The product team is pleased to announce the early access program for SFOS v18.5 MR1 for all Sophos (XG) Firewall devices. v18.5 MR1 is available for all SFOS form factors – XGS Series, XG Series, Virtual and Software appliances as well as all supported cloud platforms. SFOS v18.5 MR1 includes support for new Sophos Central Orchestration capabilities as well as a number of important security fixes and enhancements.
Here’s a full list of what’s new in v18.5 MR1:
Support for new Central Orchestration Subscription (included in the new Xstream Protection license bundle):
- Central SD-WAN VPN Orchestration enables easy point-and-click site-to-site VPN orchestration from Sophos Central – automatically configuring the necessary tunnels and firewall access rules for your desired SD-WAN overlay network.
- Central Firewall Reporting Advanced with 30-days of data retention for full multi-firewall reporting in Sophos Central with access to all pre-packaged reports plus flexible custom report capabilities and the option to save, schedule, or export your reports.
- Sophos MTR/XDR connector to enable Sophos Firewall intelligence and data to be used as part of our Managed Threat Response 24/7 service, or as part of your self-managed cross-product extended detection and response solution.
Get the full details on Central Orchestration and how to take advantage of it.
- Resolved FragAttack Vulnerabilities recently discovered in the Wi-Fi specification for all internal and add-on Wi-Fi modules for Sophos (XG) Firewall desktop series appliances. All other updates will follow as outlined in this advisory.
- Enhanced Backup/Restore Support improves backup/restore operations across different models by better mapping the management ports. v18.5 MR1 can also restore backups from v18 MR5 and earlier including any older v17.5 MRs.
- XGS Series Reset Button enables a long press of the hardware reset button on XGS Series appliances (XGS 116 and higher models) to perform a factory reset to help recover from a bad configuration.
- VPN Tunnel Logging adds improved logging of VPN tunnel flap events and IPsec IKEv2 rekeying
- Sophos DDNS (myfirewall.com) will be discontinued and no longer supports new registrations. This is planned from January 31, 2022. Refer to KBA-41764 for more details.
How to get Early Access and Provide Feedback:
This release is available for early access to all Sophos (XG) Firewall devices: XGS Series, XG Series, virtual, cloud, and all supported platforms running SFOS.
You can provide early access feedback directly to the product team using the new and improved in-product feedback mechanism introduced with v18.5. Simply click the feedback link at the top right of the web console UI. Alternatively, you can provide your feedback via the community.
This release is expected to be Generally Available and rolled out automatically to all customer devices starting in early August.
Thank you for your help in making this release the best it can be.