By: Shawn Brown, COO, Snap Tech IT
If you are working within the domain of the firewalls, we recommend the more affordable options that are still very good with security and performance; those are Sophos and Fortinet. These two are best in class for organizations with under 10,000 members. Sophos has a bit of an edge on functionality and their synchronized security with their various other security products is compelling. Fortinet is working hard to do a similar thing, but as of now, their endpoint protection is weak by comparison with Sophos. Either way, Fortinet and Sophos are competitively priced with each other and both incredible firewalls. However, for businesses with over 25,000 members. We highly recommend Cisco and Palo Alto, which are high class commercial grade firewalls.
Generally, the hardware for a firewall will start somewhere in the $700 range for a very small business and can easily get into the $10,000 range. However, most business sized 15 to 100 users can expect the hardware of the firewall to cost between $1500 and $4000.
All commercial grade firewalls also have significant additional costs in security feature licensing. So, you can expect to pay more for the security licensing over the use of the firewall than the cost of the hardware itself. When licensing security features of firewalls you typically license for 1 or 3 years and need to renew and re-purchase the security feature licensing when the term ends. The cost of that licensing is usually between 2 and 3 times the cost of the firewall hardware. So, a small firewall that cost $700 can expect about $1500 in cost for 3 years of security features licensing.
Applies to the following Sophos products and versions Not Product Specific What to do. First and foremost, apply the KB Sophos XG Firewall: How to configure Site-to-Site RED Tunnels as a reference to create two RED VPNs from the remote firewall to the central firewall. Terminate the two RED tunnels on the two WAN interfaces at the head office. Sophos XG 115 Firewalls These XG 115 firewalls are rated for 26-35 users, 4 Gbps firewall throughput, and 490 Mbps VPN throughput. Trust that your network security environment is protected with any of the Sophos XG 115 licenses that include Total Protect, Total Protect Plus, Enterprise Protect, or Enterprise Protect Plus enhanced security features. Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage. Sophos XG Buyer's Guide. Great cost benefits, reliable, easy to set up, and scalable. Sophos UTM is a comprehensive product that does the job that it should. They have another product now, called the XG firewall, that covers everything that UTM does not. The best part about this is that you can run the XG firewall on the same hardware where UTM is installed.
The last cost to consider in your firewall is the labor cost. Lots of IT professionals can unbox a firewall, mount it up and get your Internet working through it. The problem is most IT professionals are not competent to configure the security features of the firewall. Be very careful to ensure that you have true experts setting it up. One way to tell if they are expert is by the amount of time they take and the questions they ask you. A single firewall is normally going to take about 10 billable hours to properly configure. Anyone who drops in and an hour later tells you it’s set up, did not configure the security setting thoroughly. Also, larger firewalls, or more complex networks could have additional setup time. So, your cost to setup a firewall correctly is likely around 10 hours of billable time from your IT Provider or a firewall expert. Again, IT generalists are typically able to get them on the Internet, but not considered experts in the security setting configuration.
I hope this blog has helped you understand the major difference between popular firewalls, helped you understand what good firewall brands are and what they cost to implement. Please reach out to us if you have further questions and we’d be happy to help.
List Price:
Add to Cart to see sale price!
List Price:
Our Price: $144.00
Overview:
Empowering your SD-WAN strategy
SD-RED offers a uniquely simple solution to extend network connectivity to your remote locations and branch offices – no matter where in the world they are. Replace expensive MPLS connections to reduce your costs and take advantage of other Sophos products, such as Intercept X, for added SD-WAN functionality in combination with XG Firewall.
Sophos has long been a pioneer in providing an easy-to-use, secure way to connect branch offices and other remote locations. XG Firewall includes a number of SD-WAN features to help you to accelerate application performance and get better visibility into network health to ensure that your remote locations enjoy the same performance as your main office.
SD-RED devices are built on the latest enterprise-class, high-speed networking platforms. They work with your XG Firewall whether you’ve deployed as hardware, software or in the public cloud. Our full range of Sophos Wireless Access Points are also compatible with Sophos SD-RED. To use a Sophos SD-RED you will need an active Network Protection subscription for XG Firewall.
Highlights:
- Easily extend your secure network to any location
- Select from two models to suit your deployment and connectivity needs
- Use strong AES 256- bit encryption
- Seamlessly connect with Sophos APX Access Points
- Benefit from Synchronized SD-WAN with XG Firewall and Sophos Intercept X
XG Firewall Enables Your SD-WAN Goals
Replace expensive MPLS connections with lower-cost SD-WAN. XG Firewall integrates the features you need to enable your SD-WAN connectivity, quality, security, and continuity goals.
- Connect for Less
XG Firewall lets you take advantage of less-expensive internet connectivity options such as DSL, cable, and 3G/4G/LTE. - Optimize Application Performance
Unlike MPLS which introduces latency by backhauling traffic from remote sites, Sophos SD-WAN connects directly to the internet for faster access to cloud applications. - Stay Protected
XG Firewall delivers industry-proven security against malware, ransomware, intrusions, and other threats across your entire network. - Business Continuity
Utilize redundant connections to the same, or different, ISPs to handle routing, failover, and session preservation in the event of an outage.
Zero-Touch Edge and Branch Connectivity
SD-RED makes extending your secure network to all your remote locations easy and affordable. It requires no technical skills at the remote site. Simply enter the SD-RED device ID into your XG Firewall and ship it. As soon as it’s plugged in and connected to the internet, our provisioning service automatically connects it to your firewall and establishes a secure, dedicated VPN tunnel. And there’s no added licensing cost for SD-REDs – it’s included in your XG Firewall Network Protection License.
An Innovative Solution to SD-WAN VPN Connectivity
- Zero-touch auto provisioning enables deployment by non-technical staff
- Secure VPN tunnel connectivity with your XG Firewall from anywhere via our lightweight robust Layer 2 SD-RED tunnel
- Selective routing options for any mix of VPN and local WAN access
- Enterprise-grade encryption
- Flexible connectivity options, including 3G/4G/LTE, copper, fiber, Wi-Fi, and PoE (SD-RED 60 only)
SD-WAN Link Management
Monitor and manage your SD-WAN connectivity easily from Sophos Central or on-box with traffic-light style indicators for your WAN link status with powerful options for link fail-over and fail-back.
Cloud and Hybrid Deployments Made Simple
XG Firewall offers a powerful and modular line of hardware appliance models as well as software, virtual, and cloud deployment options, and unique affordable SD-RED devices to enable your network goals easily.
XG Series Appliances
XG Firewall offers a full range of top-performing hardware appliances with modular connectivity options for all your LAN, WAN, and wireless needs including Wi-Fi, cellular, copper, and fiber interfaces.
Sophos Xg Firewall Price
Software, Virtual, Cloud
XG Firewall is also available as a software appliance, supports all the popular virtualization platforms, and is available on both Azure and Amazon Web Services to protect and connect your public, private, and hybrid cloud networks.
SD-RED
Our unique zero-touch SD-RED edge devices make extending your secure network to branch offices and ICS devices easy. SD-RED lightweight Layer 2 tunnels provide a robust secure VPN solution. It works reliably even in the most hostile and high-latency network situations.
Features:
Plug-and-protect deployment
Sophos SD-RED makes extending your secure network to other locations easy. It requires no technical skills at the remote site; simply enter the device ID into your Sophos firewall appliance and ship it. As soon as the device is plugged in and connected to the internet it will contact your firewall and establish a secure dedicated VPN tunnel. It’s really that simple.
Flexible configuration
Set up your SD-RED devices to tunnel all traffic from the remote location back to the firewall, controlling DHCP and other network elements of the remote network. Or, you can choose to only route inter-office network traffic via your SD-RED, while enabling direct internet access from the remote location.
Securely encrypted, centrally managed
How Much Does Sophos Firewall Cost
All data between the SD-RED and your Sophos firewall is encrypted using AES256 levels, ensuring a tamper- and hack-proof, secure connection. With central management from our latest XG and SG Series, protection is completely transparent across your distributed network and can be customized or replicated to suit your needs.
Synchronized SD-WAN
When managed through XG Firewall, Synchronized SD-WAN allows you to benefit from the power of Synchronized Security and XG Firewall’s integration with Sophos Intercept X to optimize WAN path selection for your important business applications with 100% reliability.
Flexible Wi-Fi and WAN connectivity
Optionally add a Wi-Fi-5 or 3G/4G module to provide connectivity for wireless clients or to use 3G/4G internet connections.
Deployments:
Branch Office Connectivity
Another core component of SD-WAN is the ability to connect remote and branch locations with the central headquarters for the purpose of sharing data, enabling transactions, and delivering cloud applications. Features such as affordable, flexible, and zero-touch or low-touch deployment are very desirable in order to make this as painless and cost-effective as possible, while still supporting a variety of enterprise connectivity requirements.
Sophos XG Firewall and SD-RED devices offer tunnel options to simply and affordably connect branch offices via SD-WAN.
Connect It All With Sophos XG Firewall and SD-RED
Sophos XG Firewall and SD-RED devices are used around the world across a variety of industries to connect remote offices, devices, and vehicles securely and robustly.
Specifications:
Choose your RED
Our SD-RED devices are built on the latest enterprise-class, high-speed networking platforms. They work with your Sophos SG UTM/XG Firewall appliance (hardware, software, virtual, or cloud). Our range of Sophos APX Series Access Points are also compatible with Sophos SD-RED for secure, high-speed wireless connectivity.
Licensing
To use a Sophos SD-RED you will need an active Network Protection subscription for either Sophos SG UTM or Sophos XG Firewall. To use Wi-Fi with SG UTM, you will additionally need a valid UTM Wireless Protection subscription.
| RED appliance | SD-RED 20 | SD-RED 60 |
|---|---|---|
| Capacity | ||
| Product support added | SFOS 17.5 MR 11, SFOS 18.0 MR 1, UTM 9.7 MR 3 | |
| Maximum throughput | 250 Mbps | 850 Mbps |
| Physical interfaces | ||
| LAN interface | 4 x 10/100/1000 Base-TX (1 GbE Copper) | 4 x 10/100/1000 Base-TX |
| WAN interfaces | 1 x 10/100/1000 Base-TX (shared with SFP) | 2 x 10/100/1000 Base-TX (WAN1 shared port with SFP) |
| SFP interfaces | 1x SFP Fiber (shared port with WAN) | 1x SFP Fiber (shared port with WAN1) |
| Power-over ethernet ports | None | 2 PoE Ports (total power 30W) |
| USB ports | 2 x USB 3.0 (front and rear) | 2 x USB 3.0 (front and rear) |
| COM ports | 1 x Micro-USB | 1 x Micro-USB |
| Optional Connectivity | ||
| Modular Bay | 1 (for use with optional Wi-Fi OR 4G/LTE Card) | |
| Optional Wi-Fi Module | 802.11 a/b/g/n/ac Wave 1 (Wi-Fi 5) dual-band capable 2x2 MIMO 2 antennas | |
| Optional 3G/4G LTE Module | MC7430/MC7455 Sierra Wireless Card | |
| Optional VDSL Modem | Optional SFP Modem (support in an upcoming release) | |
| Physical specifications | ||
| Dimensions (W x H x D) | 225 x 44 x 150 (w*h*d) mm 8.86 x 1.73 x 5.91 (w*h*d) inches | 225 x 44 x 150 (w*h*d) mm 8.86 x 1.73 x 5.91 (w*h*d) inches |
| Weight | 0.9 kg/1.8 kg (1.98 lbs/3.97 lbs) Unpacked/Packed | 1.0 kg/2.2 kg (2.2 lbs/4.85 lbs) Unpacked/Packed |
| Power redundancy support | Yes, optional 2nd power supply | Yes, optional 2nd power supply |
| Power consumption | Idle: 6.1Watt/20.814 BTU' Full Load: 22.6Watt/77.114 BTU | Idle: 11.88 Watt/40.536 BTU Full Load without PoE: 25.33 Watt/86.429 BTU Full Load with PoE: 62.48 Watt/213.190 BTU |
| Operating temperature (operational) | 0°C to 40°C (32°F to 104°F) | 0-40°C (operating), -20-70°C (storage) |
| Operating temperature (storage) | -20°C to 70°C (-4°F to 158°F) | 0-40°C (operating), -20-70°C (storage) |
| Humidity | 10-90% RH, non-condensing | 5-90% (operating), 5-95% (storage), non-condensing |
| Safety regulations | ||
| Certifications | CE, FCC Class B, IC, RCM, VCCI, CB, UL, CCC, KC, ANATEL | CE, FCC Class B, IC, RCM, VCCI, CB, UL, CCC, KC, ANATEL |
Documentation:
Download the Sophos SD-RED Data Sheet (PDF).
Sophos Firewall Price
Pricing Notes:
- To use a Sophos SD-RED you will need an active Network Protection subscription for either Sophos UTM or Sophos XG Firewall.
- Pricing and product availability subject to change without notice.
List Price:
Add to Cart to see sale price!
List Price:
Add to Cart to see sale price!
List Price:
Add to Cart to see sale price!
List Price:
Add to Cart to see sale price!
Sophos Firewall Review
List Price:
Add to Cart to see sale price!