This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to monitor MAC firewalls from Sophos Central

Hi 

I want to manage ( monitor & enforce ) MAC OS native firewalls on the MAC machines that are being managed by Sophos Endpoint Protection and Sophos Mobile. 

How can I do this ?  I want to at-least monitor whether the native MAC firewall is turned on

Thanks for the kind help in this regards in advance. 

rehan



This thread was automatically locked due to age.
Parents Reply Children
  • thanks Yashraj - have a good day

  • Hi

    I have enabled the firewall natively in MAC by going to System Preferences -> Security & Privacy ( and also disabled all incoming connections). However in the "Device properties" under "Devices", UI in the Sopho Moblie UI, "FirewallEnabled" property is set to "0" instead of "1". 

    Please let me know why is there a discrepancy on the status of the firewall as being reported under Sophos Mobile

    Thanks and kind regards

    rehan

  • Hi  

    I tried to reproduce the issue with my account and Mac device. In my test policy for my Mac device (I named it "Test Mac OS Device Policy"), I have disabled the firewall and allowed Sophos Kernel extensions. Checking the device properties on Sophos Central, I can see that the firewall has been disabled. 

    I went on to the device and noticed that even after unlocking the settings for the firewall, I cannot enable it natively and is grayed out. The policy which I received shows that the firewall option is set to disable. This means that once the policy is received on the device and is implemented, settings cannot be changed by the user natively.

    Now, when you manually enabled the firewall on your device before Sophos Mobile could do it for you, it might have left it in a broken state. Sophos Mobile tried to enable it for you but it was already enabled and hence the command could not be successfully executed on the device. This might be a reason why it still shows the outdated information in device properties. 

    Thanks,
    Yashraj Singha
    Manager | Global Community Support
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids