.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
In the last few articles on the topic of our latest Sophos Firewall release, we’ve discussed many of the important enhancements to Secure by Design in Sophos Firewall v22. You will be delighted to know that this release also includes many of your top-requested features, such as…
Instant web notifications for education
Sophos Firewall is very popular within the education sector due to the fact that it offers many features to help schools protect their environments and safeguard students at K-12, primary, and secondary institutions.
One of the top concerns amongst the education sector is monitoring and controlling web content. Sophos Firewall includes rich but easy web filtering policies with the option to block, allow, warn, or provide instructor-controlled access overrides. With Sophos Firewall v22, web filtering has been enhanced at the request of many of you to now offer instant alerting.
Organizations can now set up instant alerting for restricted web categories, which is particularly helpful for education institutions that require this. Emails will be sent as frequently as every 5 minutes, with new alerts featuring a full report showing date, time, user, category, domain, and more. This new feature can be found under Web > Categories.
Enhanced visibility and accountability
Many of you have requested enhancements to audit logging to get better visibility into any changes being made to the firewall’s configuration.
Sophos Firewall v22 now includes comprehensive audit logs with before and after tracking that meet the latest NIST standards. In this first phase, detailed audit logging is supported for firewall rules, objects, and interfaces and audit logs can be downloaded from Diagnostics > Logs. XML is conveniently used to highlight before and after changes. Future phases will show the delta change within the log viewer.
Many organizations have also asked for hardware monitoring via SNMP and sFlow monitoring for real-time interface data. Both of these are now included in Sophos Firewall v22.
Hardware monitoring via SNMP offers a downloadable MIB file from the SFOS UI and supports metrics such as CPU temp, NPU temp, fan speeds, power supply status (on XGS 2100 and above), and PoE measurements for all XGS models with PoE support except XGS 116(w).
sFlow Monitoring provides real-time data based upon your set sampling rate (400 by default with a minimum sample rate of 10) and works on any physical interface, including sub interfaces (alias, VLAN, etc.) with a maximum of 5 collectors. Note that the FastPath will be disabled for the monitoring interface.
Stronger authentication
Many of you are looking for ways to harden your security infrastructure and, as you know, we fully embrace and support this. As a result, we are happy to address a couple of top requested features for authentication security with this release.
SHA 256 and 512 support for OTP Tokens has been a very popular request from our SG UTM customers and is now an option on Sophos Firewall for Google and Sophos apps as well as admin users.
MFA support for WAF brings multi-factor authentication to the integrated Web Application Firewall (form-based authentication) on Sophos Firewall to provide added security and feature parity in this area as well.
User experience and performance
Many of our passionate customers and network administrators are always providing great feedback on the user interface – particularly the performance of the UI when managing complex networks.
We are happy to say that this release includes a significant enhancement to the UX with a simple change that makes navigating around the product much faster, particularly for those managing complex networks.
Now, instead of having to wait for the given tab to fully populate with data entries, you can change to a different menu entry or tab without having to wait. This makes the UI much more responsive to your inputs.
In addition, those of you managing a large number of XFRM interfaces will find pagination support as well as new searching and filtering options a nice addition to the product in v22.
Get started today
Thanks to all of you participating in the Early Access Program. There’s still plenty of time before the December release to get involved in the program to help make this release the best it can be. Be sure to get involved in the Sophos Firewall v22 Early Access Program today! Also be sure to review the full What’s New Guide for a complete list of all the new capabilities in Sophos Firewall v22.
