There are currently two really exciting topics at Sophos. Zero Trust Network Access and the switches. This post is about the latter and we have almost all the information together by now.
Hardware: 10 models
I’ll start with what we already know all about the Sophos switch hardware. So that you don’t get completely overwhelmed by the name or have to search for the differences in the product table, I’ll explain the name model and the hardware’s rough differences in advance. This is because the name of the Sophos switch models already reveals a lot about the technical data of the hardware. The following picture shows the CS110-48FP switch as an example:
There will be the following 10 switch models from Sophos:
100 Series – 1 Gbps
- 8 port models: CS101-8, CS101-8FP
- 24 port models: CS110-24, CS110-24FP
- 48 port models: CS110-48, CS110-48P, CS110-48FP
200 Series – 2.5 Gbps
- 8 port models: CS210-8FP
- 24 port models: CS210-24FP – available mid 2022
- 48 port models: CS210-48FP – available mid 2022
All technical data can be found in the Sophos switch data sheet or on the product pages of the switches.
Thanks Sophos, for the test device 🙏
We received a Sophos CS110-48P switch as a test unit from Sophos back in October. Many thanks to Sophos for giving us the opportunity to try and test this great device for ourselves. Here are a few photos of the CS110-48P switch:
Only the hardware or with license
Sophos switches can be purchased with or without a license. If you choose hardware only (without license), the following services are included:
- Local Web Management – The Sophos switch can be managed directly via browser without any restrictions.
- Command Line Interface (CLI) – The Sophos switch can also be managed from the console, again without restrictions.
- Limited lifetime warranty – The Sophos switch is covered under warranty until the end-of-life date. When Sophos talks about lifetime here, it’s about how long Sophos will support this product. At the current time, one can assume a minimum of 5 years.
Added value of the subscription
At the current time, the added value of the subscription consists of the following:
- Sophos Central Management – The Sophos switch, can be managed via Sophos Central.
- Advanced RMA Support – Fast processing in case of a hardware defect
- 7 × 24 telephone support
- Firmware updates
If the subscription is no longer renewed, there is of course no more telephone support, the warranty service is standard again, the Central Management is in read-only mode and the firmware updates have to be installed locally again.
Sophos sets the price for service and support here at 10% of the hardware price, and at 8% for a 3-year license.
Admittedly, at the current time, the features of the Sevice are very weak. It’s a bit like choosing Autopilot when you buy a Tesla. First and foremost, you buy the potential that will follow. In the case of the switch, these would be features such as Synchronized Security or XDR/MTR functions.
I have now explained the models and what options are available when buying. Let’s move on to the management of the switch. We have been using the device productively for a few weeks now. As expected, the hardware makes a good impression, but it is the software that can make the hardware exceptional. In this early version, it makes an excellent and stable impression. The GUI comes in nine languages: English, Spanish, Italian, German, French, Portuguese, Chinese, Japanese, Korean.
There is also a dark mode and the interface is more responsive than you are used to from other Sophos products. The loading time is still a bit slow in some places, but this has already improved a lot since the last firmware and should be completely fixed by the final version.
Here are a few impressions of the web interface:
Switch management via Sophos Central
Sophos offers several ways to manage the new switches. You can configure them locally via the web interface or CLI (command line) and also via SNMP if needed. The simplest and most convenient method is certainly the Sophos Central connection. This means that in the future, you will have your firewalls, access points and switches, together with all other central solutions, united on one console.
Here are some first impressions of what is currently possible with Central:
We know that some are already waiting for the Sophos switches. Sophos is expected to be able to deliver the first models in mid-December 2021, but the number of units here is still massively limited. Only in February / March looks a little better.
A few years ago, we were already dreaming of a Sophos switch. The product also makes perfect sense in the line-up and completes the network portfolio. However, Sophos’s most recent acquisitions have always been software companies. Other manufacturers have had a central dashboard for switches and access points for a long time, but the firewall or endpoint was sometimes missing. With the switch, Sophos brings an important product to their ecosystem.
The rumors that Sophos is working on a switch series have been around for a while. So it’s all the more pleasing that a market launch has now succeeded, even if only very small numbers will be available at the start. But launching a new product during a global chip crisis is also very brave and not an easy task.
The product name starts with CS, which stands for Central Switch. If you only buy the switch without the service and support subscription, the Central part is omitted, which makes the switch so interesting. Without the management with Central, the question arises why one should buy a Sophos switch and not a product from another manufacturer. Managing switches through Central, alongside firewalls, access points and the rest of the Central modules in one console, is therefore a really big selling point for anyone already in this ecosystem or keen to build on it in the future.
Nevertheless, it has to be said that the software will not be ready when the switches are launched on the market. Exciting killer features, such as Synchronized Security or XDR/MTR connectors, will probably only be available later. In most cases, however, a switch is a purchase that is intended to be used for more than 3 – 4 years anyway. If Sophos delivers these functions within a reasonable period of time, one can ignore them without hesitation. In keeping with the motto “connecting points”, an incredible amount is possible here through this central device in the network, and the upcoming functions are just the beginning. 😎
Sophos switches as the new standard
We already have some customers expressing strong interest in the new Sophos switches, and as they become available, we will be able to gain even more experience in other environments. From what we have seen and tested so far, we can already say that Sophos switches will be our first choice for suitable projects in the future. Until now, we have been using switches from Ubiquiti, and there was really nothing wrong with them. But we still like Sophos’s ecosystem immensely, and the new switches make it even more powerful.