Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 6166 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall port settings for Sophos AV updates

John Harriott

Hi,

I am planning on installing Sophos AV on a RHEL 7.x server.

The server will connect to a web proxy via a firewall to pull down signature updates.

What ports and protocols must be opened on the firewall?

What URL(s) is used to provide updates?

Regards John



This thread was automatically locked due to age.
Parents
  • 0

    Hello John,

    first of all - Central managed or on-premise SEC managed? I assume the former as you don't mention a management server. Or is it perhaps a stand-alone installation?

    For Central please see Domains and ports required ... and the FAQs for proxy support. The same update locations (*.sophosupd.com, *.sophosupd.net - note that in the settings/policy you enter the symbolic Sophos öocation) are used by SEC-managed endpoints, AFAIK at the moment only HTTP. Live Protection needs additional URLs.

    Christian

  • 0 in reply to QC

    Hi Christian

    The installation is stand alone

     

    John

  • +1 in reply to John Harriott

    Hello John,

    as said, the update location is simply Sophos which indicates the sophosupd URLs that in turn are resolved to addresses on the CDN. Protocol is (still, I think) HTTP, could be HTTPS in the future.

    Christian

  • 0 in reply to QC

    Is there documentation that explains how to use a standalone Sophos AV instance with an authenticating proxy?

    Example:

    The server with Sophos AV installed has a service account managed by Active Directory. When AV updates are initiated the request is sent to the proxy. The proxy in turn authenticates the user via AD before forwarding the request to Sophos CDN. How are the service account credentials provided to the proxy when running the update utility from command line? Are they stored in a configuration file? N.B. the user running the update utility is different from the service account user.

    Regards John

Reply
  • 0 in reply to QC

    Is there documentation that explains how to use a standalone Sophos AV instance with an authenticating proxy?

    Example:

    The server with Sophos AV installed has a service account managed by Active Directory. When AV updates are initiated the request is sent to the proxy. The proxy in turn authenticates the user via AD before forwarding the request to Sophos CDN. How are the service account credentials provided to the proxy when running the update utility from command line? Are they stored in a configuration file? N.B. the user running the update utility is different from the service account user.

    Regards John

Children
Unfiltered HTML