Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x

Sophos

214

Solutions

394

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Share tech news, updates, or what's on your mind.

Sign up to Post

For the patch of the chip vulnerability, can I just download the patch from microsoft and install it on all servers and workstations rather than use windows update?  I have a couple servers and 20 workstations.  Also, I noticed that you have to be careful with antivirus because of a registry entry.  Can someone help me out with this issue, I use SOPHOS antivirus and the link below details what they are doing to work with the MS patch.  I think it says that SOPHOS works with the patch but I am not entirely sure.  Better safe than sorry.  Here is the link:    https://community.sophos.com/kb/en-us/128053
0
Free Tool: Port Scanner
LVL 11
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Hi All,
We have two sites linked via BT routers and each site has its own UTM and fail over simple diagram below.

WAN                                         WAN
  |                                              |
Router                                     Router
  |                                               |
UTM                                         UTM
  |                                               |
Lan - Router -WAN - Router - LAN

So we have a site link and two sites with Primary/DR with fail over routers

The primary site UTM has IP : 194.72.126.66 GW : 194.72.126.65
The primary sites internet works fine

The secondary DR site UTm has IP : 194.74.139.67 GW : 194.72.126.65
I cannot get out to the internet from this UTM

BT have said there is no issue with the routers and the failover is working on the routers.   Below is the information BT have provided me concerning the IP address allocation.

I have recently taken over this position and I'm under the impression this has never worked any ideas why the second UTM at the DR site cannot get  onto the internet?

Regards

John H

194.72.126.64 255.255.255.224
194.72.126.74<<used on primary router
194.72.126.75<<used on V1 router
194.72.126.65<< HSRP standby address and the gateway for you to point to from both devices
 
194.74.139.64 255.255.255.240
194.74.139.66<<< used on primary
194.74.139.67<<used on V1
194.74.139.65<<< HSRP standby address and the gateway for you to point to…
0
Hi

Were looking at this in detail.  Would like to audit and monitor data that is being driven by users, so services and apps they are using, and what they are sending via email in particular.
Tried exchange online DLP - pants.
Mimecast DLP - pants
Sophos DLP - seems ok, but not great.

Anything else out there?

Thanks
0
Trying to remove Sophos AV

Following these instructions ->


https://community.sophos.com/kb/en-us/109668



Go here and check for components to uninstall - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\



How do I determine which of the Uninstall strings listed in this hive is for Sophos? And for which Version? I'm looking for 11.0.11.

AJ
0
I have a server with a Hyper-V role and virtual machines and a firewall sophos installed.

I would like to create a rule in which when a client (out of the internal network) want to connect to remote connection then this user need to transfer to a specific virtual machine (not to the host server).

How to create this rule?
0
Dear Wizards, can we have some solutions (Open source) to setup networking environment for startup (small) company. We knew some things like:
- Firewall/Router: Sophos XG Home, pfSense
- Storage: FreeNAS, XPenology
- PC: Ubuntu, OpenOfficce

How about the Switch? Is there any Open Source ISO file that we can use to simulate the Switch (let's say Cisco :))

Many thanks!
0
Hi Experts,
I have a Sophos Firewall and want to use at home. I got some Information that if i use it at home then i Need Home-use license.
how can i get homelicense for it? I look at Sophos web site but i did not understand how is?

Thank you so much and Regards
0
Hello All,
I am hoping that you can provide me some fresh eyes regarding this issue.

Environment
- SBS2011 Virtual Machine, single NIC, DNS configured to point to itself, sole DC
- 7x client machines with workstations only pointing to server for primary DNS, no secondary
- Cyberoam firewall with Sophos OS, latest firmware
- SBS DNS has 4x forwarders (2x ISP, 2x Google) configured to 3 sec timeouts.

Problem
All of the workstation clients have been experiencing an internet outage that lasts seconds.  The symptom is that they will go to load a webpage and the page resolution appears to hang.  The result is either a very slow loading webpage that eventually comes up or partially comes up, or a page saying the website could not be resolved.  If they refresh the page, it immediately comes up.

Troubleshooting
- Assign workstations to only use external DNS (8.8.8.8), issue goes away
- Assign workstation to a different gateway, issue goes away
- I installed a new secondary DNS server that pulled its info from the SBS DNS.  This VM was joined to the domain, but not promoted to a DC.  I then moved one workstation to the DNS server and the issue did not resolve.

My thoughts
My concern is that the SBS DNS is somehow corrupt or not working properly.  Is there a way to reset it?  

I could also rebuild the secondary server without pulling the DNS info from the SBS server, but my fear is that it will be missing critical AD required information for the workstations.
0
I have internet in my building (PPPoEoE), currently, i'm using a linux machine as the router/firewall and I want to migrate to sophos myutm.

when I connect to the internet using linux, I have my default route that just routes to the interface:
ip route add default dev ppp0

The thing is, Sophos doesn't support interface routes for whatever reason, so it's using the PtP remote address, which my ISP has set to 10.0.0.1. The problem is, MY router is 10.0.0.1, so when it adds the default route, it stuffs everything up.
Sophos runs linux in the background, and I can remove this route and add an interface route and everything starts working again.
The route set by my ISP does the following:
ip route add default via 10.0.0.1

My ISP says this doesn't matter because it is a PtP route, so it should route, however, it doesn't.

I've had to revert to my linux machine, and looking at the logs, with the relevant lines at the bottom of this text

I expect the remote ip address to be something like 118.33.24.15 rather than 10.0.0.1

Is my ISP wrong? can someone point me in the direction of the relevant information about this? I've had a look online, and I can't find anything specific.

Nov 23 22:23:49 firewall pppd[29996]: Using interface ppp0
Nov 23 22:23:49 firewall pppd[29996]: Connect: ppp0 <--> eth1
Nov 23 22:23:52 firewall pppd[29996]: CHAP authentication succeeded
Nov 23 22:23:52 firewall pppd[29996]: peer from calling number 4C:5E:0C:DE:88:D0 authorized
Nov 23…
0
Hello Experts,
I want to learn VLAN configrations on HP Procurve Switches. I Need your suggestions about  which HP Switch models ,is best for beginning. I will buy Switches on eBay.
I have a Sophos UTM 220 Hardware Firewall at my Network.

1.do i Need to buy layer 2 or layer 3 Switches?
2.which HP model can help VLAN configuration?

Thanks
0
Become an Android App Developer
LVL 11
Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

I am creating a new network and each machine we would like to install Norton AV but all laptops has Bitdefender on it and my question is:

1 - Can I use Bitdefender for my network? or Norton is better?

2 - Any advice on Sophos end point?


Can you please kindly advice?

Best regards,
Mallony
0
Dear Experts, we could not setup the VPN connection between Router C3925 and Firewall Sophos XG210. Attached files are the log in both 2 devices. Please revise and suggest, many thanks!

Public IP address of Firewall Sophos XG210: {A}.{B}.{C}.{D}
LAN IP network of Firewall: 172.16.16.0/24

Public IP address of Router C3925: {Q}.{W}.{E}.{R}
LAN IP network of Firewall: 192.168.6.0/24


This is the configuration on Router

interface GigabitEthernet0/1
 description "ISP 1"
 ip address {Q}.{W}.{E}.{R} 255.255.255.192
 ip access-group SECURITY-IN in
 ip access-group SECURITY-OUT out
 ip flow ingress
 ip nat outside
 ip virtual-reassembly in max-fragments 16 max-reassemblies 64 timeout 5
 duplex auto
 speed auto
 crypto map MYMAP

crypto isakmp policy 10
 hash md5
 authentication pre-share
 group 2
crypto isakmp key 6 password_here address {A}.{B}.{C}.{D}
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set MYSET esp-des esp-md5-hmac
!

crypto map MYMAP 10 ipsec-isakmp
 set peer {A}.{B}.{C}.{D}
 set transform-set MYSET
 match address 106

access-list 106 permit ip 192.168.6.0 0.0.0.255 172.16.16.0 0.0.0.255

Open in new window


Here is the configurations on Firewall:

IPSec profile:
Firewall_IPSec.JPG
IP Host:
Firewall_IPHost.JPG
Firewall rule:
Firewall_Rule.JPG
Firewall VPN:
Firewall_VPN.JPGRouterCisco3925Log.txt
FirewallLOG.JPG
0
Set-up issues


I will preface this by saying I had a UTM120 for three years with the UTM9 OS and right now thinking boy I miss those days.  I was told that my appliance was nearing end-of-life so to renew licensing I went with the XG115.  I had configured UTM9 on my own and generated help desk cases if issues arose.  This appliance is quite a bit different.  Firmware XG115 (SFOS 17.0.0 GA) so on the latest firmware.

What I am trying to resolve right now is that any type of web surfing is extremely painful.  I have an on-premise Exchange server so port 443 is being forwarded to it but I also have the default network rule of WAN to LAN all ports and all services are open.  I have a similar network rule that WAN to LAN port 443 is open thinking of other workstations that initiate SSL traffic it will find its way back to the device that initiated the traffic.  Let's face it.  Most web sites are https.  I am constantly being warned that the certificate cannot be verified and I have to click to still access the site or create an exception for the site depending on the browser.  I cannot log in using an account to any web site.  Some sites I can't even create the exception in Firefox.  I can't use the StartPage search engine.  Amazon looks like crap.  No pictures and just a bunch of links.

A little bit on the network.  Uverse gateway goes to a Cisco ASA appliance that I consider my perimeter (and why not have another layer of defense !).  The XG is in bridge mode.  For a …
0
What are the differences between Sophos XG and Sophos UTM? Do we have an iso file of Sophos XG? Many thanks!
0
I've recently installed Sophos XG230 UTMs on two campuses. Now our Sharp copiers could no longer scan to email.

They SMTP through a gmail account.

I know the user email and password are correct but we get a Error [3332]:  Authentication type not supported.
 
When tested with 'no authentication' connection to SMTP server is fine.

Whilst testing I have allowed all outbound traffic.

Any help would be greatly appreciated.
0
Dear Experts, we have 1000 users located at multiple sites.
- The Headquarter office includes 400 users, has Cisco Router 3925, not yet Firewall.
- Site A includes 200 users, has Sophos Firewall.
- Each of Site B, C, D, E has 100 users, only has Modem Internet, not yet Firewall

In Headquarter, the AD server (Win Server 2012R2) is ready but we are not sure about the method to join domain for ALL users. We have several questions as below:

1. MPLS-VPN leasdline and VPN connection, which one is better in terms of performance and cost?

2. In case we choose VPN connection, should we choose Site-to-Site VPN or Remote-Access VPN, and why? Which devices should we buy?

3. As my understanding, in VPN connection, the users who connected will use the Internet connection from VPN server, is it right? If so, will the VPN connection is suitable for 1000 users?

4. For the Domain diagram, which model should we use for high performance and availability? We intend to install Addition DC in Headquarter and RODC in each site? Is it okay?

5. In Headquarter, all servers are VM and we have Veeam 9.5 to backup, but in sites servers are physical. Which backup software is the best for physical AD machines?  
0
I am looking for any software appliance for Sophos XG.

I need it for make practice with Sophos firewall.
0
I need a firewall for branch office with 8 users and may go up to 12 in the next year or two. Most of the resources are in Head Office (HO) and has Sophos XG firewall. Remote users use Sophos SSL VPN client individually on their computer and RDP access to connect to HO. Now the requirement is to replace SSL VPN client and establish a site-to-site VPN and join all the remote computers to the DC in HO. I was looking at Sophos XG 115 for the branch office.

Would like to get some expert advise on Sophos XG 115 device for branch office or if there are any other better alternative available for site-to-site VPN? Also trying to keep the cost to minimum.
0
Sites hosted on godaddys secureserver.net are inaccessible from our main external ip address.  I called our firewall support at sophos and they said that the sites in question are not responding to our tcp handshake and this is why we cant connect. Sophos says I needed to call godaddy and see why they are blocking our ip address. I called them but they said our ip is not blocked and there is nothing they can do for us.  Im not sure what to do next.  Any ideas?
0
[Webinar] Database Backup and Recovery
LVL 11
[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Hi,

We have been asked to setup mandatory TLS by one of our customers, for all incoming and outgoing mail to their domain.

We run Exchange 2010 servers, Sophos Email Appliance, and we also use a cloud based spam filter.
All incoming and outgoing email goes through the Sophos smarthost, also incoming mail hits the spam filter first then is passed to Sophos.  Outgoing mail doesn't go through the spam filter.

I've researched and think I know how to configure TLS on Exchange, Sophos, and our spam filter.

Will I need to configure TLS on Exchange for the send and receive connector?
Exchange isn't externally facing, so I am assuming the self-signed certificate will work for TLS with our internal smarthost?   The smarthost is externally facing so it will need a public cert and configuring for TLS.

I had a thought that maybe for incoming email I wouldn't need to configure TLS on our internal Exchange, but I could be wrong?

Thanks in advance.
0
I am interested in installing Sophos XG firewall home edition on a PC. the following link has been given to me by Sophos as a link for the free download.

Link for Sophos XG firewall home Edition

I am somewhat nervous however as the site issues a warning to the effect that any existing operating system will be erased when installing the product. I understand this bit I am not sure what will happen if I click the Get Started button on the Sophos web site.
I would hope that an image file would be downloaded that I could burn to a CD/DVD and then use to install the product on a PC with no OS on it.
I wish to be assured that clicking on the Get Started button won't result in the XG firewall being installed on my PC and wiping out the my PC.
0
Hi
am a bit puzzled with how proxy server works, This is simply set in user's IE setting pointing to Proxy server for internet access (lets say site A is where the proxy server is located)

here is the confusion, remote site B users use the same proxy configured same as the above in IE, they are able to access internet successfully. I am trying to install Sophos Central (.exe file) on machine's in site B which needs  an active internet connection for the installation to complete successfully as its Cloud based and needs to communicate/download over the internet.

The issue is it can't communicate with Sophos Cloud portal and the installation cant continue, the only way I can get it to communicate is by using Netsh - netsh winhttp set proxy proxyservername:portnumber, on the computer and then this allow the installation to complete.

So my question is why doesn't IE proxy setting work for this Sophos installer but the above command does, what's the difference between them and how can I go about installing this on other computers without having to manually type this command on every machine?

Thanks
0
We are looking at upgrading our current Exchange 2010 onsite servers to the Exchange 365 Cloud based.  We currently have onsite Barracuda and Sophos devices that handle our SPAM and Antivirus e-mail scans.  We will have these devices for a couple more years before renewing.  I was wondering if anyone has any information on using these devices with the Exchange 365 cloud?  We are told that they will work, but we are wondering about the e-mail coming here and then up to Exchange 365.

Thank you
0
Dear Experts,
I have an issue lately after upgrading email security appliance. All outbound mails are using my Cisco firewall interface IP and often bounces as my email server public IP is different. Email appliance is Sophos EA.
My email server public IP is 86.xxx.xxx.197
Cisco FW ASA interface public IP 86.xxx.xxx.196
There is n option on sophos to change outbound IP address it takes primary up (internal).
On Cisco I have all SMTP traffic going out via 86.xxx.xxx.197. but still traffic from sophos EA goes out via 196.
What should I do on Cisco ASA to make sophos ( internal IP 192.168.1.88) to use 86.xxx.xxx.197 for all outbound traffic.
0
We have the sophos utm firewall. Do you know if there is a way to get a specific users web traffic?
0

Sophos

214

Solutions

394

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Top Experts In
Sophos
<
Monthly
>