Sophos XG Firewall has WAF as one of its features. Non-Sophos XG users only looking for a WAF may find this product overkill. It is best suited to SMB and mid-market organizations, as well as those protecting IaaS solutions in Microsoft Azure. If you want only a WAF, look elsewhere. But if you need a broader feature set, consider Sophos.
Sophos XG Firewall’s WAF feature protects web servers deployed in a network and related applications from any underlying vulnerability exploit. It protects applications accessed via HTTP and HTTPS at Layer 7 (application layer). The web server is also safeguarded against cookie tampering, forceful browsing, and hidden field tampering. The WAF mitigates user-induced vulnerabilities in applications that leave web applications open to attacks, such as cross-site scripting, directory traversal, and forced URL browsing.
Sophos XG Features Rated
Security: Very good. Its reverse proxy-authentication offloading provides persistent basic or form-based authentication for web-facing applications. It adds an extra layer of security to services like Outlook Web Access for Exchange by allowing users to authenticate against exploit-free reverse proxy.
“Everything worked pretty well for us. Ever since we have deployed the Sophos Firewall we did not have single instant of any malware/virus slipping into our network,” said a director of networking systems in the healthcare industry.
Performance: Very good. 65 Gbps throughput and 20 million concurrent connections, or 160,000 new connections per second.
Value: Good. Prices start low for basic appliances but rise for high-end models.
Implementation: Very good. Hardware, software, virtual and cloud options.
“Implementation was very easy and intuitive,” said a technology coordinator in the education industry.
Management: Good. Users find Web Server Protection deployment and management to be simple.
Support: Very good. User comments are positive.
“We have been very satisfied with our overall interactions and experience with Sophos. The team has been professional and responsive to inquiries. The product has performed as we’ve expected,” said an associate director of IT in the education industry.
Cloud Features: Fair. Available in Azure but more cloud capabilities are needed.
Sophos XG Firewall is available in a variety of hardware models based on performance needs, as well as for virtualization platforms, as a software appliance for x86 hardware, and in Microsoft Azure.
Sophos Web Server Protection can be purchased standalone or with any UTM module. Pricing starts at $249 per year for an entry-level XG 85 appliance. Pricing depends on performance and features required.