Sophos releases Firewall OS v22 in Early Access - Focus on Secure by Design

Sophos has released version 22 of its firewall operating system Sophos Firewall OS as an early access release for XGS hardware firewalls as well as virtual and software firewalls with SFOS. The new release is all about Secure by Design - an architectural approach that drastically reduces attack surfaces at the operating system level.

New Xstream architecture & hardened kernel

At the heart of the new version is the completely revised Xstream architecture. Services such as IPS, Web Protection or Application Control are now operated in isolation in independent containers. This allows security and stability problems in individual modules to be better isolated at system level, updates to be distributed in a targeted manner and general operational security to be significantly increased.

At the same time, Sophos is focusing on state-of-the-art operating system security with a hardened Linux kernel (from v6.6): The new kernel protects against CPU vulnerabilities such as Spectre, Meltdown, Zenbleed or Downfall and includes protection functions such as KASLR, Stack Canaries or optimized memory segmentation.

Sophos Firewall Health Check & Compliance Functions

Another key feature of SFOS v22 is the integrated Firewall Health Check. The new analysis tool checks central configuration parameters against CIS benchmarks and common best practices and provides recommendations for hardening settings. A dashboard in the Control Center visualizes the current status of the firewall and prioritizes measures for improvement.

In conjunction with new audit trail log functions in accordance with the NIST standard, v22 is therefore particularly suitable for organizations with increased requirements for transparency, traceability and compliance.

Remote Integrity Monitoring & XDR connection

SFOS v22 also introduces a feature that was previously only used in Sophos XDR: the new Remote Integrity Monitoring. This monitors file operations, rule changes and system behaviour in real time and detects manipulation attempts or unauthorized configuration changes, for example.

Security-relevant events are transferred directly to the Sophos Data Lake and can be analyzed there in conjunction with endpoint or server data by Sophos MDR or XDR. Companies thus benefit from more holistic threat detection and faster response options.

Support for SG UTM customers & new UTM features

In view of the end-of-life of SG UTM on July 30, 2026, SFOS v22 also specifically addresses existing UTM customers. Several long-awaited features from the UTM world have been included, including

* SHA-256/SHA-512 support for OTP tokens
* MFA support for form-based WAF logins
* Audit trail logs with before and after comparison

These features make migration to the Sophos Firewall OS much easier - especially for organizations that need similar security and reporting capabilities to those previously available on the UTM platform.

Participation in the Early Access Program & Availability

The Early Access version of SFOS v22 is now available to all registered participants via the official registration page. The installation should be done on test or non-production systems. Support in the EAP phase is provided exclusively via the Sophos community, a dedicated feedback channel is available directly in the interface.

Aphos Gesellschaft f?r IT-Sicherheit mbH
Mergenthalerallee 73-75
Eschborn 65760
Germany

https://aphos.de/

Herr Lennart Wyrwa
061965820160

marketing@aphos.de

Aphos Gesellschaft f?r IT-Sicherheit mbH is a specialized IT security provider with a focus on tailor-made cybersecurity solutions for companies, authorities and public institutions. As a technically fully accredited Sophos Platinum Partner, the company offers first-class consulting, comprehensive support and a broad portfolio of IT security solutions.

With Firewalls24.de, the store for IT security solutions from Sophos, Aphos GmbH enables fast and uncomplicated procurement of Sophos firewalls, switches, access points and Sophos Central licenses.

The combination of technical expertise, personal advice and great prices makes Aphos the ideal partner for companies of all sizes that rely on the highest security standards.

This release was published on openPR.