IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophos XGS 116 review: A small and mighty appliance

This clever and compact security gateway brings outstanding security and remote management features at a tempting price

A photograph of the Sophos XGS 116
Price
£1,439 exc VAT (with 3yr Xstream Protection, list)
  • Strong performance
  • Robust policy controls
  • Flexible licensing
  • Easy deployment and management
  • No built-in modem

Don’t be deceived by its modest dimensions: the Sophos XGS 116 is a security powerhouse. Aimed at busy SMBs and branch offices, this desktop appliance boasts a raw firewall throughput of 7,700Mbits/sec, and even with full threat protection enabled it keeps up a creditable 685Mbits/sec.

That’s largely thanks to Sophos’ dual-processor architecture. The Xstream Flow Processor provides a hardware acceleration layer that’s optimised for specific network tasks, ensuring the main AMD CPU doesn’t get bogged down.

Connection options abound. The rear panel presents eight Gigabit Ethernet ports – with PoE+ on the last one – plus one fibre port. While there’s no built-in modem, an expansion bay lets you add VDSL2 or 3G/4G modules, although Sophos’ Flexi network cards only work with larger rackmount models like the XGS 3300.

The flexible licensing model allows you to choose which features you want, and there are plenty on offer. We’ve shown the price of a three-year Xstream subscription above, which enables the base firewall licence along with Xstream TLS 1.3 SSL inspection, deep packet inspection, network, web and zero-day protection modules, central orchestration and enhanced 24/7 support. The email and web server protection modules are optional extras, each costing around £142 for a three-year licence.

Deployment is easy thanks to the appliance’s web console wizard, which guides you through the steps required to get secure internet access up and running. We chose routed mode as we wanted the appliance to provide all security functions; protection starts immediately, with the wizard enabling a standard set of firewall security policies including web filtering and anti-malware.

Henceforth, the Control Center dashboard provides everything you need to know about network activity and security issues. Graphs provide a clear visual overview of web traffic and network attacks, plus blocked and allowed applications and web categories. The User and Device Insights section keeps track of activity in modules such as SSL inspection, advanced threat protection and zero-day protection, and clicking on an icon takes you directly to a more detailed report.

A screenshot of the Sophos XGS 116's control software

Remote management comes into play too, via the Sophos Central portal. After we’d registered the appliance with our account, we were able to bring up live reports in a web browser, and to access the appliance’s Control Center console remotely for full configuration. 

Businesses with home workers will love the Synchronised Security feature, which extends firewall protection to remote systems running the Sophos Intercept X endpoint agent. A heartbeat service monitors and automatically isolates any that are compromised, while the application control feature detects unknown applications running on endpoints and pushes out firewall policies to secure them.

All of this is controlled via policies that bring together firewall rules, service filters, schedules and specific settings for intrusion detection, email, applications and web filtering. That last feature is particularly impressive: the appliance comes with predefined settings to get you started, but you can choose to block or allow sites in over 90 categories. Application controls are equally extensive, with more than 3,500 predefined filters supplied, including 12 for Twitter and 73 for Facebook, so you can finely control social networking in the workplace.

A new filtering feature in the latest firmware also makes it easy to find specific rules within complex policies, and lets you reset traffic counters to zero with a click – a big improvement on the previous release, which required a reboot.

All told, the XGS 116 delivers strong gateway security measures at a great price. It has the power to cope with high demand, and the integration with Sophos’ endpoint security software will appeal to businesses that want to extend their protection to home workers.

Sophos XGS 116 specifications

Chassis

1U desktop chassis  

CPU

2.1GHz quad-core AMD RX-421ND CPU

Memory

4GB DDR4

Storage included

64GB SATA SSD

Network

8 x GbE ports (PoE+ on port 8), SFP GbE

Other ports

RJ45/micro-USB COM ports, USB 3, USB 2, expansion slot

Management

Sophos Control Center

Dimensions (WDH)

320 x 213 x 44mm

Weight

2.2kg

Warranty

1yr standard hardware warranty

Featured Resources

Three ways manual coding is killing your business productivity

...and how you can fix it

Free Download

Goodbye broadcasts, hello conversations

Drive conversations across the funnel with the WhatsApp Business Platform

Free Download

Winning with multi-cloud

How to drive a competitive advantage and overcome data integration challenges

Free Download

Talking to a business should feel like messaging a friend

Managing customer conversations at scale with the WhatsApp Business Platform

Free Download

Recommended

Cyber security in the retail sector
cyber security

Cyber security in the retail sector

28 Sep 2022
Cyber security in manufacturing
Whitepaper

Cyber security in manufacturing

28 Sep 2022
Sophos: Retail organisations pay significantly less in ransomware attacks
ransomware

Sophos: Retail organisations pay significantly less in ransomware attacks

7 Sep 2022
WatchGuard Firebox M290 review: Stiff security at a great price
unified threat management (UTM)

WatchGuard Firebox M290 review: Stiff security at a great price

23 Feb 2022

Most Popular

What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022
How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022
BT's new platform promises to slash AI development time from months to days
artificial intelligence (AI)

BT's new platform promises to slash AI development time from months to days

3 Oct 2022