Hello -
We have four Sophos servers on prem. One parent SEC and three child SUMs. The parent SEC gets updates from Sophos and the child SUMs update from the parent. The SEC and SUMs are configured to use WebCIDs for updating. This has been the configuration for our Sophos environment for the last 10 years. All of the necessary ports on the SEC's firewall have been configured correctly. On August 24, 2021, the child SUMs stopped getting updates from the parent SEC.
If I turn off the host firewall on our SEC, the child SUMs update successfully. When the host firewall on SEC is on, the child SUMs can no longer receive updates from the SEC. AFAIK, no changes have been made on the SEC or SUMs. Most of the firewall exceptions have been pushed to the SEC and SUMs via group policy.
I have an opened support request with Sophos and we are unable to solve the issue after a couple of Zoom sessions.
I guess the work around will have to do for now, which is turning off the firewall on the SEC.
This thread was automatically locked due to age.