SFOS 15.01.0.398 (MR-1.1) Released

29 Feb 2016

We’ve just released a maintenance release for Sophos XG Firewall. This update contains fixes for a number of issues reported on XG firewall thus far.

News

Maintenance Update

Remarks

System will be rebooted

Bugfixes:

NC-5673 - Improve system behavior when loading new patterns
NC-4708 - Improvements to stability of web content filter lookus
NC-5858 - Support newest tlds in custom category creation
NC-5771 - Resolve high memory usage by SMTP filter
NC-6003 - Resolve AV reloading after update when no subscriptions present
NC-4826 - Remove "upgrade Type" option on new VW installs
NC-5001 - Correct cosmetic error in notification following license upgrade
NC-5138 - Correct display problem in user objects
NC-5657 - Resolve condition preventing hotfixes from installing under certain circumstances
NC-5661 - Improve license communication
NC-3951 - Ensure pattern update progress is shown during update
NC-5942 - Improve device activation communication reliability
NC-5960 - Improve pattern update service to prevent unnecessary failure retries
NC-5754 - Allow EULA acceptance on Console
NC-4842 - Clearly indicate subscription evaluations on licensing screen
NC-5703 - Correct Certificate Authority update issue, during CR migration
NC-5478 - Fix IPv6 incorrectly blocking valid gateway address as broadcast
NC-4543 - Allow wlan interface to be used in static and multicast routing
NC-5098 - DHCP Security Update
NC-4535 - Ensure Masquerading on by default when necessary, when creating firewall rules
NC-5066 - Resolve IU issue where popup notification not closing after adding an IP Host to the Local Service ACL Exception Rule
NC-5756 - Improvements to licensing calculations
NC-5503 - HA reliability improvements
NC-5698 - Web proxy stability improvements
NC-5778 - DNS config change handling improvements
NC-5834 - AV scanning reliability improvements
NC-5837 - Improve handling of Netflix and other streaming media
NC-5648 - Improve system performance when a high volume of APs are connected
NC-5587 - Correct error where Business policy for Email server (SMTP) showing wrong pre-configured ports
NC-4776 - Localization improvements and fixes
NCCC-1600 - Fix issue where order of user groups set in SFM may not be properly reflected in XG
LOC-319 - Localization improvements and fixes
NC-5529 - Improve Heartbeat authentication
NC-6136 - Telemetry reliability improvements
NC-6380 - Improve IPS session timeout handling behavior
NC-6515 - Improve SSH device host key generation
NC-6422 - Heartbeat device registration improvement
NC-6975 - Correct issue where admins are not able to download SATC Agent (Sophos Authentication Thin Client v2.0.6.0) from Authentication client and user portal
NC-5919 - Improve display of failed up2date attempts in the ui

Updating your Firmware

Note: There's a convenient "How-to" video covering firmware updates and roll-backs (also embedded below).

Sophos Up2Date technology makes it easy to update your Sophos XG Firewall to the latest version.

In most cases, a notification will automatically appear in the Control Center of your Firewall, indicating a firmware update is available. Simply click through to the Firmware update screen or navigate to System > Administration > Firmware and click the “Download” option next to the available firmware update followed by “Install" to begin the update process. The system will reboot during the update process, so plan your update accordingly.

If the update does not automatically appear, you can use the “Check for new Firmware” option to force a check for new firmware updates.

Alternatively, download the firmware update files manually from MySophos. Firmware file sizes and signatures will be different for different appliance types. The correct reference values for your installations will be shown at the link above. Then in your XG Firewall, navigate to System > Administration > Firmware and click the “Upload Firmware” icon in the empty firmware slot below your existing version in the firmware table. Select the firmware file and click “Upload & Boot” to apply the update.

Rolling-back to a Previous Firmware

Whenever a firmware update is applied, the previous firmware version is preserved enabling you to roll back at any time. To do so, navigate to System > Administration > Firmware and identify the previous firmware version in the table at the top of the screen. Click the "Boot Firmware Image” icon in the table to restore that firmware version and reboot the device. Note that any configuration changes made between the upgrade, and rollback, will be lost.

Providing Feedback

Please provide feedback and discuss this release or other aspects of the product with fellow community members and Sophos staff here on the forums. Please indicate the version you are using to enable everyone to better assist you.

Alan Toews

Technical Product Manager

IanMorehouse over 8 years ago

Will this version be acceptable to the SFM?

Did not fix the inability to handle bad requests eg if you enable IPv6 on the external interface the XG becomes unresponsive to console and users. Need to restart the XG by pwoer cycling to access again. My XG has more than sufficient horsepower not to be locked up.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
RyanHunt over 8 years ago

This release does not fix the issue of not being able to update the default certificate for me.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel