Sophos SFOS v19 EAP1 – Overview of all new features
It is still possible to download the update for SFOS v19 EAP1 in December. In this post, I’ll give you an overview of what new features are included in EAP1.
Attention! Upcoming renewals will probably tempt you to install SFOS v19 EAP1 on your firewall. Among the new features are some renewals that we have been waiting for a long time and the impatience to install this release can be great.
EAP – Early Access Program
What does EAP actually mean and should one install such a version on a productive firewall? In itself, there is nothing against it, because an EAP version is also supported by Sophos. The version is considered stable by the majority and has also been tested extensively. Nevertheless, an EAP release is not as stable as an MR release, which you are made aware of directly in the firewall. An EAP version, on the other hand, must be downloaded manually from the Sophos website for installation. I would therefore use EAPs rather cautiously and not install them immediately on every environment. The final SFOS v19 will then be released around Q2 2022.
Search
Search window in the navigation
The navigation in the upcoming SFOS v19 will include a search bar to search for configuration areas. This is certainly a help for UTM migrants. But this can also support existing SFOS admins, as Sophos has also made changes to the navigation at times in recent versions.
The search should actually also “think” and make intelligent suggestions. For example, if you search for “multipath”, as it used to be called on the UTM, it will suggest SD-WAN to you. 🙂
Object search 🔥🔥🔥
The object search has been greatly improved. 🙏 Finally! For me personally by far the hottest feature in v19. I claim that already now, even if I do not yet know all the features that are yet to come.
Until now, when searching for an object, you had to know exactly how the name begins. In the case of firewalls that we have set up ourselves, we naturally adhere to a scheme for this, e.g. “IP + hostname”. However, if we had to configure something on a firewall, which we didn’t set up, it was incredibly tedious. To do this, we often had to leave the firewall rule, search for the object, remember the name, go back into the firewall rule and create everything from scratch. When several admins worked on the same system, it also happened that duplicate objects were created.
To better understand the difference, check out the graph below. This is how it looked so far in version 18.5 and earlier versions:
With the new full-text object search in version 19, many things are now easier. I also noticed small UI improvements. More objects are displayed and the unnecessary links, which did not work anyway, have been removed.
It is also possible to search for a port directly, even if it is not in the name.
VPN
There is no longer a VPN item in the menu; instead, the settings have been divided into two categories:
- Remote Access VPN
- Site-to-Site VPN
Better VPN logs in Logviewer
For troubleshooting SSL VPN, IPsec or RED, you can now find much more information in the log viewer without having to check the logs on the console.
AES-GCM
A new addition is “AES-GCM” encryption for SSL VPN and IPsec VPN. AES-GCM is an authenticated encryption mode that provides better performance than the previously used AES-CBC.
SD-WAN SLA Profile
SD-WAN functionality allows handling with multiple WAN connections.
- Route networks, IPs, or users across different WAN links based on ports or applications.
With SFOS v19, not only the availability of the connection can be checked, but now also its quality. For this you can use one of the three predefined profiles or create your own.
This also allows rules to be defined, such as: If the latency on line 1 is too high, then use another line for the data traffic, e.g. VOIP (as long as it has a lower latency, of course).
In the diagnosis you can also see the collected performance values displayed as a chart.
