Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

Hi Community,

The latest maintenance release (MR16) for SFOS v17.5 is now available!

Important Issues Resolved in v17.5 MR16

  • NC-59149 [API Framework] CSC hangs as all 16 workers remains busy
  • NC-59709 [Authentication] SSL-VPN RA authentication fails sometimes
  • NC-62902 [Authentication, Backup-Restore] Unable to upload the back-up from 17.5 MR12 to 17.5 MR14
  • NC-70345 [CM (Join to Cloud)] Backup is not getting generated from Sophos Central
  • NC-69683 [CROS to SFOS Migration] Migration issues from CR to XG
  • NC-72109 [Email] Quarantine digest configuration changes can be saved.
  • NC-63083 [Firewall] Appliance goes into Failsafe Mode after Migration from 17.5 MR12 to 18.0 MR1
  • NC-63772 [Firewall] Policy test for firewall not showing correct results.
  • NC-64820 [Firewall] Awarrenhttp proxy is used to block inbound connections on port 443
  • NC-53059 [HA] HA active-active load balancing interrupts remote printing
  • NC-63005 [IPsec] Few subnet not coming up after IPsec failback
  • NC-63136 [RED] RED reload on every RED device
  • NC-64010 [RED] Alert message say beta firmware enabled
  • NC-64045 [RED] Transparent Split and 3G Failover should not be possible to configure in case the RED was already configured
  • NC-59082 [Reporting] Switching from Policy Tester tab to logviewer tab creates problem
  • NC-63560 [Reporting] crreport service show as dead
  • NC-66024 [Reporting] Blocked web Report does not show for Month of OCT 2020
  • NC-71421 [Reporting] Scheduled reports won't be sent (Applicable for v17.5 Cyberoam Box)
  • NC-62804 [SecurityHeartbeat] Registration to central security heartbeat does not work via upstream proxy
  • NC-64082 [SFM-SCFM] /content partition full when SFM config/Communication errors
  • NC-66568 [SNMP] SNMP shows incorrect information for License Details in v17
  • NC-67921 [SSLVPN] SSLVPN Disconnects but still showing as connected
  • NC-62682 [Static Routing] Netherlands is shown in 2 Country groups
  • NC-60856 [UI Framework] Upgraded jQuery version to 2.2.4
  • NC-62813 [UI Framework] When "Enable Login Disclaimer" is enabled, auto provisioning of SSL VPN policy fails for the admin user(s)
  • NC-64758 [UI Framework] User logs out from user portal when click on "Install" under "Configuration for IPsec VPN client for Apple iOS"
  • NC-64984 [UI Framework] Page loading issue when refreshing the packet capture page with wrap buffer on
  • NC-58047 [Web] Captive portal users don't logout in Chrome browser
  • NC-66028 [WWAN] USB doesn't connect after upgrade from v17.5 MR12 to v17.5 MR14/v18

Upgrade as soon as possible

XG Firewall v17.5 MR16 is an easy and fully supported upgrade from older XG Firewall v17.5 releases. You can also upgrade from v17.5 MR16 to v18 MR5 with full configuration migration supported . Please refer to the upgrade matrix for more details.

While we always encourage you to keep your firewalls up to date with the latest firmware, over the next few months we are recommending you rapidly apply maintenance releases to ensure you have all the important security enhancements applied as soon as possible. Also ensure you have automatic pattern updates enabled so that you can be assured you have the latest protection updates.

How to get it

As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through the Licensing Portal.  Please refer to the documentation for more information on how to apply firmware updates.