Shopping Cart

No products in the cart.

Sophos XG Firewall – new features in v17.1

After a series of 7 maintenance releases, Sophos has finally released another update with SFOS 17.1, which will bring some bug fixes as well as new features again. In this blog post we summarize which new features you can look forward to.

New features in SFOS v17.1

Cloud Access Security Broker (CASB) – Cloud App Visibility

Sophos has set its sights on combating shadow IT, and a new feature coming in 17.1 makes the XG a cloud access security broker (CASB) appliance.

In short, this function provides an overview of all cloud apps used in the company. The Cloud Access Security Broker thus makes it much easier for the administrator to analyze the traffic. The overview of the CloudApps also shows how much upload and download traffic the individual applications cause. These services can then be allowed or blocked for individual users or globally.

Synchronized Application Control

Synchronized Application Control was already introduced with version 17.0. Read more in an earlier post: Sophos XG Update v17: Overview of all new features . This function has now been improved with 17.1. A search and a filter facilitate the management of the often very many apps on the users’ computers. The allocation to categories has also been improved and you now have the option to remove irrelevant applications from the list.

Email Protection Improvements

  • A user can now maintain their own blacklists and whitelists for emails or domains in the User Portal.
  • Exceptions can be created for domains or email addresses so that they are not sent to Sandstorm, for example.

Firewall improvements

  • Rule management has been improved to increase flexibility and further optimize administration. You can now double-click on a firewall rule to open it for faster editing.
  • The QUIC protocol from Google can now be easily blocked. This way you can make sure that the traffic is scanned, because the connection is then running over TCP. We have already written KB articles about the QUIC protocol: Sophos Firewall and the QUIC protocol
  • Added flexibility in defining ACL exceptions, for example, to restrict access to services, such as the user portal, from a single alias.

Wireless improvements

The channel width of the access points and the radius can now be adjusted in the user interface.

SSL VPN port option

A very often requested feature was that the default port can be changed for the SSL VPN connection, as was the case with the UTM. With 17.1 this is now possible.

The timetable is right

With v17.1 some bugs we had to live with so far are solved. All in all, SFOS has really improved and this year (2018) we have not implemented any new projects with UTM. We are thus fully committed to the XG generation and see how the Firewall OS gets a little better with every update. There are currently few reasons why we would not recommend XG Firewall and return to UTM. However, we will probably have to live with some workarounds and bugs in the future.

Owners of a Sophos SG Firewall who would now like to switch to the SFOS can do so at any time free of charge. We have already written a KB article for this: Installing Sophos XG Firewall OS on an SG Appliance

More on the topic


Patrizio is an experienced network specialist with a focus on Sophos firewalls, switches and access points. He supports customers or their IT department in the configuration and migration of Sophos firewalls and ensures optimal network security through clean segmentation and firewall rule management.

Subscribe Newsletter

We send out a monthly newsletter with all the blog posts for that month.