Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 3921 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect (SSLVPN) and native AzureAD (Entra)

RobB @ SK

Can anyone share a roadmap update for getting native Azure AD (otherwise now known as Entra ID) authentication for Sophos Connect on XG appliances?

The last thread was closed out nearly a year ago:

Azure AD authentication for Sophos Connect - Discussions - Sophos Firewall - Sophos Community

It's getting really infuriating having to maintain some legacy ADDS infrastructure purely for just this one function now; and i'm having to seriously consider moving to a different solution.



This thread was automatically locked due to age.
  • 0

    Two different approaches: 
    First of all you could look into ZTNA as it fully supports Entra ID and gives you the option to move to another approach. You could migrate VPN and WAF to this solution. 

    Entra ID for SSLVPN is still on the roadmap for the next upcoming release (after V20.0). 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    With all due respect, I got similar responses from our then account contact in 2019 and 2020 and 2021 and then again the thread posted last year. It keeps getting kicked down the line of "coming next" and never appears to happen.

    ZTNA could be the better option ultimately, need to see how much money I can coax from the board I suppose!

  • 0 in reply to RobB @ SK

    It is not about getting kicked out but the foundation to build this is now there as well.

    So the timeline was: Azure AD for Webadmin (19.5). Azure AD for Captive Portal (V20.0) and now Sophos is working on Azure AD for SSLVPN. 

    But in the meantime, if you want to look into migrating towards another approach, ZTNA is there already. It is build for to do it with Azure AD from the start. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I hope it gets there, I do. As you might imagine though, after about 3.5 years of being patient, that patience is somewhat exausted.

    I've a call with our account contact scheduled for later today, and we'll see what the jump to ZTNA is going to look like costs wise and go from there.

Unfiltered HTML