Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

V18 / STAS - Authentication

Hey guys,

 

Is there a better mechanism in development that STAS in its current form?

95% of my Firewall issues relate to STAS and it deciding not to work as needed. Ideally going back to the UTM style suits me fine rather than reading events.

My laptop users are the worst as they close the lid and bring it to work which doesn't create the logon event needed. iOs / Android is a whole other ball game and any PC not on our domain.

 

I heard Sophos are looking at a better way but I see in V18 STAS remains unchanged.

 

Whats the plans  - anyone aware?



This thread was automatically locked due to age.
Parents
  • Hi  

    As of now, there is no information available on a new feature for the STAS version.

    If you could share details on your issue, we will try to provide the best solution possible.

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Keyur said:
    we will try to provide the best solution possible

     

    Hey Keyer,

    Its more the reliability and complexity of STAS.

    Today I had many users not Authenticating where it worked fine for the past months - a reboot of the XG fixed it.

    My laptop users are always blocked as they dont logon - just open the lids

    iOS users seldom work and as I use Meraki Wireless that uses RADIUS the Sophos does funky things.

     

    Ideally it would have an option similar to UTM with being connected to AD and authenticating this way rather than from an event on the DC.

     

    Cheers

    Sophos XG 450 (SFOS 18.5.1 MR-1)

    Sophos R.E.D 50 x 2

    Always configuring new stuff.....

  • In my opinion, security should not pass for a single vendor: this means that it would be easier to implement a "Sophos agent" to load into the various PCs/Servers instead of relegating authentication to the antivirus endpoint.

Reply Children
No Data