Sophos XG 450 review

The XG 450 delivers tough and affordable enterprise security to mid-sized businesses

Price
£9,686
  • Good value; Simple deployment; Top performance; Versatile security; Heartbeat and SAC features; Integral reporting
  • Control Center stats slow to update

Sophos has been busy expanding its security appliance offerings and its latest XG Firewall family now has a solution for every business environment, ranging from the smallest of offices right up to enterprises. On review we have the new XG 450 Rev. 2 which sits at the top of Sophos' mid-sized office portfolio and looks to offer an impressive range of security measures for a comparatively modest outlay.

Advertisement - Article continues below

Features have been improved with Sophos' SAC (synchronized application control) designed to catch those apps that other solutions leave behind. All the 1U rack models now have two fail-safe bypass ports and also support Sophos' FleXi port expansion modules.

The XG 450 comes with eight Gigabit and two 10GbE SFP+ ports as standard and has two expansion bays. Sophos offers optional FleXi modules with eight copper or fibre Gigabit, quad 10GbE copper or fibre and dual 40GbE QSFP+ ports.

There's plenty of power on tap too, with the XG 450 claiming a raw firewall throughput of 50Gbits/sec. Enable the IPS features and this drops to 10Gbits/sec - still very respectable as this price point.

Sophos XG 450 review: Options and deployment

The base appliance has firewall, VPN, authentication and secure wireless management services enabled with a perpetual license, to which you can add a selection of subscription-based security features. The price we've shown is for a 3-year Enterprise Protect Plus and Enhanced Support agreement which costs 9,686 per year.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Along with the network and web protection modules, this activates the Sandstorm feature which uses cloud sandbox technology to mitigate zero-day threats such as ransomware. Go for the Enterprise Protect Full subscription and you'll get everything activated including email and web server protection.

Deployment is swift; we pointed a web browser at the appliance and followed the quick start wizard. This helped secure administrative access, set up LAN and WAN port address assignments and DHCP services, add an email address for alerting and choose the operation mode.

We plumped for routed mode, as we wanted the XG 450 to provide all security functions including firewalling. The appliance starts protection immediately, and the wizard created base security policies which activated web filtering for common unwanted categories and anti-malware scanning.

Sophos XG 450 review: Security policies

The web console dashboard offers an overview of all network activity and security issues, web traffic graphs and bar charts for blocked and allowed applications, plus detected network attacks. Our only issue is the Traffic Insight section frequently failed to update itself, requiring the page to be regularly refreshed.

Advertisement - Article continues below

After grouping the appliance's ports into zones, we applied firewall rules to source and destination zones along with associated networks and hosts. Other network objects include service filters, blocking actions and time schedules which can be applied within each rule.

It's worth setting up policies for web filtering, IPS and application controls first as these are referenced in your firewall rules. They are easy to create from the Protect section of the web console with web filtering offering over 90 categories and application controls providing over 3,000 predefined apps.

Sophos' identity-based security allows you to apply more versatile policies to users and groups which include data transfer limitations on uploads and downloads, and limits on daily, weekly, monthly and yearly usage. Clients authenticating to an external directory server will be automatically logged in while others can use the free Client Authentication Agent (CAA).

Advertisement
Advertisement - Article continues below

The appliance stores versions for Windows, Linux and Macs while free mobile apps are available for Android and iOS devices. We had no problems with the Windows CAA as it automatically found the appliance and once users had logged in, they appeared in the web console as live.

Sophos XG 450 review: Heartbeat and RED

The Heartbeat features extends the firewall's reach into the cloud as it interacts with the Sophos Central Endpoint Protection service. It requires an Advanced license and after logging the XG 450 into our cloud account, all endpoint activity data was sent to the appliance which showed status icons in its home page.

Advertisement - Article continues below

Heartbeat alert conditions can be linked to firewall policies so if any endpoints detect threats, you can isolate all systems in the same zone. The SAC feature works in tandem with Heartbeat where it detects unknown applications running on Sophos Central endpoints and applies firewall policies to control them.

Business with lots of remote sites will like the RED (remote Ethernet device) option. Sophos offers three RED appliances (including one with wireless) and once you've entered the firewall's details, just ship them to the remote sites and they'll automatically create an encrypted connection with it and extend its protection.

Sophos XG 450 review: Reporting

Value looks even better as the appliance has an embedded syslog server which collects all logs and provides an impressive range of reports. Don't forget to enable firewall traffic logging in your rules; with this enabled, we could keep a close eye on firewall, virus, web content filtering and spam activity.

Advertisement - Article continues below

From the security dashboard, we could monitor all threats or select displays for web filtering, spam activity, intrusion attacks and much more. You can click on any graph to drill down for more detailed traffic information and Sophos includes compliance reports for all key data protection regulations.

Sophos XG 450 review: Verdict

Along with its remarkably swift deployment, we were impressed with the depth of security features offered by the XG 450. Sophos has succeeded in seamlessly integrating everything together in a well-specified appliance that offers great performance at a sensible price.

Verdict

A good choice for larger businesses, the XG 450 is a high-performing security appliance that’s packed with features and has plenty of room to grow with demand

Chassis: 1U rack CPU: 3.6GHz E3-1275 v5 Xeon Memory: 16GB DDR4 Storage: 2 x 250GB Adata SFF SATA SSDs (mirrored) Network: 8 x Gigabit, 2 x 10-Gigabit SFP+ Expansion: 2 x FleXi module slots Power: Hot-plug 300W PSU (max 2) Local ports: USB 3, HDMI, RJ-45 console Management: Web browser

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020