{"id":1849,"date":"2020-08-31T04:58:41","date_gmt":"2020-08-31T04:58:41","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=1849"},"modified":"2020-08-31T05:01:17","modified_gmt":"2020-08-31T05:01:17","slug":"making-the-most-of-xg-firewall-v18-part-6","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/en-us\/2020\/08\/products\/making-the-most-of-xg-firewall-v18-part-6\/","title":{"rendered":"Making the Most of XG Firewall v18 \u2013 Part 6"},"content":{"rendered":"<p>One of the great new features in XG Firewall v18 that we covered in <a href=\"https:\/\/partnernews.sophos.com\/en-us\/2020\/08\/products\/making-the-most-of-xg-firewall-v18-part-3\/\">Part 3 of this series<\/a> is the new SD-WAN Application and User\/ Group based link selection capabilities.\u00a0 In this article, we\u2019ll review how you can take advantage of those as a part of another new feature in XG Firewall v18 \u2013 Route Based IPsec VPN.<\/p>\n<p><strong>Route Based IPsec (RBVPN) in XG Firewall v18<\/strong> enables truly dynamic IPsec site-to-site VPN tunnels. With RBVPN, network topology changes do not impact VPN policy and you no longer need to modify VPN policies if networks are added or removed from your environment, greatly simplifying VPN policy creation and management, especially in larger and more dynamic environments.<\/p>\n<p>RBVPN provides full control over routing with support for static, dynamic (OSPF, BGP, RIP) and SD-WAN policy-based routes with RBVPN policies. RBVPN implementation in XG Firewall v18 also provides flexibility to setup more complex network address translation using the new NAT rule configuration such as VPN NAT overlap scenarios.<\/p>\n<p>XG Firewall v18 also supports RBVPN tunnel interfaces for SD-WAN policy-based routes to support IPsec and MPLS co-existence with SD-WAN. This makes it possible to enable IPsec and MPLS (even on a non-WAN zone) to both be active at the same time with options for load balancing on VPN tunnels as well.<\/p>\n<p>RBVPN is a well-accepted industry standard and interoperates nicely with other vendor\u2019s route-based VPN tunnels making it easier to tunnel to Azure\/ AWS and other cloud providers.\u00a0 Ultimately, Route based VPN is the preferred choice for today\u2019s dynamic networks.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Making the Most of Route-Based IPsec VPN Tunnels in XG Firewall<br \/>\n<\/strong>This video provides a great detailed look at how to setup route-based VPN in XG Firewall v18:<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/player.vimeo.com\/video\/391630434?portrait=0\" width=\"640\" height=\"360\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p><a href=\"https:\/\/vimeo.com\/391630434\" target=\"_blank\" rel=\"noopener noreferrer\">Route Based VPN in XG Firewall v18<\/a> from <a href=\"https:\/\/vimeo.com\/sophos\" target=\"_blank\" rel=\"noopener noreferrer\">Sophos<\/a> on Vimeo.<\/p>\n<p>Then, you can take full advantage of the new Synchronized SD-WAN policy-based routing for your VPN traffic, with options for user, group, application, and even Synchronized Application Control discovered app based-routing for your route-based VPN.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1850\" src=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png\" alt=\"\" width=\"640\" height=\"515\" srcset=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png 2172w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png?resize=300,241 300w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png?resize=768,618 768w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png?resize=1024,824 1024w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png?resize=1536,1236 1536w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image1.png?resize=2048,1648 2048w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>Synchronized SD-WAN leverages the added clarity and reliability of application identification that comes with the sharing of Synchronized Application Control information between Sophos-managed endpoints and XG Firewall.\u00a0 Synchronized Application Control can positively identify 100% of all networked applications, including evasive, encrypted, obscure, and custom applications and now these previously unidentified applications can also be added to SD-WAN and VPN routing. This provides a level of application routing control and reliability that other firewalls can\u2019t match.<\/p>\n<p>To use Synchronized Application Control discovered apps in your routing, when creating an application object for SD-WAN or VPN routing, you can select \u201cSynchronized Application Control\u201d from the technology drop-down box as show below to see all the relevant applications.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1851\" src=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png\" alt=\"\" width=\"640\" height=\"441\" srcset=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png 2090w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png?resize=300,207 300w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png?resize=768,529 768w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png?resize=1024,706 1024w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png?resize=1536,1058 1536w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/image2.png?resize=2048,1411 2048w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>Here\u2019s a summary of the resources available to help you make the most of the new features in XG Firewall v18, including the new route-based VPN capabilities:<\/p>\n<figure id=\"attachment_1827\" aria-describedby=\"caption-attachment-1827\" style=\"width: 300px\" class=\"wp-caption alignright\"><a href=\"https:\/\/partnernews.sophos.com\/en-us\/?s=%22Making+the+Most+of+XG+Firewall+v18%22\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1827 size-full\" src=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/XG-series-1.png\" alt=\"\" width=\"300\" height=\"300\" srcset=\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/XG-series-1.png 300w, https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/08\/XG-series-1.png?resize=150,150 150w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-1827\" class=\"wp-caption-text\">Read the rest of the series<\/figcaption><\/figure>\n<ul>\n<li><a href=\"https:\/\/docs.sophos.com\/nsg\/sophos-firewall\/18.0\/Help\/en-us\/webhelp\/startup\/nsg\/sfos\/concepts\/ControlCenterOverview.html\" target=\"_blank\" rel=\"noopener noreferrer\">XG Firewall getting started guide<\/a><\/li>\n<li><a href=\"https:\/\/docs.sophos.com\/nsg\/sophos-firewall\/18.0\/Help\/en-us\/webhelp\/onlinehelp\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\">Full online XG Firewall documentation<\/a><\/li>\n<li><a href=\"https:\/\/www.sophos.com\/en-us\/support\/products\/xg-firewall\/how-to-library.aspx#newVersion\" target=\"_blank\" rel=\"noopener noreferrer\">How-to videos on what\u2019s new in v18<\/a><\/li>\n<li><a href=\"https:\/\/community.sophos.com\/products\/xg-firewall\/f\/recommended-reads\" target=\"_blank\" rel=\"noopener noreferrer\">A full list of recommended community articles on v18<\/a><\/li>\n<\/ul>\n<p>If you\u2019re new to Sophos XG Firewall,\u00a0<a href=\"https:\/\/www.sophos.com\/en-us\/products\/next-gen-firewall.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">learn more<\/a>\u00a0about the great benefits and features XG Firewall can deliver to your network.<\/p>\n<p><strong>Selling XG Firewall<\/strong><br \/>\nOn the Sophos partner portal, we provide you with a wealth of\u00a0<a href=\"https:\/\/partners.sophos.com\/prm\/English\/s\/assets?collectionId=10929\" target=\"_blank\" rel=\"noopener noreferrer\">sales assets<\/a>. You may filter the list of assets by selecting a category to narrow down the results. And don\u2019t forget to check whether there is a\u00a0<a href=\"https:\/\/partners.sophos.com\/prm\/English\/s\/assets?collectionId=10956\" target=\"_blank\" rel=\"noopener noreferrer\">sales promotion<\/a>\u00a0available for your region. It\u2019s worth checking back from time to time to make sure you\u2019re not missing out on a great opportunity!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Making the Most of Route-Based IPsec VPN Tunnels in XG Firewall. Find out more in this post.<\/p>\n","protected":false},"author":19,"featured_media":3000001634,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2],"tags":[38],"coauthors":[58],"class_list":["post-1849","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-xg-firewall"],"jetpack_featured_media_url":"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/07\/featured-image-xg-firewall-v18-1600x-960-horizontal.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/1849","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/users\/19"}],"replies":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/comments?post=1849"}],"version-history":[{"count":8,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/1849\/revisions"}],"predecessor-version":[{"id":1889,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/1849\/revisions\/1889"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/media?parent=1849"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/categories?post=1849"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/tags?post=1849"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/coauthors?post=1849"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}