a disqualifier for many.  

  • I don't rate v18 "as a very failed version", they did something right which is the new SSL/TLS Inspection engine, but some other features that we got, such as SD-WAN support don't even work correctly.

    And what is the throughput on the DPI again? The xtreme DPI engine... 

    One honest question, is the firewall not doing It's job to protect your clients, which is the main purpose of it.

    I totaly gave up on XG even for home use after the remote code execution problems that was in the wild so no the firewall was not doing its job in its default configuration.

    I check in here once in a while since I use SG in my lab due to abundant logging and things are still the same as they were when v16 was released. Big promises little follow through as pointed out. Now there is a remote code execution on the SG UTM webadmin. Luckily someone was nice enough to tell them instead of leaking it to the hackers.

    Unreal

    Regards.

  • Hi,

    have passed a comment back on the release page about the DPI engine performance not being any different to the mail proxy.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • And what is the throughput on the DPI again? The xtreme DPI engine.

    It's actually High... Also your comparing the throughput of the DPI Engine on Sophos XG with what other vendor?

    Fortinet have custom ASIC's to do pattern matching and L3 Networking and crypto, Palo Alto have FPGA's for the same reasons, even checkpoint have acceleration pcie cards now.

    If you look at the appliances Sophos have right now are all using old Intel x86 CPU's from 2017<, even then, the throughput is still high for a NGFW.

    I'm not here to defend Sophos, but if a USD$50.000 appliance from Palo Alto (PA-5220) that have multiple FPGA's, and uses Marvell "security processors" can only do 1.9Gbit/s of Threat Prevention on a enterprise mix traffic with SSL/TLS Decryption, which is the same as an XG 750 Rev.2 could do on v17.5, then I'm impressed with Sophos results.

    I totaly gave up on XG even for home use after the remote code execution problems that was in the wild so no the firewall was not doing its job in its default configuration.

    Did you ever looked at the other vendors CVES? Feel free to take a look at Palo Alto here.

    Also, let's talk about the ssh "backdoors" (Which has hard-coded SSH public keys) Fortinet had some years ago, even their SIEM product had a vulnerability like this last year.

    Every vendor has shitty vulnerabilities that someday will piss off their costumers, the only difference is how fast they fix it, and if they are going to be public speaking about it, or they will hide it.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

  • I don’t want to seem to be too picky because the discussion is of value, but needs to be in its own thread.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data