Hi XG Community!
We've finished SFOS v16.05.8 MR8. This release is available from within your device for all SFOS v16.05 installations as of now.
The release is available to all SFOS version via MySophos portal.
NOTE: The upgrade from SFOS v16.05.8 MR8 to v17.0 Beta is currently not supported.
You can find the firmware for your appliance from in MySophos portal.
Talex, finally users have release notes directly from the XG. Good job!
Has anyone tested the solution within STAS ?
We're running on a patched MR7 for authentication issues. It would be good to hear if anyone can confirm that auth issues have truly been resolved. This plus the "drop packet learning mode" caused havoc and this was a new purchase, so we just thought that this is the way it ran. Four different support people and not one mentioned the "drop packet learning mode" that is set to 2 minutes by default. It was the third who finally found that we were using STAS and I found the learning mode document when reading about STAS. Our support person said that he didn't even know that the FW functioned this way. I'll install the MR8 at home, but I'm holding off on our production unit.
Mark J, the same thing happened to us! We tweaked it down to 20 seconds using the CLI and users get a better experience, but not perfect. I'd love to know if this has finally been addressed!
After the initial panic that did not work anything .. I had to remove the Collector's IP in Authentiation-> STAS-> Collector and re-insert it. Now it seems to work fine. I keep you up to date
DaveHamer, we're set to 21 seconds, due to the documentation stating that anything under 20 could interrupt the authentication process. They need to allow the FW admin choose how to handle un-authenticated users during the auth process. Flat out dropping packets is a really poor way to handle it. Another user PMed me and stated that he's set to 1 second. I asked him to let me know how that's been working. He's been working with Sophos support as well and they never patched his XG. He's just been dealing with the drops. I was 1 day away from shipping mine back, it's a tad pricey to not have it work for the first 2.5 months. I guess I didn't realize hat we were paying to participate in a beta program. Right now, things are working well, but I don't have much confidence in the product or the support due to the "out of the box" experience. I will say that the person I've been working with recently has been good and he's been up front about the issues. Prior to him, they tried to blame the issues we were having on everything but their product. Random auth drops + 2 minutes of dropped packets each time = a really bad experience for all users. Hopefully things will move in the right direction from here.
we have some customers on MR7 with patched auth and some others not.
Do I have to expect a different behavior between them?
did anybody update MR8? any issues?
Downloaded and installed MR8 without issues, my installation is simple other than having 4 WAN's.
Starting from MR6 (but could be earlier). I have noticed an improved management of WAN's, to the point that it looks more like bonding than simple round robin.
For instance, I have been able to get 50+ Mbps from two 30 Mbps WAN's (only during low traffic periods): impressive.
Previously, I had skipped MR7 based on issues by others.
WARNING: THIS UPDATE WILL BREAK YOUR CONNECTION TO CENTRAL FIREWALL MANAGER
Where can I find the HW installer? The portal still only has the MR7 installer. I need to re-image a new SG230 Rev2 device.
Hi Bart Hunik, the website is updated and the installer files are available for MR8.