Moving from SG UTM to XG Firewall v18, your questions answered
Credit to Author: Barbara Hudson| Date: Mon, 09 Mar 2020 13:08:47 +0000
Many of our loyal SG UTM customers, have become curious since the release of XG Firewall v18 and are asking what it potentially means for them.
We’ve had a lot of questions about the new features, how this release now compares to SG UTM and if this is perhaps the time to take a look at XG Firewall.
SG UTM features added in XG Firewall v18
Let’s first address the new enhancements in XG Firewall v18 that many of you identified as top priorities:
Flow monitor
One of the most popular features in UTM 9, the flow monitor allows you to view traffic flows and bandwidth consumption in real time. It’s now available in XG Firewall. You can view connections by application, user, or host, and easily filter or sort the results.

Plug-and-play HA
One of the hallmark features of SG UTM has long been plug-and-play HA. A similar experience is now available in XG Firewall with the QuickHA option where you simply specify a port, connect your devices, and go.
Actionable logs
Another welcome addition to XG Firewall is the ability to take actions directly from the log viewer. This is thanks to new context-sensitive options that enable you to refine a search or filter on any content in a log entry, as well as take actions such as block or allow traffic.
Other SG UTM features now in XG Firewall
These include DKIM anti-spam, category-based web quotas, SNMP v3 support, VLANs on bridge interfaces, interface renaming, Kerberos support, route-based VPN, SD-WAN link balancing and routing policies, and so much more.
A few SG UTM features are still making their way to XG Firewall and are planned for future releases.
AWS support will initially have a baseline feature set which will increase over the course of this year, and scheduled firmware updates are also coming soon to Sophos Central.
After that, you’ll see DLP custom pattern support, HA support for three or more nodes, and HA support for XG Series w-models with integrated wireless in upcoming releases.
What do the new innovations in v18 mean for you?
Improved performance: XG Firewall v18 introduced the new Xstream Architecture with an all new high-performance proxy-less DPI engine for efficient stream scanning in a single engine, and the new Network Flow FastPath for accelerating trusted traffic and important applications.
Unmatched TLS inspection and encrypted traffic visibility: The new Xstream TLS Inspection engine now natively supports TLS 1.3 without downgrading and delivers over twice the performance of the previous solution.
Enhanced zero-day threat protection: XG Firewall v18 brings new artificial intelligence and machine learning-based threat protection from file-based threats. Combined with the industry-leading IPS engine in the new Xstream Architecture, and dynamic sandboxing analysis, XG Firewall is now the most formidable defense against the latest advanced threats.
Reliable SD-WAN app routing with Synchronized Security: Customers deploying both XG Firewall and Sophos Intercept X Endpoint get even more value than ever from their Synchronized Security Solution.
Synchronized SD-WAN leverages the added reliability that Synchronized Application Control delivers to better optimize and accelerate important applications in SD-WAN deployments. This adds to the extensive benefits that Synchronized Security already provides in monitoring endpoint health and using dynamic firewall rules to automatically isolate compromised hosts to prevent lateral threat movement and data loss.
Easy and powerful Central Cloud Management: Sophos Central cloud management not only enables you to manage all your Sophos products from a single-pane-of-glass but also offers rich XG Firewall features for group firewall management, monitoring, reporting, and zero-touch deployment… all at no extra charge!
Getting started
If you’re interested in taking advantage of all the great new enhancements in XG Firewall, you can do so for free. Your license can be transferred over at no extra charge. And, your local partner or Sophos Professional Services team will be happy to help.
Your existing SG Series hardware is fully supported (except for the SG 105 which lacks the minimum required 4 GB of memory). However, you may want to take this opportunity to consider refreshing your hardware.
If you’re not quite ready to take the plunge, you can still take advantage of many of the new capabilities in XG Firewall such as Synchronized Security, by installing an XG Series appliance inline with your existing SG UTM. The built-in bypass ports make this a risk-free solution, and it can be a great way to help with the transition from UTM to XG when you’re ready.
Thank you!
On behalf of everyone at Sophos, let me take this opportunity to acknowledge your ongoing loyalty and helpful product feedback.
You’ve not only been tremendous influencers and contributors to the success of SG UTM, but you’re also now helping to build XG Firewall into a world-class next-gen firewall solution. Thank you!