For those that just want to see a video on how to deploy a log collector on a VM
A video showing install and configuration of the integrator for the Meraki FW integration is available here: https://share.vidyard.com/watch/DGBMdhWcngheJGoCu7hCnt
Firewall Integration Guides
The Integration install guides for Firewalls and other log-collector based integrations are not currently showing in the Central XDR Console.
Our firewall integrations leverage a sys-log collector that needs to be deployed on a VMWare virtual machine, but before we setup that VM we need to generate the appropriate OVA for the log collector. To generate the OVA file you need to set the configuration options in central and save that. You will have an option to download the OVA once it gets generated. (This should take just a few minutes)
If you need assistance please contact us in the discussion section of the Forum or email us directly MDREarlyAccessProgram@sophos.com
Install guides for each of the log collectors is below
- Checkpoint Quantum https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Checkpoint/index.html
- Cisco Firepower https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Cisco/Firepower/index.html
- Cisco Meraki https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Cisco/Meraki/index.html
- Dark Trace https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Darktrace/index.html
- Fortinet FortiGate https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Fortinet/Fortigate/index.html
- Malwarebytes https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Malwarebytes/index.html
- ManageEngine ADAudit Plus https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Manageengine/index.html
- Palo Alto PAN-OS https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/PaloAlto/index.html
- Skyhigh Security Secure Web Gateway https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Skyhigh/index.html
- SonicWall SonicOS https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Sonicwall/index.html
- Trend Micro Apex Central https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/Trendmicro/index.html
Setting up the VM
Instructions for setting up the Virtual machine are here: https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/Integrations/DeployVMCollector/index.html