IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophos XG 450 review

The XG 450 delivers tough and affordable enterprise security to mid-sized businesses

  • Good value; Simple deployment; Top performance; Versatile security; Heartbeat and SAC features; Integral reporting
  • Control Center stats slow to update

Sophos has been busy expanding its security appliance offerings and its latest XG Firewall family now has a solution for every business environment, ranging from the smallest of offices right up to enterprises. On review we have the new XG 450 Rev. 2 which sits at the top of Sophos' mid-sized office portfolio and looks to offer an impressive range of security measures for a comparatively modest outlay.

Features have been improved with Sophos' SAC (synchronized application control) designed to catch those apps that other solutions leave behind. All the 1U rack models now have two fail-safe bypass ports and also support Sophos' FleXi port expansion modules.

The XG 450 comes with eight Gigabit and two 10GbE SFP+ ports as standard and has two expansion bays. Sophos offers optional FleXi modules with eight copper or fibre Gigabit, quad 10GbE copper or fibre and dual 40GbE QSFP+ ports.

There's plenty of power on tap too, with the XG 450 claiming a raw firewall throughput of 50Gbits/sec. Enable the IPS features and this drops to 10Gbits/sec - still very respectable as this price point.

Sophos XG 450 review: Options and deployment

The base appliance has firewall, VPN, authentication and secure wireless management services enabled with a perpetual license, to which you can add a selection of subscription-based security features. The price we've shown is for a 3-year Enterprise Protect Plus and Enhanced Support agreement which costs 9,686 per year.

Along with the network and web protection modules, this activates the Sandstorm feature which uses cloud sandbox technology to mitigate zero-day threats such as ransomware. Go for the Enterprise Protect Full subscription and you'll get everything activated including email and web server protection.

Deployment is swift; we pointed a web browser at the appliance and followed the quick start wizard. This helped secure administrative access, set up LAN and WAN port address assignments and DHCP services, add an email address for alerting and choose the operation mode.

We plumped for routed mode, as we wanted the XG 450 to provide all security functions including firewalling. The appliance starts protection immediately, and the wizard created base security policies which activated web filtering for common unwanted categories and anti-malware scanning.

Sophos XG 450 review: Security policies

The web console dashboard offers an overview of all network activity and security issues, web traffic graphs and bar charts for blocked and allowed applications, plus detected network attacks. Our only issue is the Traffic Insight section frequently failed to update itself, requiring the page to be regularly refreshed.

After grouping the appliance's ports into zones, we applied firewall rules to source and destination zones along with associated networks and hosts. Other network objects include service filters, blocking actions and time schedules which can be applied within each rule.

It's worth setting up policies for web filtering, IPS and application controls first as these are referenced in your firewall rules. They are easy to create from the Protect section of the web console with web filtering offering over 90 categories and application controls providing over 3,000 predefined apps.

Sophos' identity-based security allows you to apply more versatile policies to users and groups which include data transfer limitations on uploads and downloads, and limits on daily, weekly, monthly and yearly usage. Clients authenticating to an external directory server will be automatically logged in while others can use the free Client Authentication Agent (CAA).

The appliance stores versions for Windows, Linux and Macs while free mobile apps are available for Android and iOS devices. We had no problems with the Windows CAA as it automatically found the appliance and once users had logged in, they appeared in the web console as live.

Sophos XG 450 review: Heartbeat and RED

The Heartbeat features extends the firewall's reach into the cloud as it interacts with the Sophos Central Endpoint Protection service. It requires an Advanced license and after logging the XG 450 into our cloud account, all endpoint activity data was sent to the appliance which showed status icons in its home page.

Heartbeat alert conditions can be linked to firewall policies so if any endpoints detect threats, you can isolate all systems in the same zone. The SAC feature works in tandem with Heartbeat where it detects unknown applications running on Sophos Central endpoints and applies firewall policies to control them.

Business with lots of remote sites will like the RED (remote Ethernet device) option. Sophos offers three RED appliances (including one with wireless) and once you've entered the firewall's details, just ship them to the remote sites and they'll automatically create an encrypted connection with it and extend its protection.

Sophos XG 450 review: Reporting

Value looks even better as the appliance has an embedded syslog server which collects all logs and provides an impressive range of reports. Don't forget to enable firewall traffic logging in your rules; with this enabled, we could keep a close eye on firewall, virus, web content filtering and spam activity.

From the security dashboard, we could monitor all threats or select displays for web filtering, spam activity, intrusion attacks and much more. You can click on any graph to drill down for more detailed traffic information and Sophos includes compliance reports for all key data protection regulations.

Sophos XG 450 review: Verdict

Along with its remarkably swift deployment, we were impressed with the depth of security features offered by the XG 450. Sophos has succeeded in seamlessly integrating everything together in a well-specified appliance that offers great performance at a sensible price.


A good choice for larger businesses, the XG 450 is a high-performing security appliance that’s packed with features and has plenty of room to grow with demand

Chassis: 1U rack
CPU: 3.6GHz E3-1275 v5 Xeon
Memory: 16GB DDR4
Storage: 2 x 250GB Adata SFF SATA SSDs (mirrored)
Network: 8 x Gigabit, 2 x 10-Gigabit SFP+
Expansion: 2 x FleXi module slots
Power: Hot-plug 300W PSU (max 2)
Local ports: USB 3, HDMI, RJ-45 console
Management: Web browser

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download


WatchGuard Firebox M290 review: Stiff security at a great price
unified threat management (UTM)

WatchGuard Firebox M290 review: Stiff security at a great price

23 Feb 2022
Sophos XGS 3300 review: Xstream firewall performance

Sophos XGS 3300 review: Xstream firewall performance

7 Jan 2022
Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

18 Nov 2021
Big zero-day flaw found in Palo Alto security appliance
internet security

Big zero-day flaw found in Palo Alto security appliance

11 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022