Sophos XG: Web Application Firewall Overview and Analysis

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of Top Web Application Firewall Vendors

Bottom Line

Sophos XG Firewall has WAF as one of its features. Non-Sophos XG users only looking for a WAF may find this product overkill. It is best suited to SMB and mid-market organizations, as well as those protecting IaaS solutions in Microsoft Azure. If you want only a WAF, look elsewhere. But if you need a broader feature set, consider Sophos.

Product Description

Sophos XG Firewall’s WAF feature protects web servers deployed in a network and related applications from any underlying vulnerability exploit. It protects applications accessed via HTTP and HTTPS at Layer 7 (application layer). The web server is also safeguarded against cookie tampering, forceful browsing, and hidden field tampering. The WAF mitigates user-induced vulnerabilities in applications that leave web applications open to attacks, such as cross-site scripting, directory traversal, and forced URL browsing.

Sophos XG Features Rated

Security: Very good. Its reverse proxy-authentication offloading provides persistent basic or form-based authentication for web-facing applications. It adds an extra layer of security to services like Outlook Web Access for Exchange by allowing users to authenticate against exploit-free reverse proxy.

“Everything worked pretty well for us. Ever since we have deployed the Sophos Firewall we did not have single instant of any malware/virus slipping into our network,” said a director of networking systems in the healthcare industry.

Performance: Very good. 65 Gbps throughput and 20 million concurrent connections, or 160,000 new connections per second.

Value: Good. Prices start low for basic appliances but rise for high-end models.

Implementation: Very good. Hardware, software, virtual and cloud options.

“Implementation was very easy and intuitive,” said a technology coordinator in the education industry.

Management: Good. Users find Web Server Protection deployment and management to be simple.

Support: Very good. User comments are positive.

“We have been very satisfied with our overall interactions and experience with Sophos. The team has been professional and responsive to inquiries. The product has performed as we’ve expected,” said an associate director of IT in the education industry.

Cloud Features: Fair. Available in Azure but more cloud capabilities are needed.

Sophos WAF

Security Qualifications

Common Criteria.

Delivery

Sophos XG Firewall is available in a variety of hardware models based on performance needs, as well as for virtualization platforms, as a software appliance for x86 hardware, and in Microsoft Azure.

Pricing

Sophos Web Server Protection can be purchased standalone or with any UTM module. Pricing starts at $249 per year for an entry-level XG 85 appliance. Pricing depends on performance and features required.

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required