Disclaimer: This information is posted as-is and the content should be referenced at your own risk
The focus of this document is to provide baseline guidance to secure the Sophos XG Firewall to a minimum level. The document will not provide guidance on each individual XG firewall feature that may, in turn, secure internal network devices and resources (a full, exhaustive Sophos XG Firewall best practice guide will be published in due course).
Note: This guide will not include advice and guidance on the following topics and are considered to be out of scope:
One size does not fit all, some security recommendations will apply to a customer where others will not. Sophos and our partners, provide award winning Professional Services who are happy to provide best practice network security design, implementation, and training tailored to the needs of our customers.
While Sophos XG firewall is one of the most sophisticated, multilayered, leading-edge security appliances in use today, it is, as with most firewalls, not effective right out of the box. Administrators often concentrate efforts on configuring firewall features and functions with a view to protecting internal networks and resources, before securing the firewall itself.