Hi Sophos Community, 

We've updated Firewall Reporting in Central with a new Security Posture Assessment report. This is not so much a new report, as it is an interesting new way to use firewall reporting. The SPA report offers a customizable package of multiple reports, combined into a single package, making it easy to share a single report package to a manager that highlights firewall protection activity, and user behaviors.  Users familiar with the Executive Report from UTM9 will appreciate the new SPA report available today, and more enhancements coming soon. 

SPA Report Config


Simpler delivery

  • Group reports into single package
  • One report file to review or share

Purposefully Focused

  • Highlight firewall protection activities
  • Reveal web and application activity risks

Inventory and Status

  • New firewall inventory report
  • Keep up with firewall status, HA events, license usage in one table

Conversation starters

  • Minimized branding (compared to SFOS on-box Executive, or SAR reports)
  • New Sankey visualization for threat activity
  • Limit to Top-X items (configurable, top 10, 25, 50, or 100 items)


Firewalls must be configured to use Central firewall reporting, and should have either an Xstream license bundle, or be assigned a CFR-Advanced license for the SPA report to be scheduled.