What is a Firewall? | Cyber Security 101

Firewall’s Key Tasks

There are three essential tasks that firewalls need to perform. Firstly, firewalls are pivotal to connect the network of internal resources and remote users. Secondly, to protect the organisations network from hacks and attacks. Finally, it is to enable network administrators to manage their network.

Buyer Pains with Firewalls

The first of the main issues to be addressed in the challenges faced by network administrators are the networking pain. This contains complex remote access, expensive connectivity and poor app performance. Following that, the protection pain which revolves around the fact that there is lack of visibility into risks, failure to stop unknown threats and infected systems cause outbreaks. Last but not least are the pains involving management, based on the complexity to set-up and use, too many products to juggle from and the need for security expertise to use.

Hence, XG firewall was designed from its inception to rectify these essential challenges faced by network administrators every day. These solutions are flexible networking, where it saves money on connectivity, simplifies remote connections, and optimises app performance. As for the protection aspect, XG Firewall exposes hidden risks, AI-Powered protection and Security Heartbeat isolation. For the purpose of easy management, Sophos Central manages it all, user experience is streamlined, and built-in threat expertise.

Compelling Conversations

      The challenge is to ensure we as Sophos partners fully understand the buyers pains and the leverage of knowing Sophos products to begin a conversation that will lead on to their specific situation. Instead of being the orthodox sales person who shows up and simply offers the standard pitch just speaking of features and its benefits. Thus, it would be wise to ask the intelligent questions, listen to our customers, understand them before finally demonstrating how Sophos can aid them.

Some key features that address the pains of customers include visibility, protection, performance, and response. The hurdles with Visibilty where Sophos have invested immensely, are to help customers achieve the level of visibility that they want and need into the activity of their network. It would appear in the Control Center right away upon the firewall login domain.

It uses the traffic-light style indicators that will call for action in the highest to lowest priority. Red would require immediate attention, yellow would suggest a risk or warning, and green means it is functioning properly. For instance, the top risks are usually related to heartbeat, apps; payload, users, threats, websites and attacks.

What really sets it apart from others is the level of visibility you get into your encrypted traffic flows (right on the control center) and the option to deal with any compatibility issues as they manifest themselves. This makes the Sophos XG Firewall unique in its own right.

As for protection, Sophos has pre-packaged policies that will allow organizations to function efficiently in minutes. The administrators can pick from one of the many built-in policies for web filtering IPS, application control, traffic shaping, SSL inspection, or business application protection and then customize them or just use them as it is. Intelligence and best-practices are integrated into the product to make it easier to protect an organization within a few clicks.

In terms of performance, one of the XG Firewall v18’s main highlights is the new Xstream Architecture which is outlined here.

The new Deep Packet Inspection(DPI) Engine through its SSL Inspection solution is what makes this XG Firewall stand out. The new technology works on solving one of the top problems which is encrypted traffic. Besides its super fast speed, it provides high performance inspection with flexible policy tools, and support for the latest standards, including TLS 1.3, without downgrading for maximum security and performance.

Another key component of the DPI engine is the integration of all the security and control needed to protect the network and enforce policies. AV, IPS, Web Protection , and Application Control into a single streaming engine.

And what’s more, if the AV engine detects any file with active code, such as an executable or document with a Macro, it will send that file to SophosLabs cloud services for machine-learning based threat intelligence analysis and dynamic sandboxing behavioural analysis to stop the latest Ransomware

Synchronized Security gives us the edge on response. Sophos was the first vendor to integrate firewall and endpoint together to enable them to share information and automatically respond to incidents.  

This was a disruptive innovation in the industry as many other firewall vendors have been scrambling ever since to integrate endpoint protection into their product lines with varying degrees of success.  No one can match the simplicity, elegance, and rich features that Sophos Synchronized Security delivers.

All you need to make this work is XG firewall and Intercept X… our MTR service… and it’s all managed by Sophos Central for free, and all the protection and threat intelligence comes from SophosLabs.

Our Position in the Market

Gartner produces an annual report that provides a good overview of the vendor landscape. The Gartner Magic Quadrant places enterprise market share leaders in the upper right or “Leaders” quadrant, and mid-market or niche vendors elsewhere on the chart. Sophos is accurately represented as a very strong mid-market vendor.  We are recognized for our strong vision, aggressive roadmap, and all around great product, service and channel model.

Use the Cybersecurity Ecosystem to Win

When we win larger mid-market opportunities against our toughest competitors, it’s because our sales teams and our partners have done a tremendous job positioning the Sophos cybersecurity ecosystem and all the benefits that come with it for visibility, protection, response, and management ease.


“Customers said that they would need to double their security headcount to maintain the same level of protection if they didn’t have a Sophos next-gen cybersecurity system.”

(Sophos Business Impact Report 2020)

XG Firewall v18 got off to a tremendous start with thousands of customers upgrading on launch day to take advantage of the new Xstream Architecture and other great enhancements. We now have over 14,000 customers running v18 and it’s been our highest quality release ever.

Prepare Competitive Battlecards

Deployment Options 

XG Firewall offers a full range of top-performing hardware appliances, support for all the popular virtualization platforms, AWS and Azure public cloud and hybrid environments, and even a software appliance you can install on your own hardware.

  • Hardware – Select from our extensive range of XG Series appliances.
  • Software – Deploy a software image on your Intel-compatible hardware.
  • Virtual – Deploy using your preferred virtual environment including VMware, Citrix, Microsoft Hyper-V, and KVM.4
  • Cloud – AWS and Azure public cloud and hybrid environments.


There are 3 levels of support ‘Standard’ ‘Enhanced’ and ‘Enhanced Plus’. The higher the level of support the better the direct access to senior Sophos support staff and warranty provision for any connected Sophos devices. 

  • Standard – Included with all devices, limited to 90 days
  • Enhanced – Recommended for all customers, it’s included in all bundles
  • Enhanced Plus – Extra upgrade for VIP access and remote consulting hours

If a customer is buying individual subscriptions and wants the higher level of support, they should purchase the Enhanced Plus Support bundle. If they are buying any of the other bundles then the bundle includes Enhanced Support and they can add the higher level of support by purchasing the ‘Enhanced to Enhanced Support Upgrade’ product.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top