UTM-News from Sophos Partner Roadshow

Back from Sophos Partner Roadshow with a lot of new informations!

As I told, the Sophos UTM version 9.2 will be soft-released today. Keep a look at the Sophos FTP server. The version 9.2 is available until november and has the longest beta-phase in the history of this product (4 month). You are now asking “what is a soft-release?” and I will try to explain this:

  • Closed Alpha (Sophos Lab)
  • Public Beta (Download and informations at the Sophos User Bulletin Board)
  • Soft-Release (Download via official Sophos FTP server)
  • General Availability Release (official announcement, version could be changed with keeping the version number of the patch/file)
  • Staged-Release (Devices are downloading the update file automatically; global rollout)

The 9.2 will have many new features and changes:

Web Protection

  • New Weg Gateway GUI with easier policy management
  • A policy tester (simulation of your policy-settings)
  • HTTPS filtering without Man-in-the-Middle
  • Endpoints will get web policies configured at the UTM
  • better report analysing for webusing

Mail Protection

  • Outgoing SPX (Secure PDF eXchange) mail encryption
  • DLP (Data Loss prevention) for mails (block- or encryption-actions based on datatype, personal data, medicine data, etc.)

Additional Features

  • OTP (One-Time-Password) System based on OATH-TOTP standard (RFC 6238) – you don’t need an external auth-server and you don’t need extra licenses. OTP will be included in the Network Protection subscription and can be used for WebAdmin, User Portal (& HTML5), WiFi Hotspot, SSL and IPsec VPN, SSH, WAF. You can use any token that supports RFC 6238 like Feitian, Google Authenticator, VASCO, WinAuth, Yubikey, SafeNet.
  • WAF Reverse-Proxy now supports formular- and basic-authentication with backend groups (for example Active Directory)
  • WAF supports now redirect from http to https
  • Wireless Protection has now custom template option for the hotspot portal and the voucher printing
  • RED10 and RED50 have now tunnel compression
  • RED50 has VLAN tagging options for all ports (granular configuration)
  • RED50 front-buttons are now working 😉 and you can read status informations
  • Notification if an Endpoint is infected (FINALLY!)
  • Additional Dynamic DNS providers
  • Wildcard search in reports
  • Cisco IPSec VPN supports backend groups (like Active Directory)
  • FTP Proxy: Virus scanning for uploads
  • WebAdmin supports wildcard and intermediate certs

The IPS system has been optimized, Sophos tells, that it is 100% faster. There are also coming new hardware appliances based on the newest Intel architecture with SSDs and modular port-options:



A hardware upgrade was also always double the price. Sophos will release more units in between and renames the “Sophos UTM” to “Sophos Security Gateway” -.- the 1U and 2U will be released sommer this year. At the end of the year 2015, they will refresh all models. Here is also a look at the roadmap (including version 10.0 and the new SUM):




Sophos UTM 9.2 soft-release is available via http or ftp.

1 thought on “UTM-News from Sophos Partner Roadshow”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.