Hi XG Community!

We've finished SFOS v16.05.8 MR8. This release is available from within your device for all SFOS v16.05 installations as of now.

The release is available to all SFOS version via MySophos portal.

NOTE: The upgrade from SFOS v16.05.8 MR8 to v17.0 Beta is currently not supported.

Update: The upgrade from SFOS v16.05.8 MR8 to v17.0 RC-1 and v17.0 GA is supported.

Issues Resolved

  • NC-21404 [Authentication] Authentication Agent - getting logged out automatically at random time
  • NC-21538 [Authentication] STAS user login getting failed because access_server is assigning existing liveuserid to new login user
  • NC-19642 [Base System] Apache httpd vulnerabilties (CVE-2017-3169, CVE-2017-7679)
  • NC-19915 [Base System] Add support for newer SG210,SG230,SG310,SG330,SG430,SG450,SG550 and SG650 models in SFOS
  • NC-21583 [Base System] Up2date patterns status is shown as "Failed" in 16.05 MR7
  • NC-22018 [Base System] Openssl update for v16.05
  • NC-22059 [Firewall] SSL decryption should not be enabled by the wizard
  • NC-19646 [IPS] i40e driver version 1.1.23 doesn't work properly with 4x10G ports
  • NC-21712 [IPS] IPS service not starting in v16.05 MR7
  • NC-21566 [Mail Proxy] Inbound emails stopped in legacy mode after upgrade to 16.05 MR-7
  • NC-18875 [Networking] USB devices not reconnecting after reboot
  • NC-20763 [RED] RED15w does not send split DNS traffic over RED tunnel
  • NC-20531 [SecurityHeartbeat] Server certificate expired - all clients will be marked as RED
  • NC-22152 [Web] NTLM channel re-initiated repeatedly on booting the appliance
  • NC-21548 [Wireless] API for Wireless Network Enable/Disable
 
All issues resolved in this release are also addressed in SFOS v17.0.

Downloads

You can find the firmware for your appliance from in MySophos portal.

 
Parents
  • DaveHamer, we're set to 21 seconds, due to the documentation stating that anything under 20 could interrupt the authentication process.  They need to allow the FW admin choose how to handle un-authenticated users during the auth process.  Flat out dropping packets is a really poor way to handle it.  Another user PMed me and stated that he's set to 1 second.  I asked him to let me know how that's been working.  He's been working with Sophos support as well and they never patched his XG.  He's just been dealing with the drops.  I was 1 day away from shipping mine back, it's a tad pricey to not have it work for the first 2.5 months. I guess I didn't realize hat we were paying to participate in a beta program.  Right now, things are working well, but I don't have much confidence in the product or the support due to the "out of the box" experience.  I will say that the person I've been working with recently has been good and he's been up front about the issues.  Prior to him, they tried to blame the issues we were having on everything but their product.  Random auth drops + 2 minutes of dropped packets each time = a really bad experience for all users.  Hopefully things will move in the right direction from here.

    Mark

Comment
  • DaveHamer, we're set to 21 seconds, due to the documentation stating that anything under 20 could interrupt the authentication process.  They need to allow the FW admin choose how to handle un-authenticated users during the auth process.  Flat out dropping packets is a really poor way to handle it.  Another user PMed me and stated that he's set to 1 second.  I asked him to let me know how that's been working.  He's been working with Sophos support as well and they never patched his XG.  He's just been dealing with the drops.  I was 1 day away from shipping mine back, it's a tad pricey to not have it work for the first 2.5 months. I guess I didn't realize hat we were paying to participate in a beta program.  Right now, things are working well, but I don't have much confidence in the product or the support due to the "out of the box" experience.  I will say that the person I've been working with recently has been good and he's been up front about the issues.  Prior to him, they tried to blame the issues we were having on everything but their product.  Random auth drops + 2 minutes of dropped packets each time = a really bad experience for all users.  Hopefully things will move in the right direction from here.

    Mark

Children
No Data