Shopping Cart

No products in the cart.

Sophos SFOS update – New Features in v18.5.1

The SFOS 18.5 MR1 is here and in order to install the new update at all, one of the following versions must already be installed on your firewall:

  • SFOS v18.5 GA
  • SFOS v18 MR3 or newer
  • SFOS v17.5 MR14 or newer

If your firewall does not have any of the above versions installed before the update, the configuration migration will not work.

New functions

After installing the new firmware, three important new features await you.

1. central orchestration

With SFOS 18.5.1, the previously announced Sophos Firewall module Central Orchestration is finally released. If you manage multiple firewalls (three or more) and want to connect them with VPN, Central Orchestrationten can save you a lot of work. Whether it’s a full mesh network, a hub-and-spoke topology, or something else, Sophos Central automatically takes care of tunnel and firewall setup.

Central Orchestration is already included in the Xstream Protection and Avanet Epic Protection Bundle, but can also be purchased as a standalone license. Customers who have already licensed Xstream or Epic Protection will be able to take advantage of the new features after the update.

2. central firewall reporting advanced

If you integrate your firewall into Central, logs and reports from one or more firewalls can be stored and analyzed for up to 7 days free of charge. If you would like to extend this period up to 365 days, you need a Central Firewall Reporting Advanced license.

Central Orchestration now adds another option to extend the log storage period. If you have one of the following licenses, you will have 30 days instead of the free 7 days:

  • Central Orchestration Single License
  • Sophos Xtream Protection
  • Avanet Epic Protection

3. MTR/XDR Connector

The MTR/XDR Connector included in SFOS 18.5.1 now opens the door to firewall data analysis on Sophos Central for the first time. On the one hand, the Sophos MTR team can benefit from this, but also all security admins who have a Central XDR license. By the way, this is automatically included in the following products:

With the MTR/XDR Connector, the Central XDR product becomes even more powerful, as the firewall adds another source from which data can be obtained and queried.

Changes to the navigation

Visually, a few changes have crept into the navigation.

  • Zero-Day Protection – Formerly Sandstorm (Sandboxing). Here the analyzed files and their reports are listed and under a second tab the settings of the function.
  • Sophos Central – This menu item allows the firewall to be connected to Central. Security Heartbeat, Synchronized Application Control and Firewall Management, Reporting and more.
  • Advanced threat has been renamed to Advanced Protection.

More information

If you want to update to the new version or migrate from an XG to an XGS, please have a look at the following websites. They will help to prepare you ideally for the update and clarify important prerequisites.


Patrizio is an experienced network specialist with a focus on Sophos firewalls, switches and access points. He supports customers or their IT department in the configuration and migration of Sophos firewalls and ensures optimal network security through clean segmentation and firewall rule management.

Subscribe Newsletter

We send out a monthly newsletter with all the blog posts for that month.