FIPS / CC Support
There are customers in the Law Enforcement / Federal space that require FIPS / CC support. Sophos XG is immediately disqualified from consideration because it lacks FIPS / CC support.
This would be great for non federal users that have to comply with SP 800-171.
Kevin Salisbury commented
This is becoming a much larger issue. It's no longer just a government only requirement. Now DOD suppliers with unclassified but protected data must use WiFi, VPN and Firewall systems which support FIPS 140-2 validated encryption. Many existing Small to Medium Sophos customers are now required to meet NIST SP 800-171 encryption and data protection requirements now and they are forced to migrate or hope to not be caught in an audit. Audits by USG have begun, hopefully someone at Sophos will take this seriously...we also need to start seeing all Sophos products with STIG's...see this; https://iase.disa.mil/stigs/Pages/a-z.aspx?#