Hi Sophos Community,

I'm excited to announce a major update to the firewall single-sign-on service available today in Sophos Central. This service allows you to access the local user interface of a firewall that is managed by Central, without needing to expose the UI of that firewall over the internet. This has been a staple of firewall management in Central for a long time, and I'm excited to announce a major update to this service, available now in Sophos Central, for all managed firewalls running SFOS v21 and newer.

Features

• Faster connections- initial connectivity from Central will bring you to a responsive webadmin in a fraction of the time!
• Faster navigation - once logged in, navigating through the firewall UI is faster than ever, and should now be comparable to being directly logging into the firewall.
• Tabbed sessions - Firewall management sessions will open in a new tab, allowing you to easily reference other info in your Central account while also managing your firewall
• Multiple firewall sessions - Connect to multiple firewalls at the same time, from the same Central login! Each session opens in a new tab, allowing you to easily compare settings between firewalls
• Legacy support - Firewalls running SFOS v21.0 and newer can be managed from Central with all of the above benefits, while firewalls running older versions will continue to work like they always have. Firewalls supporting the new SSO service will have an icon next to the name in your firewall inventory list, indicating it will open in a new tab when clicked.
• Reduced outbound port requirements - v21 firewalls using the new SSO service, and subject to upstream port restrictions now only require outbound access to Sophos Central on port 443 to be fully managed in Sophos Central. 

Requirements

• One or more firewalls managed in your Central account
• One or more of your managed firewalls upgraded to v21 GA or newer