A next-generation firewall (NGFW or XG Firewall) is a hardware or software-based network security appliance that is able to detect and block sophisticated attacks through Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) and by enforcing security policies deep into the application level, as well as at the port and protocol level like traditional firewalls.
We carry several other vendors which we recommend based on company size and sophistication. Sophos is one our vendors which we integrate with our Security Information and Event Management (SIEM) system to monitor and respond on anomaly activities.
Sophos XG Firewall takes an innovative approach across all areas of network security. From the way firewalls are managed, to the way they report information and how they work with other security systems around them, giving you an unprecedented level of simplicity, insight, and advanced threat protection. As well as simplifying core network security tasks Sophos delivers innovative approaches to ensure you get even more protection.
Potent, powerful … fast
You get all the next-gen firewall features you need plus features you can’t get anywhere else – including our revolutionary Security Heartbeat, full web application firewall, and complete email anti-spam, encryption and DLP. No extra hardware. No extra cost. Simply choose what you
want to deploy.
We’ve engineered XG Firewall to deliver outstanding performance. Our appliances are built using Intel multi-core technology, solid-state drives, and accelerated in-memory content scanning. In addition Sophos FastPath packet optimization technology ensures you’ll always get maximum throughput.
Policy templates get you protected fast
Pre-defined policy templates let you protect common applications like Microsoft Exchange or SharePoint fast. Simply select them from a list, provide some basic information and the template takes care of the rest. It sets all the inbound/outbound firewall rules and security settings for you automatically – displaying the final policy in a statement in plain English.
Patented Layer-8 Identity control
User identity takes enforcement to a whole new layer with our patented Layer-8 identity based policy technology enabling user level controls over applications, bandwidth and other network resources regardless of IP-address, location, network or device. It literally takes firewall policy to a whole new layer.
Flexible deployment, no compromise
Unlike our competitors whether you choose hardware, software, or virtual we don’t make you compromise – every feature is available on every model and form- factor.
Automated user risk reports
The Sophos User Threat Quotient (UTQ) indicator is a unique feature which provides actionable intelligence on user behavior. Our firewall correlates each user’s surfing habits and activity with advanced threat triggers and history to identify users with risk-prone behavior.
A revolution in advanced threat protection – Sophos Security Heartbeat
An industry first, our Security Heartbeat links your endpoints and your firewall to combine their intelligence and identify systems compromised by previously unknown threats. The Heartbeat status is integrated into security policy settings to instantly trigger actions at both endpoint and network levels to isolate or limit access until systems are healthy again. This feature requires Sophos Cloud Endpoint Protection Advanced or Sophos Cloud Enduser Protection.