Products
SHARE
Facebook X Pinterest WhatsApp

Sophos XG: Web Application Firewall Overview and Analysis

See our complete list of Top Web Application Firewall Vendors Bottom Line Sophos XG Firewall has WAF as one of its features. Non-Sophos XG users only looking for a WAF may find this product overkill. It is best suited to SMB and mid-market organizations, as well as those protecting IaaS solutions in Microsoft Azure. If […]

Written By
thumbnail Drew Robb
Drew Robb
Jan 25, 2019
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

See our complete list of Top Web Application Firewall Vendors

Bottom Line

Sophos XG Firewall has WAF as one of its features. Non-Sophos XG users only looking for a WAF may find this product overkill. It is best suited to SMB and mid-market organizations, as well as those protecting IaaS solutions in Microsoft Azure. If you want only a WAF, look elsewhere. But if you need a broader feature set, consider Sophos.

Product Description

Sophos XG Firewall’s WAF feature protects web servers deployed in a network and related applications from any underlying vulnerability exploit. It protects applications accessed via HTTP and HTTPS at Layer 7 (application layer). The web server is also safeguarded against cookie tampering, forceful browsing, and hidden field tampering. The WAF mitigates user-induced vulnerabilities in applications that leave web applications open to attacks, such as cross-site scripting, directory traversal, and forced URL browsing.

Sophos XG Features Rated

Security: Very good. Its reverse proxy-authentication offloading provides persistent basic or form-based authentication for web-facing applications. It adds an extra layer of security to services like Outlook Web Access for Exchange by allowing users to authenticate against exploit-free reverse proxy.

“Everything worked pretty well for us. Ever since we have deployed the Sophos Firewall we did not have single instant of any malware/virus slipping into our network,” said a director of networking systems in the healthcare industry.

Performance: Very good. 65 Gbps throughput and 20 million concurrent connections, or 160,000 new connections per second.

Value: Good. Prices start low for basic appliances but rise for high-end models.

Implementation: Very good. Hardware, software, virtual and cloud options.

“Implementation was very easy and intuitive,” said a technology coordinator in the education industry.

Management: Good. Users find Web Server Protection deployment and management to be simple.

Support: Very good. User comments are positive.

“We have been very satisfied with our overall interactions and experience with Sophos. The team has been professional and responsive to inquiries. The product has performed as we’ve expected,” said an associate director of IT in the education industry.

Cloud Features: Fair. Available in Azure but more cloud capabilities are needed.

Sophos WAF

Security Qualifications

Common Criteria.

Delivery

Sophos XG Firewall is available in a variety of hardware models based on performance needs, as well as for virtualization platforms, as a software appliance for x86 hardware, and in Microsoft Azure.

Pricing

Sophos Web Server Protection can be purchased standalone or with any UTM module. Pricing starts at $249 per year for an entry-level XG 85 appliance. Pricing depends on performance and features required.

thumbnail Drew Robb

Originally from Scotland, Drew Robb has been a writer for more than 25 years. He lives in Florida and specializes in IT, engineering, and business. As well as eWeek and TechRepublic, he writes for a wide range of magazines including Gas Turbine World, SDxCentral, and HR Magazine. He is the author of Server Disk Management in a Windows Environment (Auerbach Publications).

Recommended for you...

thumbnail Proxy vs VPN: Which One Do You Really Need?
Products
Proxy vs VPN: Which One Do You Really Need?
Matt Gonzales
Sep 24, 2025
thumbnail 5 AWS Security Tools Every Team Should Know
Products
5 AWS Security Tools Every Team Should Know
Matt Gonzales
Sep 24, 2025
thumbnail The 6 Best Email Security Software & Solutions (Compared and Reviewed)
Products
The 6 Best Email Security Software & Solutions (Compared and Reviewed)
Matt Gonzales
Sep 24, 2025
thumbnail 5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Products
5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Matt Gonzales
Sep 4, 2025
eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

facebook
linkedin
x

Company

About us Contact us Advertise with us

Categories

Best Products Networks Cloud Threats Trends Endpoint Applications Compliance

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information