{"id":23315,"date":"2023-11-06T07:20:56","date_gmt":"2023-11-06T15:20:56","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/11\/06\/news-17045\/"},"modified":"2023-11-06T07:20:56","modified_gmt":"2023-11-06T15:20:56","slug":"news-17045","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2023\/11\/06\/news-17045\/","title":{"rendered":"Sophos Firewall v20 is now available"},"content":{"rendered":"<p><strong>Credit to Author: Chris McCormack| Date: Mon, 06 Nov 2023 14:00:43 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\" width=\"100%\" height=\"420\">\n<p>We are extremely pleased to announce that <a href=\"https:\/\/www.sophos.com\/firewall\" target=\"_blank\" rel=\"noopener\">Sophos Firewall<\/a> v20 is now available. This latest release includes an innovative new active threat response capability, several networking enhancements, added support for securing your remote workforce, and many of your top-requested features.<\/p>\n<p>Sophos Firewall v20 is a free upgrade for all licensed Sophos Firewall customers.<\/p>\n<p>Watch the video below for an overview of what\u2019s new, download the <a href=\"https:\/\/assets.sophos.com\/X24WTUEQ\/at\/w8vnx57qw4vhs997fbknp2j\/sophos-firewall-key-new-features.pdf\">What\u2019s New PDF<\/a>, or read on for the full details and deep-dive demo videos.<\/p>\n<div class=\"embed-vimeo\" style=\"text-align: center;\"><iframe loading=\"lazy\" src=\"https:\/\/player.vimeo.com\/video\/878802542\" width=\"100%\" height=\"420\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen style=\"\"><\/iframe><\/div>\n<h2>Active Threat Response<\/h2>\n<p><strong>Extending Synchronized Security to MDR and XDR<\/strong> provides a direct feed for security analysts to share active threat information with the firewall, enabling it to automatically respond to active threats without creating any firewall rules.<\/p>\n<p><strong>Dynamic Threat Feeds<\/strong> introduces a new threat feed API framework that is easily extensible. It enables threat intelligence to be shared by the Sophos X-Ops team, other Sophos products like MDR and XDR, and ultimately third-party threat feeds in the future.<\/p>\n<p><strong>Synchronized Security <\/strong>extends the same Red Heartbeat, automated response that Sophos Firewall has always had and applies it to MDR\/XDR identified threats. This ensures compromised hosts are not able to move laterally or communicate out, while details including host, user, and process are readily available for follow-up. Synchronized Security has also been enhanced with added scalability and reduced false missing heartbeats for devices that are in sleep or hibernation states.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-952036 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ATR.png\" alt=\"\" width=\"1430\" height=\"722\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ATR.png 1430w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ATR.png?resize=300,151 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ATR.png?resize=768,388 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ATR.png?resize=1024,517 1024w\" sizes=\"auto, (max-width: 1430px) 100vw, 1430px\" \/><\/p>\n<p>Watch the <a href=\"https:\/\/techvids.sophos.com\/watch\/kysi9dTRDCRHuPFgPi2AEr\" target=\"_blank\" rel=\"noopener\">Active Threat Response demo video<\/a>.<\/p>\n<h2>Remote worker protection and SASE<\/h2>\n<p><strong><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-medium wp-image-951420\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/ZTNA.png?w=300\" alt=\"\" width=\"300\" height=\"142\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/ZTNA.png 818w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/ZTNA.png?resize=300,142 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/ZTNA.png?resize=768,362 768w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>ZTNA gateway integration<\/strong> makes ZTNA deployments even easier by integrating a ZTNA gateway directly into the firewall. This means any organization that needs to provide remote access to applications hosted behind the firewall doesn\u2019t need to deploy a separate gateway on a VM. They can simply take advantage of the gateway integrated into their firewall. When combined with our single-agent deployment on the remote device, ZTNA couldn\u2019t possibly get any easier. It\u2019s literally zero-touch zero trust.<\/p>\n<p><strong>Third-party SD-WAN integration <\/strong>makes it easy to onramp SD-WAN traffic onto Cloudflare, Akami, or Azure backbone networks to take advantage of their enormous infrastructure, reach, and networking and security services.<\/p>\n<p><strong>Sophos DNS Protection <\/strong>is our new cloud-delivered web security service that will be available separately in early access very soon. It provides a new Sophos-hosted domain name resolution service (DNS) with compliance and security features that are fully supported by Sophos Firewall. This service provides an added layer of web protection, preventing access to known compromised or malicious domains across all ports, protocols, or applications \u2013 both unencrypted and encrypted. More news on this new service is coming soon.<\/p>\n<h2>Network scalability and resiliency enhancements<\/h2>\n<p><strong><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-medium wp-image-951421\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/VPN-Portal.png?w=300\" alt=\"\" width=\"300\" height=\"191\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/VPN-Portal.png 528w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/09\/VPN-Portal.png?resize=300,191 300w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>A new VPN portal<\/strong> provides a containerized, hardened self-service portal for end users to download VPN clients and configurations, auto-provisioning, and clientless VPN bookmarks.<\/p>\n<p><strong>IPsec enhancements <\/strong>include seamless HA failover, tunnel status monitoring via SNMP, unique PSK support for the same local and remote gateway connections, and DH Group 27-30\/RFC6954 support.<\/p>\n<p><strong>SSL VPN enhancements <\/strong>include FQDN (fully qualified domain name) host and group support for both remote access and site-to-site SSL VPN.<\/p>\n<p><strong>SD-WAN scalability <\/strong>triples\u00a0SD-WAN gateway scalability to 3072 gateways and the number of SD-WAN profiles to 1024.<\/p>\n<p><strong>IPv6 enhancements <\/strong>include DHCP prefix delegation to seamlessly integrate with your ISP and new enhancements to the dynamic routing engine now support BGPv6 for improved IPv6 interoperability.<\/p>\n<p>Watch a video overview of the <a href=\"https:\/\/techvids.sophos.com\/watch\/bgUdBHwMBFLt8KnwgcFr7u\" target=\"_blank\" rel=\"noopener\">VPN enhancements<\/a> or the IPv6 <a href=\"https:\/\/techvids.sophos.com\/watch\/MoKbV1ZiLPBRFACaaeJSRs\" target=\"_blank\" rel=\"noopener\">BGPv6<\/a> and <a href=\"https:\/\/techvids.sophos.com\/watch\/LvQPWE7moUZJUHrXyF7Nhp\" target=\"_blank\" rel=\"noopener\">DHCPv6<\/a> capabilities.<\/p>\n<h2>Streamlined management<\/h2>\n<p><strong>Interface enable\/disable<\/strong> delivers a top-requested feature to easily disable or enable network interfaces on the firewall without losing any configuration.<\/p>\n<p><strong>Object reference lookup<\/strong> addresses another top-requested feature to find where a given host or service object is used in rules, policies, and routing.<\/p>\n<p><strong>Hi-res display support<\/strong> adds increased horizontal scalability to the management console to take advantage of high-resolution displays and reduce horizontal scrolling.<\/p>\n<p><strong>Auto-rollback on failed firmware updates<\/strong> reduces any disruption, including high-availability deployments.<\/p>\n<p><strong>Backup and restore<\/strong> now includes the option to restore a backup from a firewall with integrated Wi-Fi to a firewall without Wi-Fi.<\/p>\n<p><strong>Azure AD SSO for captive portal<\/strong> adds support for user authentication on the captive portal using their Azure AD credentials.<\/p>\n<p><strong>Azure group import and RBAC <\/strong>add support for a new import assistant for Azure AD groups and automatic promotion for role-based admin changes.<\/p>\n<p>Watch videos covering the new <a href=\"https:\/\/techvids.sophos.com\/watch\/daqv8rRYvfwJUYvzssjCkJ\" target=\"_blank\" rel=\"noopener\">management features<\/a> and <a href=\"https:\/\/techvids.sophos.com\/watch\/ZRfL8d1UXgJw6idbsSjn1k\" target=\"_blank\" rel=\"noopener\">Azure AD capabilities<\/a>.<\/p>\n<h2>Other enhancements<\/h2>\n<p><strong>Web Application Firewall (WAF) enhancements<\/strong> include geo IP policy enforcement, custom cipher configuration, and TLS version settings, as well as improved security with HSTS enforcement and X-Content-Type-Options enforcement.<\/p>\n<p><strong>Azure Single Arm deployment support<\/strong> enables the choice of a smaller instance size to save on infrastructure costs and reduce network and operational complexity.<\/p>\n<h2>Get more details on what\u2019s new<\/h2>\n<p>Download the full <a href=\"https:\/\/assets.sophos.com\/X24WTUEQ\/at\/w8vnx57qw4vhs997fbknp2j\/sophos-firewall-key-new-features.pdf\" target=\"_blank\" rel=\"noopener\">What\u2019s New Guide<\/a> for a complete overview of all the great new features and enhancements in v20.<\/p>\n<p>Review the <a href=\"https:\/\/docs.sophos.com\/releasenotes\/output\/en-us\/nsg\/sf_200_rn.html\" target=\"_blank\" rel=\"noopener\">release notes<\/a> and <a href=\"https:\/\/doc.sophos.com\/nsg\/sophos-firewall\/20.0\/Help\/en-us\/webhelp\/onlinehelp\/index.html\" target=\"_blank\" rel=\"noopener\">documentation<\/a>.<\/p>\n<p>Watch the demo video series:<\/p>\n<ul>\n<li><a href=\"https:\/\/vimeo.com\/878802542\">What\u2019s New Overview<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/kysi9dTRDCRHuPFgPi2AEr\">Active Threat Response<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/bgUdBHwMBFLt8KnwgcFr7u\">VPN Enhancements<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/MoKbV1ZiLPBRFACaaeJSRs\">IPv6 BGPv6<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/LvQPWE7moUZJUHrXyF7Nhp\">IPv6 DHCPv6<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/daqv8rRYvfwJUYvzssjCkJ\">Management and Quality of Life Enhancements<\/a><\/li>\n<li><a href=\"https:\/\/techvids.sophos.com\/watch\/ZRfL8d1UXgJw6idbsSjn1k\">Azure AD Captive Portal SSO and Group Import<\/a><\/li>\n<\/ul>\n<h2>How to get v20<\/h2>\n<p>As with every firewall release, Sophos Firewall v20 is a free upgrade for all licensed Sophos Firewall customers and should be applied to all supported firewall devices as soon as possible. This release not only contains great features and performance enhancements, but also important security fixes.<\/p>\n<p>This firmware release will follow our <a href=\"https:\/\/community.sophos.com\/sophos-xg-firewall\/b\/blog\/posts\/firewall-firmware-release-process-and-timeline\" target=\"_blank\" rel=\"noopener\">standard update process<\/a>.<\/p>\n<p>Please note that Sophos Firewall firmware updates are now downloaded from Sophos Central. Get the <a href=\"https:\/\/community.sophos.com\/sophos-xg-firewall\/b\/blog\/posts\/important-sophos-firewall-licensing-portal-changes\" target=\"_blank\" rel=\"noopener\">full details here<\/a> or follow the quick guide below to get the latest v20 firmware for your firewall:<\/p>\n<p>1. Log in to your Sophos Central account and select \u201cLicensing\u201d from the drop-down menu under your account name in the top right of the Sophos Central console.<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-952037 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-1.png\" alt=\"\" width=\"1430\" height=\"495\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-1.png 1430w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-1.png?resize=300,104 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-1.png?resize=768,266 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-1.png?resize=1024,354 1024w\" sizes=\"auto, (max-width: 1430px) 100vw, 1430px\" \/><\/p>\n<p>2. Select Firewall Licenses on the top left of this screen.<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-952038 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-2.png\" alt=\"\" width=\"1430\" height=\"509\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-2.png 1430w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-2.png?resize=300,107 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-2.png?resize=768,273 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-2.png?resize=1024,364 1024w\" sizes=\"auto, (max-width: 1430px) 100vw, 1430px\" \/><\/p>\n<p>3. Expand the firewall device you\u2019re interested in updating by clicking the \u201c&gt;\u201d to show the licenses and firmware updates available for that device.<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-952039 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-3.png\" alt=\"\" width=\"1430\" height=\"709\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-3.png 1430w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-3.png?resize=300,149 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-3.png?resize=768,381 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Upgrade-3.png?resize=1024,508 1024w\" sizes=\"auto, (max-width: 1430px) 100vw, 1430px\" \/><\/p>\n<p>4. Click the firmware release you want to download (note there is currently an issue with downloads working in Safari so please use a different browser such as Chrome).<\/p>\n<p>5. You can also click \u201cOther downloads\u201d in the same box above to access initial installers and software platform firmware updates.<\/p>\n<p>The new v20 firmware will be gradually rolled out to all connected devices over the coming weeks. A notification will appear on your local device or Sophos Central management console when the update is available, allowing you to schedule the update at your convenience.<\/p>\n<p>Sophos Firewall v20 is a fully supported upgrade from any supported Sophos Firewall firmware version.<\/p>\n<p>Check out the <a href=\"https:\/\/docs.sophos.com\/releasenotes\/output\/en-us\/nsg\/sf_200_rn.html\" target=\"_blank\" rel=\"noopener\">v20.0 GA release notes<\/a> for more details, including the known issues list. Full <a href=\"https:\/\/doc.sophos.com\/nsg\/sophos-firewall\/20.0\/Help\/en-us\/webhelp\/onlinehelp\/index.html\" target=\"_blank\" rel=\"noopener\">product documentation<\/a> is available online and within the product.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/11\/06\/sophos-firewall-v20-is-now-available\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/10\/Sophos-Firewall.png\"\/><\/p>\n<p><strong>Credit to Author: Chris McCormack| Date: Mon, 06 Nov 2023 14:00:43 +0000<\/strong><\/p>\n<p>New innovations and top-requested features<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[129,12235,30192,10384,24562,30193],"class_list":["post-23315","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-featured","tag-firewall","tag-firewall-v20","tag-network","tag-products-services","tag-v20"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23315","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23315"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23315\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}