Hi Sophos Community, 

I'm pleased to announce the release of a Python SDK for the SFOS firewall APIs.This SDK wraps the XML API in an easy-to-use component, that removes the biggest challenges in using the firewall's API to automate configuration tasks.


The SDK has been published on PyPi, making installation and use as easy as:

pip install sophosfirewall-python


Once installed, it becomes incredibly easy to access a firewall via script:

from sophosfirewall_python.firewallapi import SophosFirewall

sfos = SophosFirewall(
    username = FIREWALL_USERNAME,
    password = FIREWALL_PASSWORD,
    hostname = FIREWALL_HOST_OR_IP,
    port = FIREWALL_PORT,
    verify = True

From there, you can test if your stored credentials are valid:

    response = sfos.login()
    print(f"Success! {response}")
except SophosFirewallAuthFailure as e:
    print(f"Authentication error: {e}")

Exploring and editing configuration

List firewall rules:
response = sfos.get_fw_rule()
rules = response["Response"]["FirewallRule"]
for rule in rules:
    print(f"{rule['Name']} Details: {rule}")
Create hosts:
response = sfos.create_ip_host(name="test-host", ip_address="")

This is just to name just a few options. You can find more examples and documentation here:

Welcome to sophosfirewall-python’s documentation! — sophosfirewall-python 0.0.1 documentation

The SDK fully open-source, and you can find it published on Github here:

GitHub - sophos/sophos-firewall-sdk: Python module for working with Sophos Firewall API

How will you use this? what projects does this unlock for you? Let us know how you plan to use this tool!

Happy coding!

  • Thanks for the quick response! It's good to know that while XML might be in the mix now, a JSON/REST API could be on the horizon for Sophos Firewall OS. I'll certainly take a look at the SDK and how it might ease the pain of having to deal with "Enterprise JSON" ;)


  • XML vs JSON is a valid debate, but you won't find anyone here arguing for XML. If the API were being built from scratch today, it would be a fully JSON/REST based API as we use in other products. I expect we'll add a REST API on SFOS sooner or later. In the mean-time, this SDK hides all the XML, and outputs JSON representations of the firewall objects. 

  • I'm intrigued by the preference for XML over JSON in Sophos Firewall OS, particularly given the prevalent industry adoption of JSON, as seen in Sophos Central. The challenges highlighted by this SDK underscore the complexities associated with working on the sfos firewall. Simplifying the API could potentially alleviate these issues and enhance the overall developer experience.