IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophos XG 230 Rev.2 review: Powerful and flexible

This high-performance UTM appliance boasts extensive cloud management and remote-security services

Sophos XG 230 Rev.2
$2,964 per year (Appliance with 3yr TotalProtect Plus)
  • Highly expandable
  • Simple management
  • Plenty of ports
  • No built-in Wi-Fi capabilities

This short-depth rack appliance is designed to keep up with busy networks. Along with a feast of copper and fibre network ports, Sophos’ XG 230 Rev.2 claims a mighty 32Gbits/sec raw firewall throughput – even with all of the security services enabled, it still pumps traffic through at a speedy 4.5Gbits/sec. 

There’s room to grow further too, thanks to an internal expansion bay that supports eight different Flexi modules, with options ranging from PoE provision up to 10GbE and 40GbE connections. For redundancy, the appliance can accept an optional second power supply and a pair of network bypass ports to keep the traffic flowing even if UTM functions are temporarily disabled for any reason.

The price above is based on a three-year Sophos TotalProtect Plus subscription, a comprehensive SMB package that enables all network, web, email and web server protection services, along with Sandstorm cloud sandbox and FullGuard Plus support. The appliance also links up with the Sophos Central service, which extends protection to external endpoints and adds cloud management capabilities.

Clearly there are plenty of features to get to grips with, but the XG 230’s web console gets you off to a flying start with an installation wizard that secures admin access, configures the network ports, runs a firmware upgrade and applies a base security policy. Once your basic setup is in place, the console’s Control Center dashboard is equally impressive, providing a clear overview of network activity and security issues, with graphs showing web traffic and detected network attacks, as well as details of blocked and allowed applications and web categories.

Setting up remote management is easy as you can connect the appliance to your Sophos Central cloud account directly from the web console. Once authenticated, the cloud portal provides the same console as the local one, with live report dashboards and full access to all management features.

Sophos XG 230 Rev.2 rear

It’s very pleasing to see that any external devices running the Sophos Central endpoint agent appear automatically in the console, with no need for manual enrolment. Sophos’ Synchronized Security platform uses a “heartbeat” service to keep all supported products on the same page, with the synchronised application control feature automatically finding any unknown applications on remote endpoints and pushing out firewall policies to control them.

The appliance’s numerous ports can be grouped into various zones, providing a straightforward way to apply different security policies across groups of users and devices. If a device is reported as compromised, a setting in the firewall policy can immediately isolate all systems in the same zone.

Aside from that, you can set up firewall rules for sources and destinations, service filters, blocking actions and time schedules, and apply custom policies for web filtering, intrusion detection, email and application controls.

Those web-filtering options extend to 90 categories of URL that can be individually blocked or allowed, while the application controls currently support a whopping 3,530 predefined policies – including 73 just for Facebook activities. The Sandstorm feature intercepts any unknown files and sends them to a cloud sandbox, only allowing them to run locally if they’re deemed to be safe.

Although the appliance has no built-in Wi-Fi capabilities, it can function as a central controller for Sophos wireless APs, and it also supports Sophos’ SD-RED (Remote Ethernet Device) appliances, which let you easily extend your security policies to external offices. Just register your SD-RED box with the appliance, then ship it to a remote site and it will automatically set up an encrypted connection and start protecting traffic.

Overall, the Sophos XG230 Rev.2 is a powerful and flexible security appliance that’s well suited to SMBs. It’s packed with security measures while being easy to deploy, and Sophos Central integration provides great remote management and security for external users.

Sophos XG 230 Rev.2 specifications


1U rack chassis


3.3GHz Intel Pentium G4400 CPU



Storage included



6 x copper Gigabit Ethernet, 2 x SFP Gigabit

Other ports

HDMI, 3 x USB 3, RJ-45 serial, expansion slot


Sophos Central

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download


Cyber security in the retail sector
cyber security

Cyber security in the retail sector

28 Sep 2022
Cyber security in manufacturing

Cyber security in manufacturing

28 Sep 2022
Sophos XGS 116 review: A small and mighty appliance
unified threat management (UTM)

Sophos XGS 116 review: A small and mighty appliance

14 Sep 2022
Sophos: Retail organisations pay significantly less in ransomware attacks

Sophos: Retail organisations pay significantly less in ransomware attacks

7 Sep 2022

Most Popular

The big PSTN switch off: What’s happening between now and 2025?

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023
HMRC lost nearly 50% more devices in 2022

HMRC lost nearly 50% more devices in 2022

17 Mar 2023