The May update for Central Firewall Management is now available. 

Feature(s)

  • Enhanced Zero-Touch Firewall Deployment - XGS Firewalls running v20 MR1 and newer may be proactively registered to Sophos Central without using a USB token to enable registration
  • Device Access ACL enhancements - Support new ACL options available in SFOS V20 MR1

New Zero Touch Firewall Deployment from Sophos Central:

Now you can pre-define, deploy, and then finish the configuration of your remote firewalls without having to do anything on-site other than plug it in.   A USB device is no longer required!

Here’s how it works:

  1. Enter the device serial number in Sophos Central
  2. Preconfigure some essential settings in Sophos Central such as time zone, LAN, WAN and DHCP settings, and initial protection preferences
  3. Deploy the firewall at the remote location by connecting power and WAN cables – and power it on. The Firewall will automatically connect to Sophos Central at start-up and then download and apply the configuration from Step 2.
  4. You can now manage the firewall and finish the setup in Sophos Central

Consult the full documentation for details.

Device Access ACL improvements

SFOS v20 added new options to the Local Service ACL which may now be managed from Sophos Central group policies.

Issue(s) Resolved

  • NR-12699 - resolved issue where immediate schedule of  SPA report may not generate in some regions
Parents
  • I thought this would be cool to add a new HA - it's not working.

    next button will always be disabled when adding a second SN. Regardless if I use comma, semicolon, space whatever. As soon as I enter something after the first SN, it's greyed out.


Comment
  • I thought this would be cool to add a new HA - it's not working.

    next button will always be disabled when adding a second SN. Regardless if I use comma, semicolon, space whatever. As soon as I enter something after the first SN, it's greyed out.


Children
  • you can only select one interface, so it's not doing what's written.
    "Let’s setup a protected network. Select the ports where you will connect devices you wish to protect. All selected ports will be bridged together, and traffic will be permitted between them, like a switch."

  • You call that zero touch? Management disabled! Sorry, it looks like nobody ever tested this - a waste of time.

    Even the links are not working.

    SFOS 20.0 MR1 - installed from scratch. just to mention it.