Sophos SG or XG – Which is right for me?

Image of Sophos XG 125 and SG 125 firewalls stacked

You may know that Sophos carries two lines of highly-rated firewall appliances, the SG and the XG series. But, what’s the difference? Well, this article isn’t intended to simply steer you to buying a new XG if you don’t need one right now. And, you might not!

The Sophos SG series (Unified Threat Management or UTM) is a very mature and stable platform. It lacks some of the new features of XG. However, that’s not to say it doesn’t have a very strong feature set of its own. If you are looking for stability and ease-of-use, then a firewall this well-known and understood is an excellent choice.

Basically, the hardware on the SG and XG series are extremely similar in terms of CPU, RAM, memory, and ports. The main difference is that SG Series appliances come pre-installed with UTM 9 firmware while XG firewalls come pre-installed with XG firewall firmware. As a newer product, the XG’s Sophos Firewall Operating System (SFOS) is updated more frequently. It is worth noting that the SG is upgradeable to XG firmware.

So, which is better?

There are some technical advantages to the XG (SFOS) over the SG (UTM) operating system.

For example, Firewall rules are much clearer and more granular. Also, the Log Viewer is a real highlight of the XG operating system. It’s extremely quick and easy to check logs right through the GUI. And, with Synchronized Security on the XG firewall you can see the applications that are running on all the endpoints.

Also, the XG series has the Security Heartbeat. This operates quietly in the background. It communicates holistically between the gateway and all your protocols, and the endpoint itself. When and if a breach happens, it gets picked up and locked down much more quickly. It is a unified, systemic approach that works more rapidly, because you don’t have different stuff happening at the endpoint and the gateway. It all works together. The net effect is that threat discovery, isolation, and remediation happen much more quickly.

Sophos SG has an extremely quick and easy-to-read dashboard. Also, through Live Logs you can watch traffic as it comes through the firewall as it happens and see if your policies are working. The Reporting feature is also extremely granular.

Sophos XG has a clean new dashboard with a nifty User Threat Quotient feature, and there are extremely helpful, thorough and streamlined compliance reporting options. And, all policies are in one place, easy to find and read.

There’s a reason Sophos still offers the SG line of appliances. They are a classic, and though they will eventually be replaced by the XG series, that time has not come yet. The SG line is a complete, mature, viable platform and has been a great choice for a lot of our customers as the XG series has matured.

However, if you are looking for a new firewall with a strong level of integration, you might consider the XG. The future of Sophos clearly lies in the Sophos Firewall OS and Synchronized Security.

But, as always we at Corporate Armor would love to answer any questions you may have, and steer you in the direction that’s right for YOU! So call us at 877-449-0458, or email us at [email protected]. Thanks for reading! And please check out our new video explaining all about Sophos XG firewall management:


Learn more!

Consider protecting your network with APC Uninterrupted Power Systems