Thread Info
  • Locked Locked
  • Replies 4 replies
  • Subscribers 14 subscribers
  • Views 4022 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why doesn't Sophos ship its own software firewall rather than relying on Windows Firewall and GPOs?

Martyn Drake

I've recently evaluated and bought Sophos Central with Intercept-X with EDR along with device encryption.  Very impressed so far. 

However, what I feel the package lacks is the complete ability to control the firewall.  I'd have preferred, like some other AV/security vendors, that Sophos deploys its own local software firewall on the device rather than relying on Windows Firewall and Group Policies.  And that firewall could have been partly controlled through the app control to ensure that apps that need network resources can be configured to do so on the local Sophos firewall rather, again, then having to configure the rules separately as a GPO.

One the reasons we went with Sophos Central was to be able to control as much as possible remotely without having endpoint server software installed locally (up until this point we were using ESET Remote Administrator).

Additionally, having the ability for Sophos to figure out what network it's on (domain, public, private) and change policies accordingly would also be a big bonus - especially for those machines that are BYOD and want to allow for better "freedom" (for lack of a better word) when an employee's own device is not connected to our network.



This thread was automatically locked due to age.

  • Seems it IS available when Endpoint is not used with Sophos Central!?!

    https://www.sophos.com/de-de/products/endpoint-antivirus/tech-specs.aspx

     

    https://ideas.sophos.com/forums/285723-endpoint-protection/suggestions/31253218-add-firewall-endpoint-protection-back

     

    Does anybody know why it is not available with Sophos Central?

    Regards, Jelle

    Sophos XG210-HA (SFOS 18.0.4) on SG210 appliances with Sandstorm and 1x AP55
    Sophos Central with Intercept X Advanced, Device Encryption, Phish Threat, Mobile Control Advanced

    If a post solves your question use the 'This helped me' link.

  • in reply to Jelle

    Interesting.. could this mean that Sophos might consider integrating it into Sophos Central at some point?  We have the top tier Central Intercept-X Advanced with EDR.

    (On a different note - all emails from Sophos Community are failing to pass SPF and DMARC, resulting in warning messages in G Suite - might be a good idea for Sophos sysadmins to double check the IPs from which these email notifications are being sent).

     

  • in reply to Martyn Drake

    That's why I don't use SPF. Came across too much wrong SPF entires even from companies you would expect to have it configured right.

    Regards, Jelle

    Sophos XG210-HA (SFOS 18.0.4) on SG210 appliances with Sandstorm and 1x AP55
    Sophos Central with Intercept X Advanced, Device Encryption, Phish Threat, Mobile Control Advanced

    If a post solves your question use the 'This helped me' link.

  • Hey All,

    We have an endpoint firewall that is used with our other product lines -- Not within Central. From Central you can see what network it is on, see if it's managed by Group Policy & what it's last active profile was. It should be located at the bottom of the computer summary window. I appreciate it's not proper management but it's what we do provide right now, we suggest managing Windows firewall via group policy at the present and use us to see the status of it. The screenshot below shows you what I mean as far as the status on what we report on.

    Apart from that, the only thing I can recommend is going to https://ideas.sophos.com & give it a shout there. :)

Unfiltered HTML