Sold by: Sophos
Deployed on AWS
Free Trial
Sophos Firewall for AWS delivers advanced threat protection for AWS environments and assets. Protect networks, applications, ensure security of ingress and egress traffic, and maintain high web-application availability.
4.6
Overview
Sophos Firewall integrates leading technologies into a single next-generation solution without compromising security. Highlights include deep packet inspection with IPS, ATP, URL filtering, and in-depth reporting; Bidirectional AV for WAF with authentication offloading, path-based routing, country-level blocking; and self-service SSL and HTML5 VPRN technologies to make connecting from anywhere and on any device a reality - without administrative overhead.
Preconfigured templates and centralized policy management save time managing user, application and network policies, and provide pre-packaged web filtering, IPS, traffic shaping and app control policies for Active/Active and Active/Passive deployments spanning multiple availability zones.
Sophos synchronized security allows organizations to link endpoints, cloud workloads, and firewall to relay health status and immediately to respond to threats on your network.
Part of a complete SaaS security platform. A selection of Sophos AWS solutions are included below with more at https://www.sophos.com/en-us/public-cloud .
- Deploy auto scaling firewalls in dynamic environments: https://soph.so/utm-autoscaling-payg
- Monitor resource configurations and analyze AWS security groups with Cloud Optix: https://soph.so/cloud-optix
- Neutralize active cyber-attacks with a dedicated team https://soph.so/Rapid-Response
If you have questions about Sophos solutions or need assistance with deployment and configuration, contact us at aws.marketplace@sophos.com .
The cloud formation template to deploy Sophos Firewall will optionally collect Sophos Central account credentials (email and password used to login to https://central.sophos.com ). These credentials are used only once by the firewall to connect to Sophos Central and enable management services. This step is optional, and can be performed at any time after deployment, following the instructions available here.
Highlights
- Sophos Firewall combines advanced networking controls, protections such as Intrusion Prevention Systems (IPS) and Web Application Firewall (WAF), plus user and application controls. Saving time taken to deploy and integrate multiple products.
- Web App Firewall (WAF) protects your web apps against common threats like SQL injection and Cross-Site Scripting. Next-Gen Firewall protection and reporting with stateful traffic inspection, Layer-7 application control, secure proxies, and IPS.
- Sophos Firewall includes extensive reporting. Sophos Firewall provides full insights into user and network activity, surfaced using easy-to-understand indicators so you can take preventive measures before problems occur.
Details
Sold by
Categories
Delivery method
Delivery option
Sophos Standalone Firewall for AWS
Sophos Firewall for Gateway Load Balancer
Sophos Auto Scaling Firewall for AWS
Sophos High Availablity Firewall for AWS
Latest version
Operating system
OtherLinux 22.0 GA
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.2xlarge | $1.56 |
c4.2xlarge | $1.56 |
c5.4xlarge | $2.10 |
c4.4xlarge | $2.10 |
c5.large | $0.54 |
c5.xlarge | $1.02 |
c4.8xlarge | $2.70 |
c4.large | $0.54 |
m7i.xlarge | $1.12 |
m5.large | $0.58 |
Vendor refund policy
Terminate the EC2 instance(s) at any time to stop incurring charges. You may email aws.marketplace@sophos.com for questions regarding Sophos XG Firewall charges and refund requests.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Sophos Standalone Firewall for AWS
This CloudFormation template allows you to deploy a Sophos XG Firewall Standalone. The template will bring up a single XG Firewall instance with two ENI network interfaces attached to the instance, each interface is in a distinct subnet. The first interface is dedicated to the private subnet to be protected by the XG Firewall, the second interface is dedicated to the public/external subnet. The IGW is automatically attache to the public subnet.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
You can manage your Sophos XG Firewall on AWS from the Web Interface using HTTPS (TCP port 4444), the command shell using SSH (TCP port 22), and via the API.
Sophos XG Firewall requires a valid email address for administration purposes. This email address is not used for any other purpose and remains local to the Sophos XG Firewall AMI.
Resources
Support
Vendor support
For customers who participate in the AWS Product Support Connection, Sophos provides technical support via phone and web portal. Phone: +1-844-591-2756 Web portal:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sophos
By Palo Alto Networks
By Juniper Networks
Top
10
In Network Infrastructure, Security
Top
10
In Network Infrastructure
Top
50
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Intrusion Prevention System
Deep packet inspection with IPS technology for threat detection and prevention
Web Application Firewall
WAF with bidirectional antivirus protection, authentication offloading, and path-based routing to defend against SQL injection and Cross-Site Scripting attacks
URL Filtering and Content Control
URL filtering capabilities with country-level blocking and pre-packaged web filtering policies
Centralized Policy Management
Centralized management of user, application, and network policies with preconfigured templates for Active/Active and Active/Passive deployments across multiple availability zones
Synchronized Security Integration
Synchronized security linking endpoints, cloud workloads, and firewall to relay health status and enable coordinated threat response
Application Layer Visibility and Control
Complete application layer-7 visibility and control of traffic with next-generation firewall capabilities in AWS environments
AI/ML-Powered Threat Detection
AI/ML-powered inspection engine with researcher-grade signatures for detection of zero-day threats, exploits, malware, spyware, and command and control attacks
Dynamic Policy Management
Policy definitions that dynamically apply to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones without manual intervention
Cloud Infrastructure Integration
Seamless integration with Gateway Load Balancer, AWS Auto Scaling, and Transit VPC with AWS Transit Gateway for protection across dynamic and large-scale deployments
Advanced Threat Prevention Service
Cloud-delivered Advanced Threat Prevention security service with market-leading threat coverage against known and zero-day threats while maintaining performance
Next Generation Firewall Architecture
High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
Anti-Virus and Malware Protection
Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
VPN and Secure Connectivity
IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
AWS Cloud Service Integration
Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.
Standard contract
No
No
No
Customer reviews
Mahesh C.
Strong Admin Capabilities and Feature-Rich Sophos Firewall
Reviewed on Apr 08, 2026
Review provided by G2
What do you like best about the product?
Sophos firewall offers strong administrative capability, with easy implementation and plenty of useful features. It includes options such as ISP load balancing, a DHCP server, web filtering, and application filtering, among others.
What do you dislike about the product?
The licensing costs for some services should be included and built in.
What problems is the product solving and how is that benefiting you?
We use Sophos Firewalls in HA mode for a range of services, including inter-school connectivity via IPsec, web filtering, application filtering, and daily reports. We also rely on them for notifications and other related functions.
Jitendra Kumar P.
Robust UTM with Free SSL VPN and MFA Authentication
Reviewed on Apr 06, 2026
Review provided by G2
What do you like best about the product?
It offers UTM features, along with a free SSL VPN and MFA authentication.
What do you dislike about the product?
HA failover is not working properly. It is impacting production because the failover is failing.
What problems is the product solving and how is that benefiting you?
SSL VPN with MFA, plus flawless UTM features. We use this firewall as our core firewall, and all of our internal servers sit behind it.
William E.
Cloud-Managed, But Lacking Modern Network Management Improvements
Reviewed on Mar 31, 2026
Review provided by G2
What do you like best about the product?
Sophos Firewalls has two major advantages: it’s a cloud-managed firewall, and it provides good customer-facing reports.
What do you dislike about the product?
Sophos firewalls haven’t changed much in terms of functionality in years. The configuration may come with a newer UI, but underneath it still feels like the same basic firewall.
What’s been most frustrating for me is that there still isn’t a straightforward way to manage VoIP—an extremely common part of any modern network—without having to drop into the CLI backend and disable VoIP inspection. It ends up being an all-or-nothing setting: either it’s on or it’s off.
I’ve run into a similar limitation with DHCP options. Yes, the feature exists and it has been added, but it’s still very basic and doesn’t really support more modern management approaches for other devices, like Unifi APs.
What’s been most frustrating for me is that there still isn’t a straightforward way to manage VoIP—an extremely common part of any modern network—without having to drop into the CLI backend and disable VoIP inspection. It ends up being an all-or-nothing setting: either it’s on or it’s off.
I’ve run into a similar limitation with DHCP options. Yes, the feature exists and it has been added, but it’s still very basic and doesn’t really support more modern management approaches for other devices, like Unifi APs.
What problems is the product solving and how is that benefiting you?
We initially deployed Sophos Firewall because we needed a way to manage firewalls in remote geographic locations where we couldn’t dispatch a technician. It also provided customer reports that met our clients’ requirements, which was an important part of why we chose it.
Nitin Yadav
Centralized security management has simplified remote access and protected multiple branches
Reviewed on Mar 30, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Sophos Firewall is security purposes. I use Sophos Firewall to block unwanted URLs, unwanted categories, and for data loss prevention in my day-to-day work.
In addition to blocking unwanted URLs, we also use the VPN for remote access VPN and site-to-site VPN, blocking suspicious sites, and some unwanted categories such as pornography.
What is most valuable?
Sophos Firewall stands out to me because it is mainly easy to use, and its dashboard is very straightforward. The SD-WAN feature of Sophos Firewall is very good; via SD-WAN, we can route a particular user and access a particular site with a specific ISP.
The SD-WAN feature helps my organization by providing connectivity to my remote sites, as we have multiple branches, and we connect all my branches via SD-WAN VPN.
Sophos Firewall IPS and antivirus are very good, and we use that.
Sophos Firewall has positively impacted my organization by increasing security, reducing my time, and allowing us to manage multiple firewalls via Smart Console or Sophos Central , where we can push the policy centralized from all the firewalls.
Centralized policies have made management easier for me, and the error rate is relatively small.
What needs improvement?
I believe Sophos Firewall can be improved, especially inconsistency across the deployment, and some GUI can be slow.
In addition to UI speed, we need improvements in end-to-end deployment such as clear packet flow diagrams.
For how long have I used the solution?
I have been using Sophos Firewall for 1.8 years.
What do I think about the stability of the solution?
Sophos Firewall is stable in our network.
What do I think about the scalability of the solution?
Sophos Firewall scalability is good, with a wide hardware range suitable for SMBs to large user environments, cloud, and centralized management.
How are customer service and support?
Customer support is really good; we always get resolutions on time.
Which solution did I use previously and why did I switch?
Recently, we used Checkpoint as a different solution.
What was our ROI?
I have seen a return on investment; it has saved money, reduced staffing needs, and saved time. It is easy to use, and I can manage all my sites via Sophos Central .
What's my experience with pricing, setup cost, and licensing?
The pricing of Sophos Firewall is easy to manage.
Which other solutions did I evaluate?
Before choosing Sophos Firewall, we evaluated options such as Fortinet and Palo Alto.
What other advice do I have?
My advice for others looking into using Sophos Firewall is to start simply from day one. With user concurrent sessions, we can achieve good security, which is very good in Sophos Firewall, and endpoint protection support is really good.
My additional thoughts are that Sophos Firewall policies are best suited for SMB and mid-sized networks, simple to moderately complex architectures, and high complexity multi-data center or automation-heavy environments, both delivering strong security.
Stefan N.
Sophos Firewall in Education
Reviewed on Mar 12, 2026
Review provided by G2
What do you like best about the product?
Integrates with Sophos antivirus to provide a unified management console.
What do you dislike about the product?
Logs are only really viewable using a 3rd party tool
What problems is the product solving and how is that benefiting you?
We currently run two Sophos firewalls in an active/passive high-availability configuration. This setup automatically fails over between the two units if our internet service provider experiences an outage.