The May update for Central Firewall Management is now available. 


  • Enhanced Zero-Touch Firewall Deployment - XGS Firewalls running v20 MR1 and newer may be proactively registered to Sophos Central without using a USB token to enable registration
  • Device Access ACL enhancements - Support new ACL options available in SFOS V20 MR1

New Zero Touch Firewall Deployment from Sophos Central:

Now you can pre-define, deploy, and then finish the configuration of your remote firewalls without having to do anything on-site other than plug it in.   A USB device is no longer required!

Here’s how it works:

  1. Enter the device serial number in Sophos Central
  2. Preconfigure some essential settings in Sophos Central such as time zone, LAN, WAN and DHCP settings, and initial protection preferences
  3. Deploy the firewall at the remote location by connecting power and WAN cables – and power it on. The Firewall will automatically connect to Sophos Central at start-up and then download and apply the configuration from Step 2.
  4. You can now manage the firewall and finish the setup in Sophos Central

Consult the full documentation for details.

Device Access ACL improvements

SFOS v20 added new options to the Local Service ACL which may now be managed from Sophos Central group policies.

Issue(s) Resolved

  • NR-12699 - resolved issue where immediate schedule of  SPA report may not generate in some regions