Sophos Firewall: v19.5 EAP1: Feedback and experiences

Glad to hear it is coming, but FQDN's are supported on a lot of other vender's products already or when other vendors released their SD-WAN, it was included. This should have been part of the original development of SD-WAN IMHO. Any idea on what release? Will it make it on V19.5 or should we expect V20 or V20.5? I would love to retire some other appliances if possible.

Glad to see you are still on here! Long time no talk. What do you think of the build so far? You were a power user of UTM so I would love your feedback. It's seems really strong so far to me. Can you imagine where XG would be if this was what was released for V15? It's finally starting to get on par with UTM. Still a ways to go for some things though.

Hey Michael. I moved away from XG. Starting from v18 I have seen a lot of improvements, but logging and reporting is still bad. Most of the time, we still need linux skills to understand what is the problem, and seldomly, you need to make attempts before you fix the issue. XG cannot be compared to UTM yet for logging, reporting and UI objects features (where an object is used for example).

My UI is still slow after days of running. I moved back to 19.1

Is there any ETA when those features will be available? Maybe v20?

I have XG125 rev2 unit on which I have Home version of software to test latest versions of relases instead of XGS HA cluster... Yesterday Im try upgrade it from 19.0.1 MR1 to 19.5 EAP and when I upload fw in GUI(Im select upload and boot option) it upload it and never reboot device to new fw. Then Im in image list select EAP option and click boot. After reboot it show login screen and when I enter creditensials I get redirection to "">IP:PORT/.../index.jsp" which show blank screen.

SSH access work normaly.

After aditional reboot it work but IPS signature do not update...

u2d.log:

DEBUG     2022-11-03 07:12:53Z [11974]: Response length : 443
DEBUG     2022-11-03 07:12:53Z [11974]: Received name : ips_ipsapp_20.0_v19_5_18.19.83.tar.gz.sig
DEBUG     2022-11-03 07:12:53Z [11974]: Received location : xg-up2date-patterns.sophosupd.com/ips_ipsapp_20.0_v19_5_18.19.83.tar.gz.sig
DEBUG     2022-11-03 07:12:53Z [11974]: Received version : 18.19.83
DEBUG     2022-11-03 07:12:53Z [11974]: Received size : 9573268
DEBUG     2022-11-03 07:12:53Z [11974]: Received md5sum : 59d48b08ff5fc04886408c9e1f645a56
DEBUG     2022-11-03 07:12:53Z [11974]: Received module : ips
DEBUG     2022-11-03 07:12:53Z [11974]: Received cv : 20.0
DEBUG     2022-11-03 07:12:53Z [11974]: Received type : full_ips_app
2022-11-03 07:13:28Z pt_dload_checker: Starting download for file ips_ipsapp_20.0_v19_5_18.19.83.tar.gz.sig
2022-11-03 07:14:28Z pt_dload_checker: Download completed for file ips_ipsapp_20.0_v19_5_18.19.83.tar.gz.sig
2022-11-03 07:14:28Z pt_dload_checker: IPSSwitch: downloaded ips package
2022-11-03 07:14:30Z pt_dload_checker: Download for file ips_ipsapp_20.0_v19_5_18.19.83.tar.gz.sig passed integrity and gpg checks
2022-11-03 07:14:31Z pt_dload_checker: Current ips patterns are at /content/ips_20.0/18.17.96
2022-11-03 07:14:31Z pt_dload_checker: IPSSwitch: Installing the ips package
2022-11-03 07:14:31Z pt_dload_checker: New updated patterns are now at /content/ips_20.0/18.19.83
2022-11-03 07:15:29Z pt_dload_checker: Callback u2d_pt_installed failed for ips, version = 18.19.83.
2022-11-03 07:15:29Z pt_dload_checker: Setting status 'fail' in DB and reverting link for ips to old version = 18.17.96.
2022-11-03 07:15:29Z pt_dload_checker: IPSSwitch: u2d_pt_installed failed
2022-11-03 07:15:29Z pt_dload_checker: ips patterns are again at /content/ips_20.0/18.17.96
DEBUG     2022-11-03 07:16:10Z [14157]: --serial = REMOVED
DEBUG     2022-11-03 07:16:10Z [14157]: --deviceid = REMOVED
DEBUG     2022-11-03 07:16:10Z [14157]: --fwversion = 19.5.0.144
DEBUG     2022-11-03 07:16:10Z [14157]: --productcode = CN
DEBUG     2022-11-03 07:16:10Z [14157]: --model = SF01V
DEBUG     2022-11-03 07:16:10Z [14157]: --vendor = SO01
DEBUG     2022-11-03 07:16:10Z [14157]: --pkg_sysupdate_version = 3
DEBUG     2022-11-03 07:16:10Z [14157]: --oem = Sophos
DEBUG     2022-11-03 07:16:10Z [14157]: --server = u2d.sophos.com
DEBUG     2022-11-03 07:16:10Z [14157]: --port = 443
DEBUG     2022-11-03 07:16:10Z [14157]: Added new server : Host - u2d.sophos.com, Port - 443
DEBUG     2022-11-03 07:16:10Z [14157]: --u2d_proto = 2.00
DEBUG     2022-11-03 07:16:10Z [14157]: Final query string is :
?&serialkey=REMOVED&deviceid=REMOVED&fwversion=19.5.0.144&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=Sophos&pkg_sysupdate_version=3&u2d_proto=2.00
DEBUG     2022-11-03 07:16:11Z [14157]: Response code : 200
DEBUG     2022-11-03 07:16:11Z [14157]: Response body :
<Up2Date/>

DEBUG     2022-11-03 07:16:11Z [14157]: Response length : 11

PMParth, can you please give us some information if It will be available on v20?

We do NOT have the ETA as yet. this is NOT in 19.5, may get committed in v20 - not finalized. Please allow me some time (= a few months) before I can comment on the release/ ETA.

When i migrated to EAP19.5 my system stable at around 75% memory consumtion. Since then it has slowly increased, today it sits around 93/94%.

Would this qualify as a "mem leak"?

[Edited: Corrected 95% to 75%]