Sophos XGS 128 (Gen2)

Sophos XGS 128 (Gen2) Network Security Appliance Instruction Manual

Model: XGS 128 (Gen2)

Brand: Sophos

1. Introduction

This manual provides essential information for the installation, operation, and maintenance of your Sophos XGS 128 (Gen2) Network Security Appliance. The Sophos XGS 128 is designed for larger networks, offering robust security and high performance.

Key features include:

  • Next-generation firewall appliance with Xstream Protection for zero-day defense, cloud sandboxing, email filtering, intrusion prevention, and advanced reporting.
  • 9 x 2.5 GE copper ports and 1 SFP fiber port, providing up to 19.1 Gbps firewall throughput.
  • TLS inspection and next-generation intrusion prevention to block hidden threats in encrypted traffic.
  • Managed through Sophos Central for unified policies and reporting.

2. Product Overview

The Sophos XGS 128 (Gen2) is a compact yet powerful network security appliance. Familiarize yourself with its physical components.

Sophos XGS 128 (Gen2) Network Security Appliance front view

Figure 2.1: Front view of the Sophos XGS 128 (Gen2) Network Security Appliance.

Sophos XGS 128 (Gen2) Network Security Appliance front panel with LED indicators

Figure 2.2: Detailed front panel showing LED indicators and ports.

Sophos XGS 128 (Gen2) Network Security Appliance rear view with ports

Figure 2.3: Rear panel illustrating the 9 x 2.5 GE copper ports, 1 SFP fiber port, and other connectors.

Video 2.1: An overview of the Sophos XGS Series 2nd Gen Desktop Appliances, highlighting key features and design.

3. Setup Instructions

3.1 Unpacking and Placement

  • Carefully unpack the appliance and all accessories.
  • Place the appliance on a stable, flat surface in a well-ventilated area. Ensure adequate space around the device for airflow.
  • Avoid placing the appliance near heat sources or in direct sunlight.

3.2 Connecting the Appliance

  1. Connect Power: Plug the power adapter into the DC IN 1 or DC IN 2 port on the rear of the appliance, then connect it to a power outlet.
  2. Connect Network Cables:
    • Connect your internet service provider's modem or router to the designated WAN port (e.g., Port 2/WAN) using an Ethernet cable.
    • Connect your internal network switch or a computer directly to a LAN port (e.g., Port 1/LAN) using an Ethernet cable.
    • For SFP fiber connectivity, insert the appropriate SFP module into the SFP port (F1 SFP) and connect the fiber optic cable.
  3. Initial Access: Connect a computer to a LAN port. The appliance will typically assign an IP address via DHCP. Access the web administration interface by navigating to the default IP address (refer to the quick start guide or Sophos documentation for the specific default IP).

4. Operating Instructions

The Sophos XGS 128 (Gen2) is managed primarily through its web-based administration interface or Sophos Central.

4.1 Initial Configuration

  • Follow the on-screen wizard for initial setup, including setting up network zones, basic firewall rules, and administrative passwords.
  • Register your appliance with Sophos Central for centralized management and licensing.

4.2 Core Security Features

  • Firewall: Configure rules to control network traffic based on source, destination, service, and user.
  • Intrusion Prevention System (IPS): Enable IPS to detect and block known exploits and attacks.
  • TLS Inspection: Decrypt and inspect encrypted traffic (HTTPS, SMTPS) for hidden threats.
  • Xstream Protection: Leverage advanced threat protection features like cloud sandboxing and zero-day defense.
  • SD-WAN: Optimize network performance and reliability for branch office connectivity.

For detailed configuration of specific features, refer to the comprehensive Sophos Firewall documentation available on the Sophos support portal.

Sophos Central dashboard interface on a laptop

Figure 4.1: Example of the Sophos Central dashboard, providing centralized management and visibility.

5. Maintenance

Regular maintenance ensures optimal performance and security of your Sophos XGS 128 appliance.

  • Firmware Updates: Regularly check for and apply the latest firmware updates to benefit from new features, performance improvements, and security patches.
  • Configuration Backups: Periodically back up your appliance configuration. This is crucial for quick recovery in case of unforeseen issues.
  • System Monitoring: Monitor system logs, resource utilization, and security alerts through the web interface or Sophos Central.
  • Physical Inspection: Ensure the appliance is free from dust and that ventilation openings are not obstructed.

6. Troubleshooting

This section covers common issues and basic troubleshooting steps.

6.1 LED Indicators

Refer to the front panel LEDs for quick status checks:

  • Power LED: Indicates power status.
  • Status LEDs: Provide information on system health and activity. Consult the Sophos documentation for specific LED patterns and their meanings.
  • Port LEDs: Indicate link status and activity for each network port.

6.2 Common Issues

  • No Network Connectivity:
    • Check all network cable connections.
    • Verify power status of the appliance and connected devices.
    • Ensure correct IP configuration on connected devices.
  • Slow Performance:
    • Check CPU and memory utilization via the administration interface.
    • Review firewall rules and security policies for potential bottlenecks.
    • Ensure the appliance firmware is up to date.

If issues persist, consult the Sophos support resources or contact Sophos technical support.

7. Specifications

Detailed technical specifications for the Sophos XGS 128 (Gen2) Network Security Appliance.

Sophos XGS 128 (Gen2) Technical Specifications Table

Figure 7.1: Technical specifications table for the Sophos XGS 128 (Gen2) and related models.

Sophos XGS 128 (Gen2) Key Specifications
FeatureDetail
BrandSophos
Model NameXGS 128
Connectivity TechnologyEthernet, Optical Fiber Port
Operating SystemSophos OS
Number of Ports10 (9 x 2.5 GE copper, 1 x SFP fiber)
Firewall ThroughputUp to 19.1 Gbps
IPS ThroughputUp to 4.5 Gbps
TLS Inspection ThroughputUp to 1.45 Gbps
Dimensions (H x W x D)320 x 44 x 212 mm
Weight2.4 kg (5.29 lbs) unpacked
Sophos XGS Series Appliances Product Matrix

Figure 7.2: Product matrix comparing various Sophos XGS Series models and their technical specifications.

8. Licensing and Protection

The Sophos XGS 128 (Gen2) leverages various licensing options to provide comprehensive security. This appliance includes a 3-year Xstream Protection subscription.

Sophos XGS All Licensing Options

Figure 8.1: Overview of all available licensing options for Sophos XGS appliances, including Xstream Protection and Standard Protection bundles.

8.1 Xstream Protection

Xstream Protection is an advanced security bundle designed to provide comprehensive defense against sophisticated cyberattacks. It includes:

  • Zero-day protection with cloud sandboxing.
  • Email filtering.
  • Automated threat response.
  • Advanced reporting.
Sophos Xstream Protection Features

Figure 8.2: Detailed breakdown of features included in the Xstream Protection bundle, covering network, web, and zero-day protection.

9. Warranty and Support

Your Sophos XGS 128 (Gen2) Network Security Appliance comes with a manufacturer's warranty. The specific duration and terms of the warranty are dependent on your purchase agreement and region. This particular model includes 3 years of Xstream Protection, which typically includes support services.

For technical assistance, warranty claims, or to access additional resources, please visit the official Sophos support website:

It is recommended to register your product with Sophos to ensure you receive timely updates and support notifications.

© 2024 Sophos. All rights reserved.

Ask a question about this manual

Ask about setup, troubleshooting, compatibility, parts, safety, or missing instructions. Manuals+ will review the question and use this page’s manual context to help answer it.