Sophos Firewall v20 late last year, with several exciting new features.

Many organizations have already upgraded, but for those that haven’t, now is the time! They will see the v20.0 update waiting for them in Sophos Central, or in the web admin console of the firewall as soon as they login.

If you are still continuing with v19.5, we’ve released a maintenance update for v19.5 with MR4. v19.5 MR4 brings important security, performance, and reliability fixes.

What’s New in SFOS v19.5 MR4

Updated SSD firmware for select models:

• Among the fixes, this release includes manual update of SSD firmware for a subset of the XGS 116(w), XGS 126(w), XGS 136(w), XGS 2100, XGS 2300, XGS 3100, XGS 3300, XGS 4300 and XGS 4500 to optimize performance and reliability. For more details, see KB-000045830.

VPN Enhancements:

• Delivering stronger encryption for Phase-1 IKEv2 Tunnels for IPsec with GCM and suite-B ciphers support. Phase-2 IKEv2 tunnels already supported these ciphers.
• Sophos Firewall is now compatible with OpenVPN 3.0 clients. Users can download the compatible configuration file from the user portal.

Logging and Reporting Enhancements:

• Customers can customize the delimiter in syslog event messages, offering flexibility in managing log data.
• Storage threshold for on-box reporting has been changed from 90% full to 80% full to avoid /VAR partition getting full.

Enhancement to ZTNA Gateway integration into Sophos Firewall:

• ZTNA gateway in the firewall supports scaled deployments with up to 5000 concurrent connections. It now supports 2.5 times more connections than earlier.

Web Protection Enhancement:

• In the web proxy we have refined the Pharming Protection feature to address a potential vulnerability arising from modifications to the destination IP address during proxy DNS resolution. With the updated behavior the firewall policy will now undergo re-evaluation using the DNS resolved IP address from Pharming Protection.