Sophos Midsize Business Firewall

    Midsize and distributed organizations needing a versatile solution to power and protect their networks will be well-served with Sophos 1U models. 

    Click here

    Request a Free Trial

    Contact Us
    First
    Last

    Sophos - Midsize Business Firewall Models

    thumb-xgs-2100

    XGS 2100

    FIREWALL30,000 Mbps

    TLS INSPECTION1,100 Mbps

    FIREWALL IMIX16,500 Mbps

    IPS6,000 Mbps

    IPSEC VPN17,000 Mbps

    NGFW5,200 Mbps

    THREAT PROTECTION5,000 Mbps

    LATENCY (64 BYTE UDP)6 µs

    ETHERNET INTERFACES (FIXED)8 x GE coppe
    2 x SFP fiber*

    BYPASS PORT PAIRS (FIXED)1

    MAX. PORT DENSITY (INCL. MODULES)18

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)
    1 x USB 2.0 (rear)

    MAX. POE (USING FLEXI PORT MODULE)1 module: 4 ports, 60W max.

    FLEXI PORT SLOTS1

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4-port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional external

    DUAL SSD / RAIDN/A

    * Transceivers sold separately

    thumb-xgs-2100

    XGS 2300

    FIREWALL39,000 Mbps

    TLS INSPECTION1,450 Mbps

    FIREWALL IMIX20,000 Mbps

    IPS7,000 Mbps

    IPSEC VPN20,500 Mbps

    NGFW6,300 Mbps

    THREAT PROTECTION5,500 Mbps

    LATENCY (64 BYTE UDP)4 µs

    ETHERNET INTERFACES (FIXED)8 x GE copper
    2 x SFP fiber*

    BYPASS PORT PAIRS (FIXED)1

    MAX. PORT DENSITY (INCL. MODULES)18

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)
    1 x USB 2.0 (rear)

    MAX. POE (USING FLEXI PORT MODULE)1 module: 4 ports, 60W max.

    FLEXI PORT SLOTS1

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4-port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional external

    DUAL SSD / RAIDN/A

    * Transceivers sold separately

    thumb-xgs-2100

    XGS 3100

    FIREWALL47,000 Mbps

    TLS INSPECTION2,470 Mbps

    FIREWALL IMIX23,500 Mbps

    IPS10,500 Mbps

    IPSEC VPN25,000 Mbps

    NGFW9,000 Mbps

    THREAT PROTECTION7,400 Mbps

    LATENCY (64 BYTE UDP)4 µs

    ETHERNET INTERFACES (FIXED)8 x GE copper
    2 x SFP fiber*
    2 x SFP+ 10 GE fiber*

    BYPASS PORT PAIRS (FIXED)1

    MAX. PORT DENSITY (INCL. MODULES)20

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)
    1 x USB 2.0 (rear)

    MAX. POE (USING FLEXI PORT MODULE)1 module: 4 ports, 60W max.

    FLEXI PORT SLOTS1

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4-port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional external

    DUAL SSD / RAIDN/A

    * Transceivers sold separately

    thumb-xgs-2100

    XGS 3300

    FIREWALL58,000 Mbps

    TLS INSPECTION3,130 Mbps

    FIREWALL IMIX27,000 Mbps

    IPS14,000 Mbps

    IPSEC VPN31,100 Mbps

    NGFW12,500 Mbps

    THREAT PROTECTION10,000 Mbps

    LATENCY (64 BYTE UDP)4 µs

    ETHERNET INTERFACES (FIXED)8 x GE copper
    2 x SFP fiber*
    2 x SFP+ 10 GE fiber*

    BYPASS PORT PAIRS (FIXED)1

    MAX. PORT DENSITY (INCL. MODULES)20

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)
    1 x USB 2.0 (rear)

    MAX. POE (USING FLEXI PORT MODULE)1 module: 4 ports, 60W max.

    FLEXI PORT SLOTS1

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4-port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional external

    DUAL SSD / RAIDN/A

    * Transceivers sold separately

    thumb-xgs-2100

    XGS 4300

    FIREWALL75,000 Mbps

    TLS INSPECTION8,000 Mbps

    FIREWALL IMIX33,000 Mbps

    IPS29,500 Mbps

    IPSEC VPN62,500 Mbps

    NGFW23,000 Mbps

    THREAT PROTECTION25,200 Mbps

    LATENCY (64 BYTE UDP)3 µs

    ETHERNET INTERFACES (FIXED)4 x GE copper
    4 x 2.5 GE copper
    4 x SFP+ 10 GE fiber*

    BYPASS PORT PAIRS (FIXED)2

    MAX. PORT DENSITY (INCL. MODULES)28

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)

    MAX. POE (USING FLEXI PORT MODULE)2 modules: 4 ports, 60W max. per module

    FLEXI PORT SLOTS2

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4-port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional external

    DUAL SSD / RAIDN/A

    * Transceivers sold separately

    thumb-xgs-2100

    XGS 4500

    FIREWALL80,000 Mbps

    TLS INSPECTION10,600 Mbps

    FIREWALL IMIX37,000 Mbps

    IPS36,500 Mbps

    IPSEC VPN75,550 Mbps

    NGFW30,000 Mbps

    THREAT PROTECTION31,850 Mbps

    LATENCY (64 BYTE UDP)4 µs

    ETHERNET INTERFACES (FIXED)4 x GE copper
    4 x 2.5 GE copper
    4 x SFP+ 10 GE fiber*

    BYPASS PORT PAIRS (FIXED)2

    MAX. PORT DENSITY (INCL. MODULES)28

    MANAGEMENT INTERFACES1 x RJ45 MGMT
    1 x COM RJ45
    1 x COM Micro-USB

    OTHER I/O INTERFACES2 x USB 3.0 (front)

    MAX. POE (USING FLEXI PORT MODULE)2 modules: 4 ports, 60W max. per module

    FLEXI PORT SLOTS2

    OTHER OPTIONAL ADD-ON MODULESTransceivers

    FLEXI PORT MODULES (OPTIONAL)8-port GE copper
    8-port GE SFP fiber*
    4 port 10 GE SFP+ fiber*
    4-port GE copper bypass (2 pairs)
    4-port GE copper PoE + 4-port GE copper
    4-port 2.5 GE copper PoE
    2-port GE fiber (LC) bypass + 4-port GE SFP fiber

    2ND POWER SUPPLYOptional internal

    DUAL SSD / RAIDIncluded
    SW RAID-1 support

    * Transceivers sold separately

    Performance test methodology

    General

     

    Firewall

    Firewall IMIX

    IPS

    IPsec VPN

    TLS inspection

    Threat protection

    Maximum throughput measured under ideal test conditions using industry-standard Keysight-Ixia BreakingPoint test tools. Actual performance may vary depending on network conditions and activated services

    Measured using HTTP traffic and 512 KB response size.

    UDP throughput based on a combination of 66 byte, 570 byte, and 1518 byte packet sizes.

    UDP throughput based on a combination of 66 byte, 570 byte, and 1518 byte packet sizes.

    HTTP throughput measured using multiple tunnels and 512 KB HTTP response size.

    Measured with IPS enabled on HTTPS sessions and different cipher suites.

    Measured with firewall, IPS, application control, and malware prevention enabled using Enterprise Mix traffic.

    Product Highlights

    • Dual-processor architecture supports all key protection features without compromising performance
    • A wide selection of copper and fiber ports plus various management interfaces are built into every model
    • Fixed LAN bypass ports are on every model to support diverse deployment scenarios
    • Modular Flexi Port expansion bay(s) on every model allow you to adapt connectivity
    • A second power supply is optional for all models
    • Optional PoE Flexi Port modules are centrally powered and benefit from power redundancy when using the second power option
    • Rackmount kit is included
    Sophos-Midsize

    Accessories

    Flexi Port modules

    For all XGS 1U models

    Our 1U models come with one or more expansion bays to flexibly add to the diverse range of built-in interfaces on every box. Changes in your environment, workforce, or edge infrastructure may require additional fiber ports or a change in your connectivity. With Flexi Port modules, you have a cost-effective way to adapt your appliance, rather than having to purchase new hardware mid-term.

    Transceivers

    Sophos offers a range of transceivers to use in the SFP and SFP+ interfaces on your appliance or Flexi port module.

     

    A list of compatible third-party transceivers can be found in our knowledge base article.

    External redundant power supply

    For XGS 2xxx, 3xxx, 4300

    All of our 1U models offer an optional second power supply for redundancy. The external power supply can be connected to the rear of the appliance.

    When using this power supply with either the XGS 2100 or 2300, we suggest that you purchase rackmount rails (rather than using the rackmount ears supplied) for a more stable deployment in your data center.

    Internal redundant power supply

    For XGS 4500 only

    The second power supply for the XGS 4500 provides a simple way to add redundancy to our most powerful 1U unit.

    For added reliability, the XGS 4500 also offers a second integrated SSD (RAID).

    preloader image