Network Guys

Share your knowledge!

UTM-News from Sophos Partner Roadshow

Back from Sophos Partner Roadshow with a lot of new informations!

As I told, the Sophos UTM version 9.2 will be soft-released today. Keep a look at the Sophos FTP server. The version 9.2 is available until november and has the longest beta-phase in the history of this product (4 month). You are now asking “what is a soft-release?” and I will try to explain this:

  • Closed Alpha (Sophos Lab)
  • Public Beta (Download and informations at the Sophos User Bulletin Board)
  • Soft-Release (Download via official Sophos FTP server)
  • General Availability Release (official announcement, version could be changed with keeping the version number of the patch/file)
  • Staged-Release (Devices are downloading the update file automatically; global rollout)

The 9.2 will have many new features and changes:

Web Protection

  • New Weg Gateway GUI with easier policy management
  • A policy tester (simulation of your policy-settings)
  • HTTPS filtering without Man-in-the-Middle
  • Endpoints will get web policies configured at the UTM
  • better report analysing for webusing

Mail Protection

  • Outgoing SPX (Secure PDF eXchange) mail encryption
  • DLP (Data Loss prevention) for mails (block- or encryption-actions based on datatype, personal data, medicine data, etc.)

Additional Features

  • OTP (One-Time-Password) System based on OATH-TOTP standard (RFC 6238) – you don’t need an external auth-server and you don’t need extra licenses. OTP will be included in the Network Protection subscription and can be used for WebAdmin, User Portal (& HTML5), WiFi Hotspot, SSL and IPsec VPN, SSH, WAF. You can use any token that supports RFC 6238 like Feitian, Google Authenticator, VASCO, WinAuth, Yubikey, SafeNet.
  • WAF Reverse-Proxy now supports formular- and basic-authentication with backend groups (for example Active Directory)
  • WAF supports now redirect from http to https
  • Wireless Protection has now custom template option for the hotspot portal and the voucher printing
  • RED10 and RED50 have now tunnel compression
  • RED50 has VLAN tagging options for all ports (granular configuration)
  • RED50 front-buttons are now working ;-) and you can read status informations
  • Notification if an Endpoint is infected (FINALLY!)
  • Additional Dynamic DNS providers
  • Wildcard search in reports
  • Cisco IPSec VPN supports backend groups (like Active Directory)
  • FTP Proxy: Virus scanning for uploads
  • WebAdmin supports wildcard and intermediate certs

The IPS system has been optimized, Sophos tells, that it is 100% faster. There are also coming new hardware appliances based on the newest Intel architecture with SSDs and modular port-options:



A hardware upgrade was also always double the price. Sophos will release more units in between and renames the “Sophos UTM” to “Sophos Security Gateway” -.- the 1U and 2U will be released sommer this year. At the end of the year 2015, they will refresh all models. Here is also a look at the roadmap (including version 10.0 and the new SUM):




Sophos UTM 9.2 soft-release is available via http or ftp.

One Response

Leave a Reply

Click on the button to load the content from

Load content

This site uses Akismet to reduce spam. Learn how your comment data is processed.


ekahau Certified Survey Engineer
Post Categories
Post Archives