Sophos XG 135w Rev. 3 review: The full package

Exceptional wired and wireless security, teamed up with great performance and remote management

Editor's Choice
Price
£1,849 exc VAT (includes 1yr TotalProtect Plus licence)
  • Huge throughput
  • Great value
  • Well-rounded dashboard and reporting tools
  • CAA installation is a touch awkward

Sophos’ newest SMB security appliance comes straight in at the top of the range. Taking performance to new heights, the XG 135w Rev. 3 quotes a huge raw firewall throughput of 8Gbits/sec, and a decent 1.2Gbits/sec with all security services enabled. 

It’s not just fast, but versatile too. In addition to eight copper Gigabit Ethernet ports and one SFP fibre port, it presents dual-band 802.11ac wireless services, while an expansion slot allows you to add optional DSL, 3G/4G or Gigabit SFP cards – or a second Wi-Fi module. 

Another strength is the price. The figure we’ve shown above includes a one-year TotalProtect Plus subscription, which covers the network, web, email and web server protection modules, along with Sophos’ Sandstorm cloud sandbox and a FullGuard Plus support subscription. You don’t necessarily have to keep paying that, though: the cost of the base appliance includes a perpetual licence for firewall, VPN, authentication and secure wireless management services. 

The browser-based installation wizard helps you hit the ground running, stepping you through the business of securing admin access, sorting out the LAN and WAN ports, creating main and guest wireless networks, installing the latest firmware and setting a base security policy so your users are protected from the outset.

You’re then taken to the main dashboard, which presents an informative overview of network activity and security issues, with graphs and charts detailing traffic statistics and blocked applications. Reporting options are excellent: Sophos’ iView platform provides a wealth of graphical information about security services, app and web activity, threats, mail usage and more.

If you need to divide your users into different security groups, that’s no problem. The appliance’s ports can be assigned to different zones, each with its own firewall rules and policies for web filtering, IPS and application controls. These are easy to set up, as the appliance comes with 91 predefined website categories and over 3,400 predefined app profiles, including 73 solely relating to Facebook activities.

For finer control, it’s also possible to apply identity-based rules to specific users and groups, including daily bandwidth restrictions and limits on daily, weekly, monthly and even yearly internet usage. Sophos provides a free Client Authentication Agent (CAA) for Windows, although you have to download the certificate from the appliance and import it on all workstations.

A third way to segment your protection is by using more than one wireless network: the appliance can broadcast up to eight SSIDs, each with its own encryption scheme, DHCP, client isolation and masking settings. Placing these SSIDs in separate network zones lets you provision guest wireless access and apply firewall rules and security policies.

One last strength of the XG 135w Rev. 3 is that it’s fully manageable via the cloud. After we’d registered the appliance with the Sophos Central web portal, it presented exactly the same interface as the local console. It’s even possible to manage endpoints outside of your local network through Sophos’ Synchronised Security service. The dashboard shows all remote devices running the endpoint agent, and if any get compromised, you can automatically quarantine the network zone they’re located in. 

The XG 135w Rev.3 impressed us mightily. It offers a good breadth of security features, yet is easy to set up, and to manage remotely – and it delivers great performance at a reasonable price.

Sophos XG 135w Rev. 3 specifications

Chassis

Desktop chassis

CPU

2.2GHz quad-core Intel Atom C3558

Memory

6GB DDR4

Storage included

64GB SATA SSD

Network

8 x Gigabit Ethernet, 1 x Gigabit SFP, 2.4/5GHz 802.11ac wireless, 3x3 MIMO, 3 x external aerials

Other ports

HDMI, 2 x USB 2, micro-USB, RJ-45 serial, expansion slot

Management

Sophos Central web console, cloud

Dimensions (WDH)

320 x 212 x 44mm (WDH)

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

WatchGuard Firebox T70 review: Compact but capable
unified threat management (UTM)

WatchGuard Firebox T70 review: Compact but capable

24 Feb 2020
Zyxel NSG200 review: A fine spread of features
unified threat management (UTM)

Zyxel NSG200 review: A fine spread of features

21 Feb 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
iPhone 12 lineup official with A14 Bionic chip and 5G support
Mobile Phones

iPhone 12 lineup official with A14 Bionic chip and 5G support

13 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020