We'd love to hear about it! Click here to go to the product suggestion community
is there a reliable statement for the URL's or IPs needed by the endpoint to make Heartbeat work?
I Need this because in a project there is no default route to the internet, Sophos allowed.
Here is the KB regarding which domains and ports are required for this communication.
Below is a screen capture of the default web exception on the Sophos XG for Sophos Services.
I hope this helps, please keep me updated.
In reply to FloSupport:
Good morning Flo,
thank you so much.
I knew that there was an entry but now it's confirmed. :)
So these exeptions are for "Live Connect" this means not only "Hearbeat"?
In reply to Mr.Roboto:
That is correct, those domains listed are used by the endpoint to communicate it's health (and other information) as part of the Heartbeat function.
And a last question:
Heartbeat still requires a non proxied connection to the Sophos servers, right?
I know that there is a option for enable proxy setting in central.
It is possible to utilize a proxy, take a look at this KB: How to allow Sophos Central Managed Endpoint, UTM Managed Endpoint, and Sophos Home to use proxy server settings
I'll try this in lab. In the last try it seems to work only if the following is given:
If the client has no route to the internet and can't resolve the DNS names, it will not work - so in my last try in the lab.
All of the other stuff of the endpoint software runs over the proxy without any issue.
Thanks for sharing that info! Please don't hesitate to reach out to me if your run into any further issues.
So, meanwhile I could test the hint of DomeP.Thus, a routing and a firewall rule is required which allows the following direct communication from the endpoint to: 22.214.171.124 on port 8347
Works and is now operated like this.