שיחת ייעוץ חינם: 1-800-800-570

Sophos XGS 2100
Unleash the full potential of your network



Sophos XGS 2100



Sophos Products
XGS 2100 Base Appliance
Sophos XGS 2100 Security Appliance
#XG2ATCHUS
המחיר שלנו: הצעת מחיר
XGS 2100 Hardware with Standard Protection Bundles
Includes: XGS 2100 Appliance and Standard Protection subscription. Standard Protection Subscription Includes: Base License, Network Protection, Web Protection, and Enhanced Support.
Sophos XGS 2100 with Standard Protection, 1-year
#JG2A1CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Standard Protection, 3-year
#JG2A3CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Standard Protection, 5-year
#JG2A5CSUS
המחיר שלנו: הצעת מחיר

More pricing below, click here!

סקירה:


Powerful Protection and Performance

The Sophos Firewall Xstream architecture is engineered to deliver extreme levels of visibility, protection, and performance to help address some of the greatest challenges facing network administrators today.

Sophos XG Firewall
TLS 1.3 Decryption

Approximately 99% of web traffic is now encrypted, making it invisible to most firewalls. Many organizations find themselves powerless to protect their networks from an increasing amount of ransomware, threats and potentially unwanted apps which are exploiting this blind spot.

Sophos Firewall makes efficient and effective TLS inspection possible without compromising on performance. Our XGS Series appliances with integrated Xstream Flow Processors put TLS traffic on the FastPath for accelerated inspection. And our high-performance TLS inspection engine supports TLS 1.3 without downgrading, the latest cypher suites for maximum compatibility, and enhanced visibility into encrypted traffic flows right on the dashboard.

Deep Packet Inspection

We believe you should never have to decide between security and performance. Sophos Firewall includes a highspeed deep packet inspection (DPI) engine to scan your traffic for threats without a proxy slowing down the process. The firewall stack can completely offload the processing to the DPI engine, significantly reducing latency and so improving overall efficiency.

Sophos Firewall blocks the latest ransomware and breaches with high-performance streaming DPI including next-gen IPS, web protection, and app control, as well as deep learning and sandboxing powered by SophosLabs Intelix.


Application Acceleration

A significant portion of your network traffic is trusted business application traffic destined for branch offices, remote users, or cloud application servers. As such, no additional security scanning for threats or malware is needed, and it can be intelligently directed to the FastPath, reducing latency, optimizing overall performance, and freeing up capacity for traffic that does need deep packet inspection.

Sophos Firewall accelerates your SaaS, SD-WAN, and cloud traffic such as VoIP, video, and other trusted applications automatically or via your own policies – putting them on the FastPath through the Xstream Flow Processor.


SD-WAN

Managing application traffic routing over multiple WAN links, and interconnecting a distributed network are essential elements of any SD-WAN solution. Often these tasks are much more challenging than they should be.

Sophos Firewall with Xstream SD-WAN provides a powerful, integrated SD-WAN solution, with performance-based link selection and routing, load balancing, zero-impact transitions between links in the event of a disruption, central cloud-managed orchestration, and Xstream FastPath acceleration of VPN tunnel traffic. Sophos Firewall with Xstream SD-WAN is one of the best, most flexible SDWAN solutions available in any firewall today.


Sophos XGS Series Appliances

All XGS Series firewall appliances are built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xstream Flow Processor for targeted acceleration at the hardware level. This gives you all the flexibility and adaptability of an x86 based firewall plus a significant performance boost over legacy firewall designs.


Model Tech Specs Throughput
Form Factor Slots (Max Ports) w-model* Swappable Components Firewall (Mbps) IPsec VPN (Mbps) Threat Protection (Mbps) Xstream SSL/TLS (Mbps)
XGS 87(w) Desktop 5/- (5) Wi-Fi 5 n/a 3,850 3,000 280 375
XGS 107(w) Desktop 9/- (9) Wi-Fi 5 Second power supply 7,000 4,000 370 420
XGS 116(w) Desktop 9/1 (9) Wi-Fi 5 2nd power supply, 3G/4G, 5G, Wi-Fi** 7,700 4,800 720 650
XGS 126(w) Desktop 14/1 (14) Wi-Fi 5 2nd power supply, 3G/4G, 5G, Wi-Fi** 10,500 5,500 900 800
XGS 136(w) Desktop 14/1 (14) Wi-Fi 5 2nd power supply, 3G/4G, 5G, Wi-Fi** 11,500 6,350 1,000 950
XGS 2100 1U 10/1 (18) n/a Optional external power 30,000 17,000 1,250 1,100
XGS 2300 1U 10/1 (18) n/a Optional external power 39,000 20,500 1,500 1,450
XGS 3100 1U 12/1 (20) n/a Optional external power 47,000 25,000 2,000 2,470
XGS 3300 1U 12/1 (20) n/a Optional external power 58,000 31,100 3,000 3,130
XGS 4300 1U 12/2 (28) n/a Optional external power 75,000 62,500 6,500 8,000
XGS 4300 1U 12/2 (28) n/a Optional external power 75,000 62,500 6,500 8,000
XGS 4500 1U 12/2 (28) n/a Optional external power 80,000 75,550 8,650 10,600
XGS 5500 2U 16/3 (48) n/a Power, SSD, Fan 100,000 92,500 14,000 13,500
XGS 6500 2U 20/4 (68) n/a Power, SSD, Fan 120,000 109,800 17,850 16,000
XGS 7500 2U 22/4 (70) n/a Power, SSD, Fan 160,000 117,000 26,000 19,500
XGS 8500 2U 22/4 (70) n/a Power, SSD, Fan 190,000 117,000 34,000 24,000

* 802.11ac

** 2nd Wi-Fi module option for XGS 116w, 126w and 136w only

Performance Test Methodology

General: Maximum throughput measured under ideal test conditions using industry standard Keysight-Ixia BreakingPoint test tools. Actual performance may vary depending on network conditions and activated services.

  • Firewall: Measured using HTTP traffic and 512 KB response size.
  • Firewall IMIX: UDP throughput based on a combination of 66 byte, 570 byte and 1518 byte packet sizes.
  • IPS: Measured with IPS with HTTP traffic using default IPS ruleset and 512 KB object size.
  • IPsec VPN: HTTP throughput using multiple tunnels and 512 KB HTTP response size.
  • TLS inspection: Performance measured with IPS with HTTPS sessions and different cipher suites.
  • Threat Protection: Measured with Firewall, IPS, Application Control, and malware prevention enabled using HTTP 200 KB response size.
  • NGFW: Measured with IPS and Application Control enabled with HTTP traffic using default IPS ruleset and 512KB object size.

Sophos Central:

Sophos Central is the ultimate cybersecurity cloud management platform to not only manage your firewalls, but also your full portfolio of Sophos security solutions.

Central Management

Simply manage multiple firewalls

Sophos Central makes day-to-day setup, monitoring, and management of your Sophos Firewall easy. It also provides helpful features such as alerting, backup management, one-click firmware updates and rapid provisioning of new firewalls.

  • Manage all your Sophos Firewalls and other Sophos products from a single console
  • Configure changes and apply them to a group of firewalls or manage each firewall individually
  • Create a backup schedule and store up to five backups in the cloud
  • Schedule firmware updates across your entire network with just a few clicks

Central Management is available at no extra cost.


Sophos XG Firewall

Zero-Touch Deployment

Zero-touch deployment enables the initial configuration to be performed in Sophos Central and then exported for loading onto the device from a flash drive at startup, automatically connecting the device back to Sophos Central.


SD-WAN Orchestration

Sophos Central makes interconnecting SD-WAN overlay networks between multiple Sophos Firewalls quick and easy. With just a few clicks you can setup a full mesh network, hub-and-spoke topology, or something in-between, and Sophos Central will automatically configure all the necessary VPN tunnel and firewall access rules to enable your SD-WAN network.



Sophos XG Firewall

Central Reporting

Firewall Reporting in the cloud

Sophos Central includes powerful reporting tools that enable you to visualize your network, web, application activity, and security over time. You get a flexible reporting experience that combines a variety of built-in reports with powerful tools to create your own custom reports, enabling you to report what you want how you want.

  • Increase your visibility into network activity through analytics
  • Analyze data to identify security gaps, suspicious user behavior or other events requiring policy changes
  • Use the pre-defined modules or customize each report for specific use cases

Central Reporting is available at no extra cost for the storage of up to 7 days of report data. Premium options with longer data retention and additional features are available for optional purchase, either individually or as part of other subscriptions/bundles.


מאפייני המערכת:

See How it Works:

Security Heartbeat: Your firewall and your endpoints are finally talking

Sophos Firewall is the only network security solution that is able to fully identify the user and source of an infection on your network, and automatically limit access to other network resources in response. Our unique Security Heartbeat shares telemetry and health status between Sophos endpoints and your firewall and integrates endpoint health into firewall rules to control access and isolate compromised systems.

Synchronized Application Control

Using Security Heartbeat, we also have a solution to one of the biggest problems most network administrators face today – lack of visibility into network traffic.
Synchronized Application Control utilizes the Heartbeat connections with Sophos endpoints to automatically identify, classify, and control application traffic. All encrypted, custom, evasive, and generic HTTP or HTTPS applications which are currently going unidentified will be revealed.

You can’t control what you can’t see. All firewalls today depend on static application signatures to identify apps. But those don’t work for most custom, obscure, evasive, or any apps using generic HTTP or HTTPS.

Sophos Firewall utilizes Synchronized Security to automatically identify, classify, and control all unknown applications easily blocking the apps you don’t want and prioritizing the ones you do


Lateral Movement Protection

Lateral Movement Protection automatically isolates compromised systems at every point in the network to stop attacks. Healthy endpoints assist by ignoring all traffic from unhealthy endpoints, enabling complete isolation, even on the same network segment, to prevent threats and active adversaries from spreading or stealing data.

Synchronized User ID

User authentication is critically important in a nextgeneration firewall but often challenging to implement in a seamless and transparent way. Synchronized User ID eliminates the need for client or server authentication agents by sharing user identity between the endpoint and the firewall through Security Heartbeat.

Synchronized SD-WAN: Powerful, reliable application routing

Synchronized SD-WAN harnesses the power of Synchronized Security to optimize WAN path selection for your important business applications

With Synchronized Application Control, discovered applications, which would otherwise be unknown, can be used for traffic matching criteria in SD-WAN routing policies. This is yet another way that Synchronized Security can improve the efficiency of your network.


Powerful Protection

See it. Stop it. Secure it.

Our comprehensive next-generation firewall protection has been built to expose hidden risks, block both known and unknown threats, and automatically respond to incidents.

Sophos Protection

Expose Hidden
Risks

Superior visibility into unknown applications, risky activity, suspicious traffic, and advanced threats helps you regain control of your network and get deeper insights.

Sophos Management

Blocks unknown
threats

Powerful next-gen protection technologies like deep learning and intrusion prevention keep your organization secure from the latest hacks and attacks.

Sophos Value

Automatically responds to incidents

Synchronized Security automatic threat response instantly identifies and isolates compromised systems on your network to prevent breaches and lateral movement.

Xstream

All the next-gen protection, performance and value you need to power even the most demanding networks. Also available with the XGS Series model of your choice included.

Base Firewall Features

  • Networking and SD-WAN: Wireless, SD-WAN, application aware routing, traffic shaping
  • Protection and Performance: Xstream Architecture with Network Flow FastPath, TLS 1.3 inspection, Deep-Packet Inspection
  • SD-WAN and VPN: Xstream SD-WAN, IPsec/SSL site-to-site and remote access VPN (unlimited), SD-RED site-to-site
  • Reporting: Historical on-box logging and reporting, Sophos Central cloud reporting (seven-day data retention)

Network Protection

  • Xstream TLS Inspection: TLS 1.3 inspection with prepackaged exceptions
  • Xstream DPI engine: streaming deep-packet inspection
  • IPS: Next-gen Intrusion Prevention
  • ATP: Advanced Threat Protection
  • Synchronized Security Heartbeat: integration with Sophos Endpoints to identify and isolate threats
  • Clientless VPN: HTML5
  • SD-RED VPN: Manage SD-RED devices
  • Reporting: Extensive network and threat reporting

Web Protection

  • Xstream TLS Inspection: TLS 1.3 inspection with prepackaged exceptions
  • Xstream DPI engine: streaming deep-packet inspection
  • Web Control: by user, group, category, URL, keyword
  • Web Threat Protection: malware, PUA, malicious JavaScript, pharming
  • App Control: by user, group, category, risk, and more
  • Synchronized App Control: integration with Sophos endpoints to identify unknown apps
  • Synchronized SD-WAN: utilizing Synchronized App Control to route unknown apps
  • Reporting: Extensive web and app reporting

Zero-Day Protection

  • Xstream TLS Inspection: TLS 1.3 inspection with prepackaged exceptions
  • Xstream DPI engine: streaming deep-packet inspection
  • Zero-Day Threat Protection: analyze all unknown files using AI, ML, and sandboxing
  • Powered by SophosLabs Intelix: cloud-based intelligence and analysis
  • Machine Learning: using multiple deep learning models
  • Cloud Sandboxing: dynamic runtime analysis of unknown files
  • Reporting: Extensive threat intelligence analysis reporting

Sophos Central Management

  • Group Firewall Management: Synchronized policy across firewall groups
  • Backup and firmware updates: storage and scheduling
  • Zero-touch deployment: for new firewalls from the cloud

Sophos Central Orchestration

  • SD-WAN Orchestration: Point and click Site-to-Site VPN Orchestration
  • Cloud Firewall Reporting: Multi-firewall reporting with save, schedule and export reports (30-day data retention)
  • XDR and MDR Connector: Support for XDR and MDR services

Licensing and Deployment

We recommend the Xstream Protection bundle for the ultimate in security, but if you prefer to customize your protection, all subscriptions are also available for individual purchase.

Xstream Protection Bundle:
Base License Networking, wireless, Xstream Architecture, unlimited remote access VPN, site-to-site VPN, reporting
Network Protection Xstream TLS and DPI engine, IPS, ATP, Security Heartbeat, manage SD-RED, reporting
Web Protection Xstream TLS and DPI engine, Web Security and Control, Application Control, reporting
Zero-Day Protection Machine Learning and Sandboxing File Analysis, reporting
Central Orchestration SD-WAN VPN Orchestration, Central Firewall Advanced Reporting (30-days), MDR/XDR Connector
Enhanced Support 24/7 support, feature updates, advanced replacement hardware warranty for term

Custom Protection

You can choose the Standard Protection Bundle or purchase any of the protection modules separately.

Standard Protection Bundle:
Base License Networking, wireless, Xstream Architecture, Xstream SD-WAN, unlimited remote access VPN, site-to-site VPN
Network Protection Xstream TLS and DPI engine, IPS, ATP, Security Heartbeat, manage SD-RED, reporting
Web Protection Xstream TLS and DPI engine, Web Security and Control, Application Control, reporting
Enhanced Support 24/7 support, feature updates, advanced replacement hardware warranty for term
Additional Protection Modules:
Email Protection On-box antispam, AV, DLP, encryption
Web Server Protection Web Application Firewall

Sophos Central Management and Reporting:

Sophos Central Management and Reporting (included at no charge):
Sophos Central Management Group firewall management, backup management, firmware update scheduling
Sophos Central Firewall Reporting Prepackaged and custom report tools with seven days cloud storage for no extra charge

Additional Protection:

Additional Protection Services, Products and Modules:
Managed Detection and Response 24/7 threat hunting, detection and response delivered by an expert team
Sophos Intercept X Endpoint with XDR Sophos Central managed next-gen endpoint protection with EDR
ZTNA Sophos Central managed Zero Trust Network Access
Central Email Advanced Sophos Central managed antispam, AV, DLP, encryption
Sophos Switch Cloud-managed switches

Support

A support subscription is required to receive firmware upgrades. Enhanced support is included in all protection bundles, but you can enhance your support experience further by upgrading.

Additional Support Options:
Enhanced Plus Support Upgrade Upgrade your support with VIP support, HW warranty for add-ons, TAM option

Cloud, Virtual and Software Appliance Licensing Options

If you’re deploying Sophos Firewall in the cloud, in a virtual environment, or as software on your own hardware, the licensing guide below can help you find the right option.

Model Equivalent AWS instance Equivalent Azure VM Software/Virtual License*
XGS 87(w) t3.medium - 2C4
XGS 107(w) c5.large Standard_F2s_v2 -
XGS 116(w) - - 4C6
XGS 2100 c5.xlarge - -
XGS 2300 m5.xlarge Standard_F4s_v2 6C8
XGS 3100 c5.2xlarge Standard_F8s_v2 8C16
XGS 4300 c5.4xlarge Standard_F16s_v2 16C24
XGS 5500 c5.9xlarge Standard_F32s_v2 Unlimited

* Based upon CPU cores and RAM

Deployment Options

XGS Series

Purpose-built devices to provide the ultimate in performance.


AWS/Azure

Protect your network infrastructure in the AWS or Azure cloud.

Virtual

Install on VMware, Citrix, Microsoft Hyper-V, and KVM.


Software

Install the Sophos Firewall OS image on your own Intel hardware or server.

Cloud

Sophos Firewall offers the very best network visibility, protection, and response to secure your public, private, and hybrid cloud environments.

AWS

As an AWS Advanced Technology Partner, Sophos is a validated AWS Security Competency vendor, AWS marketplace seller, and AWS Public Sector Partner.

Sophos Firewall is now available in the AWS marketplace with autoscaling support with either a pay-as-you-go (PAYG) license model, or bring your own license (BYOL) to best fit your needs.

Azure

Sophos Firewall is certified and optimized for Azure and is available in the Microsoft Azure Marketplace. Take advantage of the free test drive or the flexible PAYG or BYOL licensing options.

Azure

Sophos Firewall is Nutanix AHV and Nutanix Flow Ready, bringing the world’s best next-gen firewall visibility, protection, and response to the industry’s leading Hyper Convergence Infrastructure (HCI) platform. Take advantage of a 30-day free trial using our KVM image and flexible licensing

Virtual and Software

Sophos Firewall supports a broad range of virtualization platforms and can also be deployed as a software appliance on your own x86 Intel hardware:

Virtual and Software

Protection Modules

You can choose from a number of modules to customize the protection offered by your firewall to your individual needs and deployment scenario.

Base Firewall

The Sophos Firewall Base License includes the Xstream Architecture, networking, wireless, SD-WAN, VPN, and reporting.

Xstream SD-WAN and Networking

Includes all networking, routing, and SD-WAN capabilities including zone-based stateful firewall, NAT, VLAN, SDWAN profiles, performance-based WAN link selection and monitoring, load balancing, zero-impact WAN link transitions, and Xstream FastPath acceleration of trusted application traffic, IPSec VPN traffic, and TLS encrypted traffic flows.

VPN

Provides standards-based site-to-site and remote access VPN (free up to the capacity of the firewall) with support for IPsec and SSL. Sophos Connect remote access VPN client for Windows and Macs offers seamless and easy deployment and configuration options. SD-RED layer 2 siteto-site tunnels offers a light-weight robust VPN alternative.

Reporting

Extensive on-box reporting provides valuable insights into threats, users, applications, web activity, and much more. Note that specific reporting functionality may be dependent on other protection modules to get the full benefits (for example, Web Protection or web and app reports).

Xstream Architecture

Enables high performance TLS 1.3 inspection, deep-packet inspection, and network flow FastPath to accelerate trusted SaaS, SD-WAN, and cloud application traffic. Note that Network and Web Protection are required to get the full benefits of the Xstream Architecture.

Secure Wireless

Built-in wireless controller for Sophos APX wireless access points. Plug-and-play access point discovery makes setup easy. Support for multiple SSIDs, hotspots, guest networks, and the diverse encryption and security standards.

Network Protection

All the protection you need to stop sophisticated attacks and advanced threats while providing secure network access to those you trust.

Next-Gen Intrusion Prevention System

Provides advanced protection from all types of modern attacks. It goes beyond traditional server and network resources to protect users and apps on the network as well.

Advanced Threat Protection

Instant identification and immediate response to today’s most sophisticated attacks. Multi-layered protection identifies threats instantly and Security Heartbeat provides an emergency response.

Security Heartbeat

Creates a link between your Sophos Central protected endpoints and your firewall to identify threats faster, simplify investigation, and minimize impact from attacks. Easily incorporate Heartbeat status into firewall policies to automatically isolate compromised systems.

Advanced VPN technologies

Adds unique and simple VPN technologies, including our clientless HTML5 self-service portal that makes remote access incredibly simple plus management for our exclusive light-weight secure SD-RED (Remote Ethernet Device) VPN technology.

Web Protection

Unmatched visibility and control over all your user’s web and application activity.

Powerful user and group web policy

Provides enterprise-level Secure Web Gateway policy controls to easily manage sophisticated user and group web controls. Apply policies based upon uploaded web keywords indicating inappropriate use or behavior.

High-performance traffic scanning

Optimized for top performance, our Xstream SSL inspection provides ultra-low latency inspection and HTTPS scanning while maintaining performance


Application Control and QoS

Enables user-aware visibility and control over thousands of applications with granular policy and traffic-shaping (QoS) options based on application category, risk, and other characteristics. Synchronized Application Control automatically identifies all the unknown, evasive, and custom applications on your network.

Advanced Web Threat Protection

Backed by SophosLabs, our advanced engine provides the ultimate protection from today’s polymorphic and obfuscated web threats. Innovative techniques like JavaScript emulation, behavioral analysis, and origin reputation help keep your network safe.


Zero-Day Protection

AI-driven static and dynamic file analysis techniques combine to bring unprecedented threat intelligence to your firewall and so effectively identify and block ransomware and other known and unknown threats.

Powered by SophosLabs

Powered by the industry-leading SophosLabs, the Zero-Day Protection subscription includes a fully cloud-based threat intelligence and threat analysis platform. This provides deep learning-based file analysis, detailed analysis reporting, and a threat meter to show the risk summary for a file

Threat Intelligence Analysis Reporting

Rich intelligence reports provide you with much more than just a ‘good,' ‘bad,' or ‘unknown’ verdict. Full insight into the nature and capabilities of a threat are delivered through the use of data science and SophosLabs research.

Dynamic File Analysis

Execute a file in a secure cloud-based sandbox to observe its behavior and intent. Screenshots provide added insight into any key events during the analysis.

Static File Analysis

By harnessing the power of multiple machine learning models, global reputation, deep file scanning, and more, you can quickly identify threats without the need to execute the files in real time.

Central Orchestration

Sophos Central cloud-managed VPN orchestration, firewall reporting, and MDR/XDR integration.

Sophos Central SD-WAN Orchestration

Makes VPN orchestration easy. Wizard-based tunnel configuration helps create full mesh networks, hub-andspoke models, or complex tunnel setups between multiple firewalls a quick point-and-click exercise. Seamlessly integrates multiple WAN link and SD-WAN functionality and routing optimizations to improve resilience and performance and also integrates with user authentication and Synchronized Security Heartbeat to control access.

Central Firewall Reporting Advanced (30-day)

Cloud-based reporting with several pre-packaged common reports for threats, compliance, and user activity. Includes advanced options for creating custom reports and views with the option to save, schedule or export your custom reports. Includes 30 days of log data retention with the option to add additional storage for additional historical reporting needs.

MDR/XDR Connector

Sophos MDR provides optional 24/7 threat hunting, detection and response delivered by an expert team as a fully-managed service. Sophos XDR offers extended detection and response managed by your own team. Regardless of whether you manage it yourself, or Sophos manages it for you, your Sophos Firewall is ready to share the necessary threat intelligence and data to the cloud.

Email Protection

Consolidate your email protection with anti-spam, DLP, and encryption. We recommend Sophos Central Email Advanced for the best cloud-based email protection solution. If you require on-box email protection, this module offers essential anti-spam, DLP and encryption.

Integrated Message Transfer Agent

Ensures always-on business continuity for your email, allowing the firewall to automatically queue mail in the event servers become unavailable.

SPX Email Encryption

Unique to Sophos, SPX makes it easy to send encrypted email to anyone, even those without any kind of trust infrastructure, using our patent-pending password-based encryption technology.

Data Loss Prevention

Policy-based DLP can automatically trigger encryption or block/notify based on the presence of sensitive data in emails leaving the organization


Live Anti-Spam

Provides protection from the latest spam campaigns, phishing attacks, and malicious attachments.

Self-serve Quarantine

Gives employees direct control over their spam quarantine, saving you time and effort.


Web Server Protection

Harden your web servers and business applications against hacking attempts while providing secure access.

Business Application Policy Templates

Pre-defined policy templates let you protect common applications like Microsoft Exchange Outlook Anywhere or SharePoint quickly and easily.



Protection from the latest hacks and attacksn

With a variety of advanced protection technologies including URL and form hardening, deep-linking and directory traversal prevention, SQL injection and cross-site scripting protection, cookie signing and more.

Reverse proxy

With authentication options, SSL offloading, and server load balancing ensure maximum protection and performance for your servers being accessed from the internet.





מפרט טכני:

Products XGS 2100
Performance
Firewall throughput 30,000 Mbps
Firewall IMIX 16,500 Mbps
Firewall Latency (64 byte UDP) 6 µs
IPS throughput 6,000 Mbps
Threat Protection throughput 1,250 Mbps
NGFW 5,200 Mbps
Concurrent connections 6,500,000
New connections/sec 134,700
IPsec VPN throughput 17,000 Mbps
IPsec VPN concurrent tunnels 5,000
SSL VPN concurrent tunnels 2,500
Xstream SSL/TLS Inspection 1,100 Mbps
Xstream SSL/TLS Concurrent connections 18,432
Physical Specifications
Mounting 1U rackmount
(2 rackmount ears included)
Dimensions
Width x Height x Depth
438 x 44 x 405 mm
Weight 4.7 kg/10.36 lbs (unpacked)
7 kg/15.43 lbs (packed)
Power supply
Power supply Internal auto-ranging AC-DC
100-240VAC, 3-6A@50-60 Hz
External Redundant PSU Option
Power consumption 2100: 43 W/146.86 BTU/hr (idle)
2300: 45 W/153.7 BTU/hr (idle)
2100: 162 W/533.5 BTU/hr (max.)
2300: 167 W/570.74 BTU/hr (max.)
PoE addition enabled 76 W/260 BTU/hr (max.)
Operating temperature 0°C to 40°C (operating)
-20°C to +70°C (storage)
Humidity 10% to 90%, non-condensing
Product Certifications
Certifications CB, CE, UKCA, UL, FCC, ISED, VCCI, KC, RCM, NOM, Anatel, CCC, BSMI, TEC, SDPPI
Physical interfaces
Storage (local quarantine/logs) Integrated min. 120 GB SATA-III SSD
Ethernet interfaces (fixed) 8 x GbE copper
2 x SFP fiber
Bypass port pairs 1
Management ports 1 x RJ45 MGMT
1 x COM RJ45
1 x MicroB (cable incl.)
Other I/O ports 2 x USB 3.0 (front)
1 x USB 2.0 (rear)
Number of Flexi Port slots 1
Flexi Port modules (optional) 8 port GbE copper
8 port GbE SFP fiber
4 port 10GE SFP+ fiber
4 port GbE copper bypass (2 pairs)
4 port GbE copper PoE +
4 port GbE copper
4 port 2.5 GbE copper PoE
2 port GbE Fiber (LC) bypass
+ 4 port GbE SFP Fiber
Max. total port density (incl. use of modules) 18
Max. Power-over-Ethernet (using Flexi Port module) 1 module: 4 ports, 60W max.
Optional add-on connectivity SFP DSL module (VDSL2)
SFP/SFP+ Transceivers
Display Multi-function LCD module

* Transceivers (mini GBICs) sold separately

הורדת מפרט טכני:

Download the Sophos XGS Series Data Sheet (PDF).

Pricing Notes:

  • Standard Hardware Bundle: Includes Applicance and Standard Protection subscription
  • Xstream Hardware Bundle: Includes Applicance and Xstream Protection subscription
  • Base License: Stateful Firewall, Networking and SD-WAN, Wireless, VPN, Reporting (7-day)
  • Network Protection: Xstream TLS, DPI, IPS, ATP, Security Heartbeat, SD-RED Management
  • Web Protection: Xstream TLS, DPI, Web security and Control, Application Control
  • Zero-Day Protection: Static ML-based and dynamic (sandboxing) file analysis, reporting (Formerly known as Sandstrom)
  • Central Orchestration: SD-WAN VPN Orchestration, Central Firewall Reporting Advanced (30-day), MTR/XDR-ready
  • Enhanced Support: 24x7 phone/email support, Advance exchange RMA
  • Pricing and product availability subject to change without notice.
Sophos Products
XGS 2100 Base Appliance
Sophos XGS 2100 Security Appliance
#XG2ATCHUS
המחיר שלנו: הצעת מחיר
XGS 2100 Hardware with Standard Protection Bundles
Includes: XGS 2100 Appliance and Standard Protection subscription. Standard Protection Subscription Includes: Base License, Network Protection, Web Protection, and Enhanced Support.
Sophos XGS 2100 with Standard Protection, 1-year
#JG2A1CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Standard Protection, 3-year
#JG2A3CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Standard Protection, 5-year
#JG2A5CSUS
המחיר שלנו: הצעת מחיר
XGS 2100 Hardware with Xstream Protection Bundles
Includes: XGS 2100 Appliance and Xstream Protection subscription. Xstream Protection Subscription Includes: Base License, Network Protection, Web Protection, Zero-Day Protection, Central Orchestration, and Enhanced Support.
Sophos XGS 2100 with Xstream Protection, 1-year
#IG2A1CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Xstream Protection, 3-year
#IG2A3CSUS
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 with Xstream Protection, 5-year
#IG2A5CSUS
המחיר שלנו: הצעת מחיר
XGS 2100 Email Protection
Sophos XGS 2100 Email Protection - 12 MOS
#XM2A1CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Email Protection - 24 MOS
#XM2A2CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Email Protection - 36 MOS
#XM2A3CSAA
המחיר שלנו: הצעת מחיר
XGS 2100 Network Protection
Network Protection Subcription Includes: Xstream TLS, DPI, IPS, ATP, Security Heartbeat, SD-RED Management, and Reporting.
Sophos XGS 2100 Network Protection - 12 MOS
#XN2A1CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Network Protection - 24 MOS
#XN2A2CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Network Protection - 36 MOS
#XN2A3CSAA
המחיר שלנו: הצעת מחיר
XGS 2100 Standard Protection
Standard Protection Subscription Includes: Base License, Network Protection, Web Protection, and Enhanced Support.
Sophos Standard Protection for XGS 2100 - 12 MOS
#XT2A1CSES
המחיר שלנו: הצעת מחיר
Sophos Standard Protection for XGS 2100 - 24 MOS
#XT2A2CSES
המחיר שלנו: הצעת מחיר
Sophos Standard Protection for XGS 2100 - 36 MOS
#XT2A3CSES
המחיר שלנו: הצעת מחיר
XGS 2100 Web Protection
Web Protection Subcription Includes: Xstream TLS, DPI, Web security and Control, Application Control, and Reporting.
Sophos XGS 2100 Web Protection - 12 MOS
#XB2A1CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Web Protection - 24 MOS
#XB2A2CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Web Protection - 36 MOS
#XB2A3CSAA
המחיר שלנו: הצעת מחיר
XGS 2100 Webserver Protection
Sophos XGS 2100 Webserver Protection - 12 MOS
#XS2A1CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Webserver Protection - 24 MOS
#XS2A2CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Webserver Protection - 36 MOS
#XS2A3CSAA
המחיר שלנו: הצעת מחיר
XGS 2100 Xstream Protection
Xstream Protection Subscription Includes: Base License, Network Protection, Web Protection, Zero-Day Protection, Central Orchestration, and Enhanced Support.
Sophos Xstream Protection for XGS 2100 - 12 MOS
#XF2A1CSES
המחיר שלנו: הצעת מחיר
Sophos Xstream Protection for XGS 2100 - 24 MOS
#XF2A2CSES
המחיר שלנו: הצעת מחיר
Sophos Xstream Protection for XGS 2100 - 36 MOS
#XF2A3CSES
המחיר שלנו: הצעת מחיר
XGS 2100 Zero-Day Protection
Sophos XGS 2100 Zero-Day Protection - 12 MOS
#SX2A1CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Zero-Day Protection - 24 MOS
#SX2A2CSAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Zero-Day Protection - 36 MOS
#SX2A3CSAA
המחיר שלנו: הצעת מחיר
XGS 2100 Email Protection - Renewal
Sophos XGS 2100 Email Protection - 12 MOS - RENEWAL
#XM2A1CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Email Protection - 24 MOS - RENEWAL
#XM2A2CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Email Protection - 36 MOS - RENEWAL
#XM2A3CTAA
המחיר שלנו: הצעת מחיר
XGS 2100 Network Protection - Renewal
Network Protection Subcription Includes: Xstream TLS, DPI, IPS, ATP, Security Heartbeat, SD-RED Management, and Reporting.
Sophos XGS 2100 Network Protection - 12 MOS - RENEWAL
#XN2A1CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Network Protection - 24 MOS - RENEWAL
#XN2A2CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Network Protection - 36 MOS - RENEWAL
#XN2A3CTAA
המחיר שלנו: הצעת מחיר
XGS 2100 Standard Protection - Renewal
Standard Protection Subscription Includes: Base License, Network Protection, Web Protection, and Enhanced Support.
Sophos Standard Protection for XGS 2100 - 12 MOS - RENEWAL
#XT2A1CTES
המחיר שלנו: הצעת מחיר
Sophos Standard Protection for XGS 2100 - 24 MOS - RENEWAL
#XT2A2CTES
המחיר שלנו: הצעת מחיר
Sophos Standard Protection for XGS 2100 - 36 MOS - RENEWAL
#XT2A3CTES
המחיר שלנו: הצעת מחיר
XGS 2100 Web Protection - Renewal
Web Protection Subcription Includes: Xstream TLS, DPI, Web security and Control, Application Control, and Reporting.
Sophos XGS 2100 Web Protection - 12 MOS - RENEWAL
#XB2A1CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Web Protection - 24 MOS - RENEWAL
#XB2A2CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Web Protection - 36 MOS - RENEWAL
#XB2A3CTAA
המחיר שלנו: הצעת מחיר
XGS 2100 Webserver Protection - Renewal
Sophos XGS 2100 Webserver Protection - 12 MOS - RENEWAL
#XS2A1CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Webserver Protection - 24 MOS - RENEWAL
#XS2A2CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Webserver Protection - 36 MOS - RENEWAL
#XS2A3CTAA
המחיר שלנו: הצעת מחיר
XGS 2100 Xstream Protection - Renewal
Xstream Protection Subscription Includes: Base License, Network Protection, Web Protection, Zero-Day Protection, Central Orchestration, and Enhanced Support.
Sophos Xstream Protection for XGS 2100 - 12 MOS - RENEWAL
#XF2A1CTES
המחיר שלנו: הצעת מחיר
Sophos Xstream Protection for XGS 2100 - 24 MOS - RENEWAL
#XF2A2CTES
המחיר שלנו: הצעת מחיר
Sophos Xstream Protection for XGS 2100 - 36 MOS - RENEWAL
#XF2A3CTES
המחיר שלנו: הצעת מחיר
XGS 2100 Zero-Day Protection - Renewal
Sophos XGS 2100 Zero-Day Protection - 12 MOS - RENEWAL
#SX2A1CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Zero-Day Protection - 24 MOS - RENEWAL
#SX2A2CTAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Zero-Day Protection - 36 MOS - RENEWAL
#SX2A3CTAA
המחיר שלנו: הצעת מחיר
XGS 2100 Enhanced Support
Enhanced Support Subcription Includes: 24x7 support, feature updates, advanced replacement hardware warranty for term.
Sophos XGS 2100 Enhanced Support - 12 MOS
#EN2A1CEAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced Support - 24 MOS
#EN2A2CEAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced Support - 36 MOS
#EN2A3CEAA
המחיר שלנו: הצעת מחיר
XGS 2100 Enhanced to Enhanced Plus Support Upgrade
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 12 MOS
#EP2A1CEUP
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 24 MOS
#EP2A2CEUP
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 36 MOS
#EP2A3CEUP
המחיר שלנו: הצעת מחיר
XGS 2100 Enhanced Support - Renewal
Enhanced Support Subcription Includes: 24x7 support, feature updates, advanced replacement hardware warranty for term.
Sophos XGS 2100 Enhanced Support - 12 MOS - RENEWAL
#EN2A1CFAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced Support - 24 MOS - RENEWAL
#EN2A2CFAA
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced Support - 36 MOS - RENEWAL
#EN2A3CFAA
המחיר שלנו: הצעת מחיר
XGS 2100 Enhanced to Enhanced Plus Support Upgrade - Renewal
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 12 MOS - RENEWAL
#EP2A1CFUP
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 24 MOS - RENEWAL
#EP2A2CFUP
המחיר שלנו: הצעת מחיר
Sophos XGS 2100 Enhanced to Enhanced Plus Support Upgrade - 36 MOS - RENEWAL
#EP2A3CFUP
המחיר שלנו: הצעת מחיר
Sophos Accessories
Sophos 4 port GbE copper PoE + 4 port GbE copper Flexi Port module (for XGS 2xxx/3xxx/4xxx models only)
#XSAZTCHC8
המחיר שלנו: הצעת מחיר
Sophos 4 port 2.5GbE copper PoE Flexi Port module (for XGS 2xxx/3xxx/4xxx models only)
#XSBZTCHC4
המחיר שלנו: הצעת מחיר
Sophos 4 port GbE copper - 2 Bypass groups Flexi Port module (for all XGS Rackmount models)
#XSAZTCHC6
המחיר שלנו: הצעת מחיר
Sophos 4 port 10GbE SFP+ Flexi Port module (for all XGS Rackmount models)
#XSAZTCHF4
המחיר שלנו: הצעת מחיר
Sophos 8 port GbE copper Flexi Port module (for all XGS Rackmount models)
#XSBZTCHC8
המחיר שלנו: הצעת מחיר
Sophos 8 port GbE SFP Flexi Port module (for all XGS Rackmount models)
#XSBZTCHF8
המחיר שלנו: הצעת מחיר