Hi,
are Users that are using WAF Function of XG affected? Or are just customers affected that have enabled administration and/or User Portal on WAN?
Regards
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hi,
are Users that are using WAF Function of XG affected? Or are just customers affected that have enabled administration and/or User Portal on WAN?
Regards
Hi Dwayne,
The attack affected systems configured with either the administration (HTTPS service) or the User Portal exposed on the WAN zone.
This is covered in the KBA (https://community.sophos.com/kb/en-us/135412). It explains how to identify if your XG Firewalls have been affected and the recommended next steps.
Regards,
After analyzing the components and intent of the attack, Sophos published a SophosLabs Uncut article, “Asnarok” Trojan targets firewalls, to share its current understanding of the malware.