Sophos XG Firewall - Security Heartbeat
Sophos Firewall

Sophos XG Firewall - Security Heartbeat

Patrizio - January 22, 2016

Last year in November, Sophos officially released the new XG series and set a huge milestone in its roadmap. In order to develop such a product, which already is in use here (Sophos XG 125), especially on the software level, you need to look back to at least 2011. Back then, Sophos bought the German company Astaro. Three years, later, Sophos also acquired the competitor Cyberoam, which had been founded in 1999 in India.

From the components of Astaro and Cyberoam, the new Sophos XG Firewall has been made and now unites the best from both systems.

Killer feature - Security Heartbeat

What Sophos has created with the new Sophos XG Firewall is communication between the firewall and the endpoints. Sophos is the first company to release a Synchronized Security system, which is supposed to protect from the more and more clever cyberattacks.

  • Quicker identification of threats
  • Active identification of the threat's origin
  • Automatic reaction on threats

New XG Hardware

Fitting the new Sophos Firewall OS, the new XG Hardware is being released. Just that it isn't so new. The XG series is identical to the SG series, just that the pre-installed operating system is different.

  • The Sophos SG comes with Sophos UTM 9.x
  • The Sophos XG comes with Sophos Firewall OS

data sheet: Sophos XG Appliances

How does Security Heartbeat work

In order to profit from the new Security Heartbeat, a SG or XG appliance with the new Sophos Firewall OS is required. The endpoints get Sophos Central protection, which is now also being hosted in German data centers.

As soon as a new, Sophos protected, device is being added to your network, Security Heartbeat automatically connects to the local Sophos XG Firewall and communicates the security status of the device. In real time, threats are being sent to the Firewall, which then denies access to the internet or the company server, depending on the configuration. In close future the keys used for data encryption can be taken away from the client as well. The client will only receive the keys back if the Firewall considers it as "clean" again. The systems are constantly exchanging information, which enables way quicker reaction on any potential attacks. Pretty clever, right?

Thanks to this new technology, it's possible to protect yourself even better against new threats from the internet. Security breaches are reacted to in real time to prevent for example malware from spreading or data from being stolen.

"Currently, no other company is able to provide this kind of synchronized and integrated communication between endpoint and network security products. The resulting time and resource savings are very attractive, especially for small to mid-sized companies, as well as the possibility to defend oneself against the more and more sophisticated cyberattacks."
Christian Christiansen, Vice President of Security Products at market researcher IDC

Data sheet: Sophos Security Heartbeat Whitepaper

Admittedly, the new Sophos Firewall OS doesn't have much in common with Sophos UTM 9.x anymore. It takes some time to get used to the new interface. But Security Heartbeat alone is big enough of a reason to give the new Firewall OS a chance! Make your network safer with Synchronized Security.

In case you need support with the configuration, we're happy to help.

Send Your Feedback

Share your thoughts about this article, your private queries are always welcome and greatly appreciated.

Send Feedback
All information are confidential

On our blog we regularly publish articles on various topics related to Sophos. To make sure you don't miss any articles, you can subscribe to our newsletter, and once a month you will receive an email with a summary of all articles published in the last 30 days.

Knowledge base

Do you need help with a Sophos product? Then maybe our free knowledge base can help you. We try to document most support requests in an article so that we can help as many people as possible.