Sophos has released MR-5 for SFOS v18, it has many new great features, here are the release notes (Ps. have already installed it in my HA environment, and it works flawlessly):
XG Firewall v18 Maintenance Release 5 (MR5) is packed with enhancements to performance, security, reliability and central reporting. With v18 MR5, we have published XG firewall integration for azure active directory and azure virtual WAN.
What’s new in v18 MR5:
- A huge 50% increase in concurrent IPSec VPN tunnel capacity (learn more)
- Port 443 sharing between SSL VPN and the Web Application Firewall (WAF)
- IPSec provisioning file support for remote access via Sophos Connect v2.1
- Integration with Azure Virtual WAN for a complete SD-WAN overlay network (learn more)
- Integration with Azure Active Directory (learn more)
Certificate Management and Security
- Form enhancements for creating certificate signing requests and certificates
- Enhanced security for private keys
- Upload/download support for PEM format certificates
- Enhanced workflows for certificate management
- Enhanced registration and de-registration in high-availability (HA) installations
- Missing Heartbeat enhancements to reduce notifications sent for intended/expected changes in endpoint status
Sophos Central Firewall Reporting
- New Cloud Application (CASB) report
- MSP Flex Pricing for MSP partners
Issues resolved in v18 MR5
- 50+ field reported issues have been resolved
More info available here: v18 MR5 release notes
Upgrade as soon as possible
While we always encourage you to keep your firewalls up to date with the latest firmware, over the next few months we are recommending you rapidly apply maintenance releases to ensure you have all the important security, performance, and feature enhancements applied as soon as possible.
Also ensure you have automatic pattern updates enabled so that you can be assured you have the latest protection updates.
XG Firewall v18 MR5 is an easy and fully supported upgrade from XG Firewall v17.5 MR6+ (including the latest v17.5 MR15 release). Please refer to the Upgrade information tab in the release notes for more details.
How to get it
As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through the Licensing Portal. Please refer to the documentation for more information on how to apply firmware updates.