Skip to content
Avanet
Sophos SFOS update – new features in v18.5.1

Sophos SFOS update – new features in v18.5.1

SFOS 18.5 MR1 is here and before you can install the new update, one of the following versions has to be installed on your firewall:

  • SFOS v18.5 GA
  • SFOS v18 MR3 or newer
  • SFOS v17.5 MR14 or newer

If none of the versions listed above is installed on your firewall before the update, the configuration migration will not work.

New features

Once the new firmware is installed, three important innovations are waiting for you.

1. Central Orchestration

With SFOS 18.5.1, the previously announced Sophos Firewall module Central Orchestration is finally activated. If you manage several firewalls (from three or more) and want to connect them via VPN, Central Orchestration can save you a lot of work. Whether you want a full mesh network, a hub-and-spoke topology or something else – Sophos Central automatically takes care of setting up tunnels and firewalls.

Central Orchestration is already included in the Xstream Protection and Avanet Epic Protection bundles, but can also be purchased as a standalone license. Customers who already have an Xstream or Epic Protection license can benefit from the new features after the update.

2. Central Firewall Reporting Advanced

If you connect your firewall to Central, logs and reports from one or several firewalls can be stored and analyzed for up to 7 days free of charge. If you want to extend this period to up to 365 days, you need a Central Firewall Reporting Advanced license.

Central Orchestration adds another way to extend the log retention period. If you have one of the following licenses, you get 30 days instead of the free 7 days:

  • Central Orchestration standalone license
  • Sophos Xstream Protection
  • Avanet Epic Protection

3. MTR/XDR connector

The MTR/XDR connector included in SFOS 18.5.1 opens the door for firewall data analysis in Sophos Central for the first time. This benefits the Sophos MTR team on the one hand, but also all security admins who have a Central XDR license. This is automatically included in the following products:

With the MTR/XDR connector, the Central XDR product becomes even more powerful because the firewall adds another data source that can be queried and analyzed.

Changes in the navigation

From a visual standpoint, there are a few changes in the navigation.

  • Zero-Day Protection – formerly Sandstorm (sandboxing). This is where analyzed files and their reports are listed and, in a second tab, the feature settings.
  • Sophos Central – under this menu item you can connect the firewall to Central. Security Heartbeat, Synchronized Application Control, firewall management, reporting and more.
  • Advanced threat has been renamed to Advanced Protection.
Navigation comparison SFOS v18.0 and v18.5

Further information

If you want to update to the new version now or migrate from an XG to an XGS, have a look at the following websites first. They help you prepare properly for the update and clarify important prerequisites.

Patrizio

Patrizio

Patrizio is an experienced network specialist focused on Sophos firewalls, switches, and access points. He supports customers and IT teams with configuration, migration, and clean network segmentation.