Sold by: Sophos
Deployed on AWS
Free Trial
Sophos Firewall for AWS delivers advanced threat protection for AWS environments and assets. Protect networks, applications, ensure security of ingress and egress traffic, and maintain high web-application availability.
4.6
Overview
Sophos Firewall integrates leading technologies into a single next-generation solution without compromising security. Highlights include deep packet inspection with IPS, ATP, URL filtering, and in-depth reporting; Bidirectional AV for WAF with authentication offloading, path-based routing, country-level blocking; and self-service SSL and HTML5 VPRN technologies to make connecting from anywhere and on any device a reality - without administrative overhead.
Preconfigured templates and centralized policy management save time managing user, application and network policies, and provide pre-packaged web filtering, IPS, traffic shaping and app control policies for Active/Active and Active/Passive deployments spanning multiple availability zones.
Sophos synchronized security allows organizations to link endpoints, cloud workloads, and firewall to relay health status and immediately to respond to threats on your network.
Part of a complete SaaS security platform. A selection of Sophos AWS solutions are included below with more at https://www.sophos.com/en-us/public-cloud .
- Deploy auto scaling firewalls in dynamic environments: https://soph.so/utm-autoscaling-payg
- Monitor resource configurations and analyze AWS security groups with Cloud Optix: https://soph.so/cloud-optix
- Neutralize active cyber-attacks with a dedicated team https://soph.so/Rapid-Response
If you have questions about Sophos solutions or need assistance with deployment and configuration, contact us at aws.marketplace@sophos.com .
The cloud formation template to deploy Sophos Firewall will optionally collect Sophos Central account credentials (email and password used to login to https://central.sophos.com ). These credentials are used only once by the firewall to connect to Sophos Central and enable management services. This step is optional, and can be performed at any time after deployment, following the instructions available here.
Highlights
- Sophos Firewall combines advanced networking controls, protections such as Intrusion Prevention Systems (IPS) and Web Application Firewall (WAF), plus user and application controls. Saving time taken to deploy and integrate multiple products.
- Web App Firewall (WAF) protects your web apps against common threats like SQL injection and Cross-Site Scripting. Next-Gen Firewall protection and reporting with stateful traffic inspection, Layer-7 application control, secure proxies, and IPS.
- Sophos Firewall includes extensive reporting. Sophos Firewall provides full insights into user and network activity, surfaced using easy-to-understand indicators so you can take preventive measures before problems occur.
Details
Sold by
Categories
Delivery method
Delivery option
Sophos Standalone Firewall for AWS
Sophos Firewall for Gateway Load Balancer
Sophos Auto Scaling Firewall for AWS
Sophos High Availablity Firewall for AWS
Latest version
Operating system
OtherLinux 22.0 GA
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.2xlarge | $1.56 |
c4.2xlarge | $1.56 |
c5.4xlarge | $2.10 |
c4.4xlarge | $2.10 |
c5.large | $0.54 |
c5.xlarge | $1.02 |
c4.8xlarge | $2.70 |
c4.large | $0.54 |
m7i.xlarge | $1.12 |
m5.large | $0.58 |
Vendor refund policy
Terminate the EC2 instance(s) at any time to stop incurring charges. You may email aws.marketplace@sophos.com for questions regarding Sophos XG Firewall charges and refund requests.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Sophos Standalone Firewall for AWS
This CloudFormation template allows you to deploy a Sophos XG Firewall Standalone. The template will bring up a single XG Firewall instance with two ENI network interfaces attached to the instance, each interface is in a distinct subnet. The first interface is dedicated to the private subnet to be protected by the XG Firewall, the second interface is dedicated to the public/external subnet. The IGW is automatically attache to the public subnet.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
Additional details
Usage instructions
You can manage your Sophos XG Firewall on AWS from the Web Interface using HTTPS (TCP port 4444), the command shell using SSH (TCP port 22), and via the API.
Sophos XG Firewall requires a valid email address for administration purposes. This email address is not used for any other purpose and remains local to the Sophos XG Firewall AMI.
Resources
Support
Vendor support
For customers who participate in the AWS Product Support Connection, Sophos provides technical support via phone and web portal. Phone: +1-844-591-2756 Web portal:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sophos
By Palo Alto Networks
By Juniper Networks
Top
10
In Network Infrastructure, Security
Top
10
In Network Infrastructure
Top
50
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Intrusion Prevention System
Deep packet inspection with IPS technology for threat detection and prevention
Web Application Firewall
WAF with bidirectional antivirus protection, authentication offloading, and path-based routing to defend against SQL injection and Cross-Site Scripting attacks
URL Filtering and Content Control
URL filtering capabilities with country-level blocking and pre-packaged web filtering policies
Centralized Policy Management
Centralized management of user, application, and network policies with preconfigured templates for Active/Active and Active/Passive deployments across multiple availability zones
Synchronized Security Integration
Synchronized security linking endpoints, cloud workloads, and firewall to relay health status and enable coordinated threat response
Application Layer Visibility and Control
Complete application layer-7 visibility and control of traffic with next-generation firewall capabilities in AWS environments
AI/ML-Powered Threat Detection
AI/ML-powered inspection engine with researcher-grade signatures for detection of zero-day threats, exploits, malware, spyware, and command and control attacks
Dynamic Policy Management
Policy definitions that dynamically apply to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones without manual intervention
Cloud Infrastructure Integration
Seamless integration with Gateway Load Balancer, AWS Auto Scaling, and Transit VPC with AWS Transit Gateway for protection across dynamic and large-scale deployments
Advanced Threat Prevention Service
Cloud-delivered Advanced Threat Prevention security service with market-leading threat coverage against known and zero-day threats while maintaining performance
Next Generation Firewall Architecture
High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
Anti-Virus and Malware Protection
Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
VPN and Secure Connectivity
IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
AWS Cloud Service Integration
Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.
Standard contract
No
No
No
Customer reviews
Rayudu D.
High-Performance Firewall with Intelligent Threat Correlation and Response
Reviewed on Jun 16, 2026
Review provided by G2
What do you like best about the product?
Here’s what I like most about Sophos Firewall, explained clearly:
Synchronized Security (top highlight): The firewall and endpoint security work together in real time.
Automatic threat response: Infected or risky devices can be automatically restricted or isolated, without requiring manual action.
Real-time visibility of device health: I can instantly see whether a system is “healthy” or compromised through Security Heartbeat.
Faster incident containment: Threats are contained at the network level right away, which helps reduce spread.
Less dependency on manual monitoring: Admins don’t need to constantly track every endpoint, because the system helps enforce the right actions.
Stronger layered defense model: It combines endpoint and network intelligence, rather than treating them as separate pieces.
Synchronized Security (top highlight): The firewall and endpoint security work together in real time.
Automatic threat response: Infected or risky devices can be automatically restricted or isolated, without requiring manual action.
Real-time visibility of device health: I can instantly see whether a system is “healthy” or compromised through Security Heartbeat.
Faster incident containment: Threats are contained at the network level right away, which helps reduce spread.
Less dependency on manual monitoring: Admins don’t need to constantly track every endpoint, because the system helps enforce the right actions.
Stronger layered defense model: It combines endpoint and network intelligence, rather than treating them as separate pieces.
What do you dislike about the product?
Nothing significant to dislike. Overall, the firewall meets my expectations in terms of security, performance, and usability.
What problems is the product solving and how is that benefiting you?
Solves fragmented security management by bringing firewall, endpoint, and network security into one unified system, which reduces the need to manage multiple tools separately.
It also improves threat detection and response speed. Security Heartbeat provides real-time device health visibility, helping me quickly identify and isolate compromised systems.
It reduces the manual security workload as well. Automated policies and synchronized response actions minimize constant monitoring and manual intervention.
Protection against modern threats is stronger, too. The IPS, web filtering, and malware protection help block advanced attacks before they spread.
Centralized control is simpler across multiple locations. Sophos Central makes it easier to manage distributed firewalls and endpoints from a single dashboard.
Network visibility is improved with clearer insights into traffic, applications, and user activity, which helps with decision-making and policy enforcement.
It also supports secure remote access. Reliable VPN solutions help ensure safe connectivity for remote users and branch offices.
It also improves threat detection and response speed. Security Heartbeat provides real-time device health visibility, helping me quickly identify and isolate compromised systems.
It reduces the manual security workload as well. Automated policies and synchronized response actions minimize constant monitoring and manual intervention.
Protection against modern threats is stronger, too. The IPS, web filtering, and malware protection help block advanced attacks before they spread.
Centralized control is simpler across multiple locations. Sophos Central makes it easier to manage distributed firewalls and endpoints from a single dashboard.
Network visibility is improved with clearer insights into traffic, applications, and user activity, which helps with decision-making and policy enforcement.
It also supports secure remote access. Reliable VPN solutions help ensure safe connectivity for remote users and branch offices.
Sandip D.
Consolidated Threat Protection with Intuitive Control and Real-Time Visibility
Reviewed on Jun 16, 2026
Review provided by G2
What do you like best about the product?
What I like most about Sophos Firewall is how well it balances strong security with simplicity. It brings together advanced threat protection, deep packet inspection, and application control in a single platform, yet it remains straightforward to configure and manage. The centralized interface also gives clear visibility into network activity, making it easier to spot potential risks quickly and respond to them without adding unnecessary complexity.
What do you dislike about the product?
I don’t have any major concerns with Sophos Firewall. It has been stable and reliable in our environment, and it continues to meet our security and operational requirements effectively. Any minor adjustments we needed to make during configuration were manageable, straightforward to address, and did not affect overall performance.
What problems is the product solving and how is that benefiting you?
With Sophos Firewall, everything is centralized in a single interface. The biggest improvement for me has been the unified visibility: being able to view application usage, threats, and user activity all in one place makes it much easier to understand what’s happening on the network in real time. The built-in threat intelligence, along with synchronized security with other Sophos endpoints, also reduces the need to manually correlate alerts across different sources.
Rameshwar M.
High-Performance Firewall with Strong Security Controls
Reviewed on Jun 16, 2026
Review provided by G2
What do you like best about the product?
What I like most about Sophos Firewall is the combination of an easy-to-use, centralized management console and strong built-in security features. It gives me clear visibility into network traffic, solid threat prevention, and straightforward policy configuration, which makes day-to-day network security management more efficient and easier to handle.
What do you dislike about the product?
At this time, I don’t have any major concerns or issues with Sophos Firewall. It has been performing well for me, and it continues to provide consistent protection along with reliable management capabilities.
What problems is the product solving and how is that benefiting you?
Sophos Firewall helps us protect our network from cyber threats such as malware, ransomware, and unauthorized access. It also makes security management easier with a centralized console, gives us better visibility into network traffic, and enables us to detect and respond to suspicious activity quickly. As a result, we’ve reduced security risks, improved operational efficiency, and strengthened our overall network security posture.
Telecommunications
Sophos Central: Easy to Use with Strong Manageability and Control
Reviewed on Jun 16, 2026
Review provided by G2
What do you like best about the product?
Sophos central for Manageability and Control , Ease of use.
What do you dislike about the product?
Sometimes renewal commercials goes beyond the Budget.
What problems is the product solving and how is that benefiting you?
we are using sophos XDR and seamless integration and synchronized security is very vital and visibility and immediate action.
Nicholas O.
Great v22 release
Reviewed on Jun 16, 2026
Review provided by G2
What do you like best about the product?
Great improve especially on v22. Like the firewall health check.
What do you dislike about the product?
Well, prefer that there is an on-premise Management Server
What problems is the product solving and how is that benefiting you?
It help secure my network.