We’ve been talking lately about the new Sophos XGS family of firewalls, with good reason. And today, it’s the turn of the Sophos XGS 2300. With the XGS 2100, we are completely clear of the SMB/desktop range of firewalls, and in to the mid-range. The XGS 2300 is good for 300-500 users.
Sophos’ new flagship line is now simply Sophos Firewall. They have dedicated Xstream Flow processors now. These multi-core processors just make everything faster. Including the heavy-lift security functions like…
TLS 1.3 Inspection
According to the latest statistics, approximately 90% of web traffic is encrypted. Who knew? Problem is, encryption makes traffic invisible to most firewalls. As a result, many organizations simply don’t use the SSL Inspection features on their firewalls. The concern is that SSL Inspection will impact performance, and thus user experience. Predictably, an increasing amount of malware is taking advantage of this fact.
The Sophos XGS 2300 removes the blind spots caused by encrypted traffic. The speedy new processors allow you to use SSL Inspection without sacrificing speed and efficiency.
Deep Packet Inspection
Sophos believes you shouldn’t have to choose between security and performance. So, Sophos Firewall includes a fast Deep Packet Inspection engine. It scans your traffic without using a proxy, which tends to slow things down. The inspection processing is completely offloaded to the DPI engine. This reduces latency. In other words, it speeds things up.
The Sophos XGS 2300 blocks the latest ransomware and breaches with high-performance streaming DPI. This includes next-gen IPS, web protection, and app control. It also features deep learning and sandboxing.
Of course, a lot of your network traffic is important application traffic. Traffic that should to be there, headed for branch offices, remote users, and so on. This trusted traffic can now be directed to FastPath, which will optimize performance further. This provides extra capacity for intelligently scanning traffic that does need DPI for malware and other threats.
The XGS 2300 speeds up your SaaS, SD-WAN. So things like VoiP, video, and other trusted cloud traffic get pushed to FastPath either automatically, or by your own policies.
The XGS 2300 itself
It has some quite advanced features like on-box reporting and dual AV scanning It also has WAF AV scanning and an email message transfer agent functionality. It’s a 1U rackmount appliance. The XGS 2300 pushes 35 Gbps total firewall Throughput. IPS Throughput is 7 Gbps, and Xstream SSL/TLS Inspection is 1.45 Gbps. It offers a diverse range of high-speed interfaces built-in. And there’s a choice of add-on connectivity modules. Whether ensuring maximum uptime for your SD-WAN links, securely connecting remote users, or protecting a growing network, you can tailor them to your dynamic environment.
You can expect the XGS series to truly be carefree “install and forget” firewalls. As long as you maintain firmware upgrades, the standard installation does an excellent job.
Sophos has always offered an ease-of-use that is nearly unmatched. The XGS 2300 is very suitable for medium-to-enterprise sized businesses.
Sophos XGS 2300 highlights
|35 Gbps of Total Firewall Throughput
|New, dedicated Xstream Flow processors
|Xstream SSL/TLS Inspection of 1.56 Gbps
|Extremely fast Deep Packet Inspection
|Efficient Application Acceleration