Shopping Cart

No products in the cart.

Sophos XG update v16.05.0 – Sandstorm now also for XG firewalls with SFOS

The new version v16.05.0 for all XG Firewalls with SFOS is already available since January 18, 2017. We still decided to publish this short post, even though it’s already mid-April and this version has hopefully been installed on all XG Firewalls out there by now.

If you have only just noticed that your XG Firewall is not yet running on version v16.05.0, I have another interesting article for you at this point. 🙂

What are the new features of the SFOS 16.05.0 release?

Readers in a hurry need only know the following two things:

  • Sophos Sandstorm for Mail and Web
  • Various bug fixes

So the notable feature of the new version is Sophos Sandstorm for mail and web.

What is Sophos Sandstorm?

Sophos Sandstorm blocks evasive malware such as ransomware hiding in executable files, PDFs and Microsoft Office documents and sends them to its cloud sandbox, where the malware runs and is monitored in a secure environment. Threat data is transferred back to the Sophos solution and the file is allowed or blocked. The process takes only a few minutes and the user is practically not affected. You’ll also receive detailed threat reports for each incident, so you’ll know exactly what’s going on.

If you want to know a little more about Sophos Sandstorm, you can read an earlier blog post of ours:“Sophos Sandstorm – Fighting zero-day malware and APTs with sandboxing from Sophos“.

At this point, we would also like to link to the official video from Sophos, which presents the new Sandstorm function on the XG in more detail:

By the way, the video also shows how you can test Sophos Sandstorm 30 days for free on the XG.

Purchase Sophos Sandstorm for SFOS now

If you want to continue using Sophos Sandstorm after the 30-day trial period, you can order a license in our store.

Just choose your model on the left side and pick the Sandstorm license. Alternatively, there is also the new “FullGuard Plus” and “TotalProtect Plus” bundle, where Sophos Sandstorm is included directly.

However, don’t forget that even if the firewall does a great job and could now theoretically even detect ransomware with Sandstorm and the sandboxing technology, never do without endpoint protection! The firewall can only detect threats that it can scan.

Bug fixes

  • NC-12759 [Authentication] Segmentation Fault of access server
  • NC-13930 [Authentication] Access_server segmentation fault
  • NC-14100 [Authentication] Appliance IP doesn’t appear on general tab of STAS suite
  • NC-14160 [Authentication] Netbios packages sent out via WAN port
  • NC-13972 [Base System] Webadmin certificate is not updated when changing common name in ca certificate
  • NC-14123 [Base System] No reconnect of ipsec tunnel when using IPv6
  • NC-14140 [Base System] If VPN profile name is matching an existing log file then the profile will log to this log file
  • NC-15736 [Base System] Fix sending telemetry data
  • NC-14227 [Certificates] Improve error message for Certificate Revocation List
  • NC-3820 [Certificates] The validation period To/From is not taken into account for CRL uploads
  • NC-13394 [Clientless Access(HTTP/HTTPS)] Japanese character issue in HTTP bookmark of clientless access
  • NC-13014 [FirewallDatapath] Not able to ping local machine located in DMZ zone from LAN zone with IPsec S2S tunnel setup
  • NC-13665 [Firewall] Skipping load balancing for missing heartbeat drop traffic
  • NC-13702 [Firewall] Block Page with captive portal link shown for users when webfilter + user based rules are used
  • NC-13987 [Firewall] Wizard failed after configure DOS rule using src-zone
  • NC-14137 [Firewall] ‘Internet Scheme’ page loading failed
  • NC-11810 [Framework(UI)] Application List headings are removed after applying filter
  • NC-13043 [Framework(UI)] Control Center – system graph initially renders without title
  • NC-13858 [Framework(UI)] Improve XG Firewall dashboard diagrams
  • NC-14649 [Framework(UI)] Possible SQL injection in EventViewerHelper
  • NC-14671 [Framework(UI)] XSS in LiveConnectionDetail.jsp in SFOS
  • NC-15101 [Framework(UI)] Apache service stop in case of certificate names contain space characters
  • NC-8116 [Framework(UI)] Disable TLS1.0 and TLS1.1 support for Webadmin and Userportal
  • NC-14995 [Galileo Heartbeat] Heartbeat – Service restarting automatically
  • NC-14244 [Hotspot] Hotspot type POTD send extra mail while updating password creation time
  • NC-13610 [IDS + AppControl] Psiphon Proxy application is not blocked
  • NC-13496 [IPS] Wrong ip address shown in web filter logviewer when device configured in TAP-Mode
  • NC-14231 [IPS] Internet traffic dropped by IPS if network subscription is missing
  • NC-12228 [Mail Proxy] MIME whitelist box is not large enough to display the entire text
  • NC-14093 [Mail Proxy] Proxy stops processing mails if IP reputation is enabled with action “Reject”.
  • NC-14098 [Mail Proxy] Delivery failure notification not sent if sender or recipient email address contains space character
  • NC-14178 [Mail Proxy] SMTP proxy dies to due to specific characters in return path of delivery failure notification
  • NC-14213 [Mail Proxy] Read only profile should be set in Email protection in HA mode
  • NC-15657 [Mail Proxy] Sandstorm malicious mails should not be releasable from Spam Digest Email
  • NC-13448 [Network Services] DHCP service dies while binding custom option to DHCP server
  • NC-12214 [Networking] New warning message for unbinding interfaces trivialize effects
  • NC-12966 [Networking] WWAN connectivity issue with Huawei E3372
  • NC-13449 [Networking] DHCP option is deleted without removing it’s binding.
  • NC-13599 [RED] Transparent Split and 3G Failover should not be possible to configure
  • NC-14164 [RED] [RED] implement “TLS 1.2 only” mode
  • NC-11769 [Reporting] Event Type ‘Not Available’ seen in Reports of Admin Events
  • NC-12472 [Reporting] PDF Report Export/On Demand: When records continue on 2nd page server time change
  • NC-13257 [Reporting] Pagination is not working for “Interface” widget in executive report.
  • NC-14337 [Reporting] Reports is not loading when language is spanish
  • NC-6345 [Reporting] Custom Reports: Sometimes application/protocoll filter is not working properly
  • NC-12969 [SSLVPN] SSLVPN Remote-Access to Apple iPhone: traffic cannot pass through tunnel
  • NC-15615 [Sandstorm] sandboxd and sandbox_reportd do not start on new install without reboot
  • NC-15644 [Sandstorm] Trial evaluation link sends incorrectly encoded activation link
  • NC-13945 [UI] Log Viewer link from widget window is not working
  • NC-13995 [VPN] VPN failover group stops retrying after couple of minutes
  • NC-6589 [VPN] DHCP_V6A_IPSec connection not re-connected when changing IPv4 address of the same WAN interface
  • NC-14118 [WAF] SFM MR-2 can not push web server configuration to SFv16 device
  • NC-11111 [Web] Captive Portal settings: unauthenticated users redirection does not work
  • NC-10629 [Wireless] Wifiauth service this
  • NC-13207 [Wireless] hostapd dies state after updating radius server in wireless global settings
  • NC-13340 [Wireless] Update organizationally unique identifier (OUI) library
  • NC-13940 [Wireless] Red15w wireless is not detected
  • NC-14000 [Wireless] DHCP option 234 code missing in “editreddevice” opcode
  • NC-9469 [Wireless] WLAN interfaces are not shown in network configuration wizard if wireless network name contains ‘WLAN’.

Patrizio is an experienced network specialist with a focus on Sophos firewalls, switches and access points. He supports customers or their IT department in the configuration and migration of Sophos firewalls and ensures optimal network security through clean segmentation and firewall rule management.

Subscribe Newsletter

We send out a monthly newsletter with all the blog posts for that month.