Firewall XGS:

Maximum protection and performance

The Xstream Firewall architecture is designed to deliver extreme levels of visibility, protection and performance to help network administrators to solve some of the biggest challenges that they face every day.

Highest levels of performance

Sophos XGS firewalls offer the perfect combination of flexibility and the performance due to a dedicated Xstream Processor for the intelligent application acceleration.

All-in-one protection

Sophos Firewall offers much more in a single appliance than any other UTM product, including reporting, email options and a Web Application Firewall.

Syncronized Security

All the Sophos-protected endpoints share integrity, app and telemetry data with Sophos Firewall in order to improve visibility, protection and response time

Xstream Architecture

Sophos Firewall Xstream architecture protects the network from the latest threats, speeding traffic to essential SaaS, SD-WAN and cloud applications.

TLS 1.3 inspection

Sophos Firewall removes all the blind spots that have been created by encrypted traffic by allowing the use of SSL inspection, while ensuring optimal performance.

Deep Packet Inspection

Sophos Firewall blocks new types of ransomware and system breach attempts, thanks to streaming DPI that includes next-gen IPS and application control.

Application Acceleration

Sophos Firewall accelerates traffic for SaaS, SD-WAN and cloud applications automatically or through customizable policies by including them in the FastPath with the new Xstream processors.

Unmask Hidden Risks

Superior levels of visibility into risky activities, suspicious traffic, and advanced threats help you to gain full control over the network.

Blocking Unknown Threats

The most advanced next-gen protection technologies, such as Deep Learning and Intrusion Prevention, to protect your business.

Response Acceleration

The automatic threat response immediately identifies and isolates compromised systems within the network to prevent the spread of threats.

The best all-in-one solution for network protection

Sophos Firewall offers the best unified threat management (UTM) protection available anywhere in the market, with a system that is easy to manage and unrivaled in affordability. It includes the latest next-gen firewall protection, plus features that no other vendor can offer.

Next-Gen Firewall

Comprehensive next-gen firewall protection with high-performance TLS Inspection, IPS and ATP to nip in the bud the latest attacks and hacking attempts.


Web Application Firewall

An advanced protection for cloud servers against hacking attempts, while providing secure users access with the reverse proxy authentication.

Web and app control

Enterprise-class levels of control with web filtering policies and unrivaled protection thanks to user and group app control with next-gen technologies.


Cloud-based sandboxing with SophosLabs to stop zero-day threats from acting at the file level before they can infiltrate the corporate network.


Flexible SD-WAN and VPN options for practical, cost-effective connection options that are a perfect fit for cloud and hybrid networks.

Sophos Central

The ultimate platform for managing cybersecurity in the cloud

With powerful reporting tools, it is possible to view network, web and application activity over time.  This provides greater visibility into network activity to identify security gaps, suspicious user behavior, and other events that require policy changes.

  • Viewing Firewall status and usage
  • Viewing threats and security alerts
  • Viewing policy violations, dangerous apps and activities

Synchronized Security

Sophos Firewall is the only network security solution that can fully identify the user involved and the source of an infection within the network, and respond by automatically restricting access to other network resources from the infected endpoint. Making this process possible is the Sophos Security Heartbeat, which shares telemetry and integrity status data between the Sophos Endpoint Antivirus and the firewall, including endpoint integrity status in firewall rules, to monitor and isolate compromised systems.