Join the Sophos firewall revolution – Project Copernicus beta now available

Project Copernicus betaThis year, we’re revolutionizing the firewall, giving our award-winning SG Series appliances an all-new operating system that combines the best of both Sophos and Cyberoam technology.

The codename for this new firewall platform is Project Copernicus, and we’re excited to inform you that the beta phase is now underway. This is your invitation to take an early look at the new software and put it to the test.

To get a brief introduction to Project Copernicus and it’s many innovations, watch this short video (password: Copernicus2015!).

Project Copernicus - Watch the video

Of course, we don’t recommend updating production systems to beta firmware. But if you’re interested in exploring first-hand what Project Copernicus has to offer – and helping us continue to fine-tune it by providing your feedback – we would love to have you participate.

To get started, simply visit to download the new Sophos Firewall OS for your SG Series, Intel hardware platform, or virtual environment of choice. Then head to the Sophos User Bulletin Board to find documentation and tips, and share your feedback.

Project Copernicus - Firewall OS and SG Series Hardware

27 thoughts on “Join the Sophos firewall revolution – Project Copernicus beta now available

  1. This is pretty hard than I expected. I’m more knowledgeable on Sophos UTM configuration and know nothing about Cyberoam. I found out that some configuration in cyberoam is more complex than sophos like for example the blocking of websites. Sophos is more easier for me. Can someone leave an explanation how to block websites in this new Copernicus UTM? Everytime I block I will be redirected to Captive Portal, I want to be redirected to the default Block page of Sophos.

  2. WHAT IS THAT????
    It seems you create an old Cyberoam firewall in a new design and not the best of Sophos UTM and Cyberoam. Everything is difficult to administrate. Keep it simple is in this version no longer an attribute for a Sophos created firewall. Please, really please change everything…..

  3. Our only concern is that we’ve all used the Copernicus BETA here, and we understand it’s in BETA but it hasn’t been a hit so far. Maybe it’s due to a learning curve, but it almost favors the cosmetic side of it opposed to the functionality, usability, and the actual admins using it. Hopefully that will change by official launch, but I know at this point we’re not on board with the upgrade.

    Josh S.

  4. Looks great so far. I am excited by the possibilities of merging the two platforms – Astaro and Cyberroam. Techs will always complain when an interface changes, but i don’t see how it is more difficult to use – just different.

  5. Hey everyone, your feedback has been, and continues to be, very valuable in shaping the product. In fact, a lot of changes in Beta 2 have been the result of feedback from our valued partners and customers like yourselves. As Anna indicates, please head over to the forums to leave your feedback. The product management team is collecting/monitoring feedback closely:

  6. Whilst the interface is pretty, the web controls are very difficult to implement. If you want to create different policies for different groups of people then things get complicated. I don’t think a lot of customers are going to like this, unless this aspect is addressed. Web controls within the existing UTM are better, even if the interface is getting tired.

      • Chris, I would check with your own sales engineers that differ with your views. This is very difficult to work through, ive had many users experience with checkpoint, utm, websense and this is more difficult. Ive fed this back at all levels, happy to discuss on a call etc. I can offer no more.

    • Hi Aquiles, Sophos will be offering migration tools to migrate UTM 9 configurations over to SF-OS at some time following launch. We’ll announce the availability here on the blog when they become available.

  7. So a quick question, When you reference intel platform does that mean my AMD chip is not support AT ALL?

  8. I’ve been a home user of Sophos for some time, and to be honest would never have given ait ny serious consideration for use in a corporate environment based on interface design, and more importantly performance and management/reporting capabilities.
    Most choices in the new Copernicus beta are a substantial step in the right direction, interface is a dramatic improvement (but of course presents a small but steep learning curve). Reporting and dashboard views present a dramatic improvement, and decision to use zones and location of policy elements superior to previous designs and more inline with larger firewall industry players IMO. An area that I noticed that appears inferior is the log parsing/reviewing. Its very important for troubleshooting and other purposes to have rule/connection details in log views, basic things like source, destination, source/destination ports, policy triggered, etc. This standard data is just missing from the log views. In addition I’ve never understood why an aggregate view of all log types/sources cannot be provided in a more compact view with advanced multiple filtering options…this would be a powerful admin feature. But overall good work and mostly an improvement.

    P.S. Can you put a DHCP reservation feature in the onboard DHCP server…trivial grievance but I suspect valuable for home and small office users!

      • Thanks Anna, but unfortunately websocket (ws and wss protocol) is not working with WAF till now as per the community discussion. I have a ticket opened with cyberoam support from last 6 months and they are not able to fix the issue. I have licence upgrade to be done in next few days and I am in a dilemma whether to go for cyberoam-sofhos or change the vendor.

        Here are the community links where they are talking about websockets not working with WAF.

          • Hi, I’ve spoken to our product team and we currently do not offer websocket support in the WAF module. We are looking to add it in the future and will update here if/when that happens. Thanks.

            • Thanks Anna!! Websocket is present and future, and if this is not supported then how do we say that sophos and cyberoam machines are future ready??

              • Hello Anna,
                We are having a cyberoam device and recently found out that third party certificates are not working with WAF as cyberoam is stripping off the intermediate certificates and cyberoam WAF is using obsolete cipher AES_128_CBC instead of AES_128_GCM. When I removed the WAF and allowed the request hit directly to my webserver everything worked, the certificate chain was complete and the ciphers were modern, Hence in order to check if this issue is taken care of in SFOF, migrated to 30 days trial and to my utter surprise, WAF in SFOS didnt work. So I involved cyberoam support and they even confirmed the same. There are tickets opened 994041, 999082, 866538. I have escalated to everyone and still I havent got any ETA. Can you please help here??

                • Hi Pravash, Sorry to hear you are having trouble. I will talk to Support and see if i can get something sorted for you.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s