【server protection】Intranet servers are not allowed to access the Internet, how sophos central delivers policies and soft version updates?

Hi team,

Our customer's intranet has dozens of Windows servers. According to the requirements of the security department, the intranet servers are not allowed to access the Internet. So, I would like to know how sophos central  delivers policies and updates to them?

Can we deploy a server on the intranet as a proxy, communicate with sophos central through the proxy server, and act as an agent between the real server and sophos central to solve this problem?



Added Tags
[edited by: Gladys at 2:07 PM (GMT -7) on 27 Jul 2023]
Parents
  • As Qoosh said, the Message Relay and Update Cache feature is what you seek; we did some Government work some time ago with stringent requirements such as your client's, and the solution (in their case) was to implement a special DMZ and place the update/message relay system there, and implement very restrictive firewall rules between each zone to meet their compliance requirements.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • As Qoosh said, the Message Relay and Update Cache feature is what you seek; we did some Government work some time ago with stringent requirements such as your client's, and the solution (in their case) was to implement a special DMZ and place the update/message relay system there, and implement very restrictive firewall rules between each zone to meet their compliance requirements.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data