Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945

Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!

Email notifications for rule changes UTM 9

Hi there,

Is it possible to setup an email notification to inform us when someone has changed any of the firewall rules or other related configurations on the UTM 9 device?

Thanks

Chris

  • In reply to Chris Golden:

    Hi Chris and welcome to the UTM Community!

    No, that's not possible.  Some suggestions for securing access and tracking changes in the UTM.

    1. The admin account should be reserved for use only when personal accounts are not being authenticated.  Only one person should know the password.
    2. Each person with any kind of access to WebAdmin should have a personal account.  My preference is to sync those users to the UTM from Active Directory, an LDAP server, etc.
    3. All allowed to access via SSH should do so via PuTTy and with a personal RSA key.
    4. Only one person should know the loginuser and root passwords and access via these should be for use only when access at the console is needed.
    5. Activate the notifications for SSH, WebAdmin and Console logins.
    6. To check the specific changes made by individuals, follow the suggestions made in Are the changes that I make logged?

    Cheers - Bob