So the other day I received the announcement from Sophos they had released their “next generation” firewall appliance that would be providing the way forward for current 9.x users. Sophos did mention they are keeping both code branches however and development would continue on 9.x, however, the writing is on the wall that the XG product will be the software in times to come.
Sophos offers a 30 day free trial which is what I am using to play around with the software and get a feel for the completely rewritten interface. After you sign up on the mysophos portal you can download the product.
Also, I am excited as well that Sophos announced also that there is still a Sophos XG Home Edition Firewall – https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx which looks to provide most of the feature set as the 9.x version with the new technology and interface. One thing to note is there is an XG Firewall and an XG UTM, which the free 9.x version for me is the UTM appliance. Sophos may have restricted access with XG to only pay customers and giving firewall only and various other features to home users. More on that as it is clarified.
The Appliance itself
When you sign up for the trial product you are taken to a download page to download the appliance file format that you need for your environment – VMware, HyperV, KVM, etc as well as full ISO for hardware Intel appliance.
One thing that I see right from the start that is really great is the OVF zip package you download upon signing up for the trial is only roughly 170MB or so – very small. When we are talking about a security appliance that is what we want.
I won’t go into details about how to deploy the appliance inside VMware via the OVF file as most are familiar with the process on doing this. Sophos also has a really good getting starting guide on deploying the OVF and particulars therin: https://www.sophos.com/en-us/medialibrary/PDFs/documentation/Sophos-Firewall-Virtual-Appliance—Getting-Started-Guide.pdf?la=en
After the initial OVF deployment, below are the screenshots of the VM after it had booted and I pointed a web browser to the default 172.16.16.16:4444 IP and port.
Default username and password here is admin/admin
Below on the next screen we are asked to initiate a license synchronization which basically looks to register your device and sync the license with your install and the portal.
Choose which mode the appliance is installed in:
Basic config here: We setup the LAN interface address:
After the review screen, the device starts configuring itself. This step takes a few minutes at least on my VM.
The above screenshots take us all the way up to the point of logging into the appliance via a browser. I will have a follow up post as I have more time to play around with the appliance and have more feedback on what things look like.