Sophos

257

Solutions

467

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have 13 IPSec VPNs that are set up and working on a VMWare NSX Edge. The remote sites are all Sophos XG Firewalls. They used to connect to a Sophos firewall. In the earlier scenario, there was a VPN to VPN rule that joined all the Sophos IP Sec connections together in a hub and spoke network design. One could see devices between Atlanta to Orlando, for example.

Now I have them all connected successfully to the VMWare NSX Edge firewall. I have 2 rules for each location on the NSX.  For example, NSX to Atlanta and the reciprocal Atlanta to NSX.

I'd like for traffic to be seen from one location, like Atlanta, through the NSX Edge to Orlando.
On each Sophos connection to the Edge, I've added the remote networks I'd like to add to the Edge connection.  
In the previous all Sophos configuration, at the "hub" Sophos, a rule of VPN to VPN was in place to make this happen.
But I think I'm missing something on the NSX Edge to allow for Atlanta to "see" Orlando.

I have added reciprocal rules of Atlanta to Orlando and vice versa on the NSX but that is not working.
0
Exploring SharePoint 2016
LVL 19
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

We had a none critical server get infected with the Cheetah virus.  I have run Sophos and Malwarebytes and neither has fixed it.  I can change the extensions manually but that will take forever.

There must be a simple solution that one of you have tried.   HELP!
0
Hi,

We have recently acquired another company, MD says 'Join them together so we can communicate and access all resources'. As a one man band looking after the existing company I am stumped.

A run down of what I have to work with.

Company 1
Caxxx.co.uk has 2 locations, hosted DC(DC1) and a production site(Prod1)

Company 2
Sezzzzzz.co.uk has 2 locations also, the hosted DC(DC2) and a production site(Prod2)


The sites are a mixture of Cisco, Sonicwall, Sophos firewalls and there is no overlap of IP ranges between each site. First thought was to create the site to site vpn connections so at least communication could be established, I set this up and am able to ping  device at each locations. Second was to add the forward and reverse lookps into the DNS records which I have done. I am able to connect using the ip address and the FQDN eg. NCL-DC01.ad.caxxx.co.uk but not NCL-DC01.

Can I be pointed in the right direction so I cn read up on what I need to do to get this to work, apart from creating a new forest as this will be done a later stage.

Thanks
0
I have a client who would like to move away from KASPERSKY ENDPOINT SECURITY to either SOPHOS or TREND MICRO for their corporate environment. Other than the cost involved, I would like an input into the Pros and Cons of the three in order to make a decision on the above.

Your input shall be highly appreciated.
0
We are the office365 Users and subscribe to E3 plan.I would like to know is that possible all our machine join to office365 domain ?

1.If can ,what is the pro and con
2.Any additional license require in office365 ?

Our main target is using azure to manage the user account and integrate with sophos central .
0
I have a Juniper SRX220 Firewall.  I am connecting to a Service provider who is running a SOPHOS Software base UTM firewall.
They tell me there is little for them to configure and that they have a couple thousand site to site VPNs connected.  Hence, the problem is back on me.

What happens is the Site to site comes up and everything is working, and then about 15 minutes or so into it the Tunnel goes down and I have to reinitiate the tunnel.
I am at a loss to see any problems.  Anyone seen something similar.  It has to be something simple.   Ive attached a file with some shots of the configuration that I have control of.JuniperScreenshots.docx
0
I have two Sophos SG 230's that are configured for HA.  I have the LAN Port on the Master going to Switch 1.  I have the LAN Port on the Slave going to Switch 1.  I would like to add another LAN interface in the UTMs that I can use to connect them to Switch 2 for redundancy purposes.  

To properly do this, would I simply change interface eth0 (my current LAN interface) from "Type: Ethernet" to "Type: Bridge" and select one of the available interfaces / nics available on the UTM?
0
Dear Experts,

We have configured SSL VPN for the Sophos XG 310 firewall to use.

When we tried to add a second ssl vpn account copying the first account settings, we are unable to connect.

Is there a log for SSL VPN?
0
Dear experts, we are testing Sophos xg310 and Exchange 2016 server. If we use webmail owa, we can send/receive emails normally but we cannot connect to our accounts via MS Outlook and mobile.

Can you please suggest? Many thank
0
Hello Experts.  Any experience or recommendations regarding Microsoft ATP in O365 vs a traditional Endpoint Solution such as Sophos or ESET?  We are an educational institution so have an A1 licence.  Getting an A3 or A5 would allow ATP along with many other features I would like to have.
1
OWASP: Threats Fundamentals
LVL 19
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

I have a request to give a file/folder encryption software.
I saw Sophos Safeguard but it seems very expensive compare to other softwares.
Anyone knows a better software whch encrypts and password protect the files/folders.
Customer wants to password protect a file and send by email and share the password privately.

Appreciate your advise.
0
Sophos uses bitlocker as far as I'm aware. Bitlocker requires tpm modules? How do I check if all my laptops have a tpm module.
0
My employer was hit with malware two months ago and we've contained and treated it. However, it looks like our address book got hijacked. Users are being bombarded every day by spoofed emails using names of our employees, but coming from various domains around the world. Outside customers and vendors we often communicate with are also reporting that they are getting the same type emails, multiple times daily.

I know this is a long shot, but is there anything at all we can do about this? I suppose anybody can type any name in the "From" box on a message and since they have our names and contacts, they are exploiting it. We mark all external emails as [EXTERNAL] so at least people will see that the emails come from outside our domain despite the user's name, but that doesn't help for our vendors, customers, and other contacts.

We currently have Sophos installed on our servers and desktops, and run Barracuda's spam filter. Most of this stuff is getting caught and blocked, but there are so many that a few still slip through.

Any suggestions here?
0
Hello, We in the middle of integrating our on premise AD to our SOPHOS firewall. We had to download the SOPHOS firewall plugin to connect to AD and server information. Apparently the app reads certain particular events that tell it if a users has logged in or logged out of his or her computer system and based on that consider the user active and therefore starts logging and allowing that AD user access to the internet.

Currently this is not working and the cause per SOPHOS Senior engineer is when the user signs in the event viewer we see ID 4624 pop up but right after we get an event 4634 stating a logoff and the following message...

"This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer"  

SOPHOS Engineer specifically said event ID 4634 is causing this issue.

It makes sense that 4634 may be causing issues since it says the user is logged off when in fact they just logged in but is that event ID 4634 a normal event across all servers or an issue I must fix?

-Currently only 1 domain controller
-Windows Server 2016
-About 60 Users
0
Does anyone know why a Sophos firewall would suddenly stop providing proper DNS? We thought it was a Verizon issue, but the traceroutes I'm running stop at the firewall? I checked the DNS entries and they read like the Sophos site says they should.
0
Dear Experts,

I have a VMware 6.7.0.

I am trying to deploy a sophos VMW using ovf template on it and it says "A required disk image is missing"

How do I properly deploy ovf template as I only add the virtual_sf.ovf and disk1.ovf file only.

Anyone can guide me on how I should properly do it.
0
Dear Experts,

I have a Sophos vhdx installed into my hyper-V version SFOS 17.1.3 MR-3.

How do i login and configure the IP address and its interfaces?

I only managed to access the console via the Main Menu.
1
Hi Guys,

I am trying to configure a SonicWALL TZ400 site-to-site VPN.
We have a Sophos firewall router on the remote side.

The Dell SonicWALL replaces our previous Netgear Prosafe FVS336G router, which connects the site-to-site VPN successfully.

I confirmed the Dell SonicWALL VPN / IPsec settings again and again, but no connection unfortunately.

I used the SonicWALL quick VPN configuration.

I've noticed that the access rules for "VPN to LAN" have been auto-added, as well as "VPN to WAN"

Are there any changes that is needed to the access rules, or NAT rules for the site-to-site VPN to work?
Any recommendations are welcome ...
0
We have a Windows 2012 R2 domain with 2 domain controllers. Users authenticate to the domain with no problems.

We have 2 subnets
LAN: 192.168.0.0/24
WLAN: 192.168.4.0/24

The WLAN traffic is routed through our Sophos XG230 Firewall/Router 192.168.0.1

Any user authenticating against one of the domain controllers (from the WLAN) shows  the ip address of the Firewall/Router, not its correct ip address of hte host they are on.

I can see this in the kerberos TGT in Event Viewer 4768.

This is only happening on 1 of the domain controllers.

Any ideas on how troubleshoot would be greatly appreciated.
0
CompTIA Cloud+
LVL 19
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

I am looking at getting a new Wifi solution for our new building.  I have looked at Meraki, Ruckus and Arruba, Sophos and even at a Cisco controller option.
I'm having a hard time deciding which solution is best for my environment.  We have two separate buildings, but will all be one system.  Hands down, the Meraki cloud has the best analystics and displays the data the best, my opinion, but it's not the cheapest.  Going from a controller based to cloud based design makes me uneasy, as if the internet goes down, then my entire wifi is down as well.  
By far I like the Meraki dashboard and the options available in their cloud.

We will need about 50 APs for both buildings.  I'm working with a vendor that said after we move forward with the purchase, they will perform a heatmap analysis, so we know where to place them, so that's good.

Any suggestions what to look out for, or any recommendations?  
Does anyone not like Meraki or any of the others I mentioned?
1
We have experienced some issue with Sophos AV and Exchange server 2016. I want to uninstall Sophos but have been unable to do so cleanly(even with the help of their tech support). I remember that MS had and uninstall tool that worked very well. Is this tool available and if so where can I obtain it? If the answer is no what other options do I have.
0
I am looking at a replacement for our aging Cyberoam UTM. One of our options is the Sophos X330, which appears to be a good upgrade path for my requirements.

Has anyone used Cyberoam and the moved to Sophos? I am curious if there are setup and managing similarities. Seeing as Sophos acquired Cyberoam a few years ago, I was wondering if the Sophos UTM would be familiar in some way after using Cyberoam. Maybe they had adopted various features, and so the appliance would be familiar in how it was setup.

Would you consider the Sophos XG series easy to setup and deploy? I don't really want to get a technician in to setup the system on the new UTM. I setup our Cyberoam and continue to manage it without a problem, so I am hoping to do this with whichever new one we choose.

Any other thoughts about your positive or negative experience with Sophos UTM's would be appreciated?
0
We are currently deploying Mimecast to our environment. We had setup the journaling and send connectors. We found that all the journaled traffic was causing a backlog in our on premise Sophos Email appliance. My question is, can I configure the primary send connector to our email domains instead of *, and configure the mimecast send connector for it's domain @journal.ourdomain.com.au, or is this going to cause issues?
0
Dear Experts, can you please suggest pros and cons of this diagram? Any suggestion please?

aqua.PNG
0
Dear Experts, we are moving our Data Center in the next 2 months. What should we consider and take note in order to move DC smoothly?

Our environment:
- 4 x Server ESXi6.5 (HP Gen9)
- 2 x Routers Cisco 3925
- 2 x Core Switch Cisco 3750/3560
- 1 x Firewall Sophos XG
- 10 x Access Switch Cisco CE500
- 5 x WAP Cisco Meraki MR18
- 5 x Physical Server IBM x3650

Many thanks!
0

Sophos

257

Solutions

467

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Top Experts In
Sophos
<
Monthly
>