We're excited to announce that we've just released Sophos UTM 9.501 on AWS. Along with all the great functionality introduced in Sophos UTM 9.5, we've added three new features specifically designed for our customers in AWS. The new features are the AWS Management Menu, S3 Polling, and Security Group Management.
AWS Management Menu
We've released a lot of features for customers using UTM in AWS, including our Outbound Gateway, Conversion Utility, and CloudFormation templates. To make UI navigation simpler, we've introduced a new menu where you can find all AWS specific features and get easy access to tools and documentation for using UTM in AWS. The new menu, called AWS Management, provides quick links to our GitHub repository, Chef recipes, AWS documentation, and menus for AWS specific features. Check out the new menu and you might learn about some things UTM can do in AWS that you didn't know about.
In previous releases, Sophos UTM Auto Scaling used SNS to notify UTM Workers of configuration changes. The use of SNS created security concerns for some of our customers as they had to open up ports for SNS notifications. Now with Sophos UTM 9.501 on AWS, the UTM Workers poll S3 at frequent intervals to see if there are any configuration changes. If the UTM Workers have detected a configuration change, they will poll down the new configuration from S3 and apply any changes. Customers no longer need to open ports for SNS notifications, and our CloudFormation templates have been updated to remove SNS completely.
Security Group Management
Security Groups provide a basic layer of security by allowing access to EC2 instances based on IP addresses and ports. Many of our customers use Security Groups by only allowing specific ports access to their EC2 instances and then use UTM to inspect application traffic. However, other customers completely disable Security Groups and use UTM to control both port access and application inspection. To accommodate both use cases, we’ve introduced a new feature called Security Group Management. Security Group Management allows customers to choose if they would like UTM to overwrite Security Groups and control all ports/IP access to EC2 instances hosting UTM software or if they would like to control Security Groups directly from the AWS Management console. You’ll find the new feature under AWS Management > AWS Settings > Security Groups.
Sophos UTM 9.501 also includes Bug fixes in the following general releases:
Sophos UTM 9.501 on AWS has three known issues that will be addressed in later releases:
You can update to UTM 9.501 by running up2date for UTM Stand Alone or by updating your CloudFormation stacks for UTM High Availability and Auto Scaling. Let us know what you think about our new release by posting to our user community forums.