Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Maximum limit for authentication server is 20

Hydro4711

Hello,


i reach out to all of you as we are in a really bad situation. We are hosting several customers with active directorys and we just recently started migrating from UTM to XGS. Today we learned, there is a maximum of 20 servers you are allowed to add as authentication services. UTM didnt have these restrictions. We reached out to the support and there is no solution for this and there wont ever be a change to this limitation due to the fact its not how the majority of Sophos customers use the product.


We already tried using Active Directory trust to try out the possibilities but it didnt work out. Is there anyone maybe in the same boat? How did u solve that? Or is there anyone with an idea how to solve that?


Thanks!



This thread was automatically locked due to age.
  • 0

    So this limitation only affect customers with "a lot of domains". Talking about 20+ domains. Not many customers are really effected to this limitation due the nature of "implementation". Meaning: Per firewall site, there is not that many domains available. Most costumers with 20+ domains have also a lot of sites, which make a domain more or less also a limited to one site. (For example, a customer bought multiple companies but those companies do not integrate with each others, so they do not really need all the domains on one firewall).

    So to speak: i am wondering, what kind of "hosting" you are doing? Can you give us more details about this? Because due the Sophos EULA, a hosting could be not possible: https://www.sophos.com/en-us/legal/sophos-end-user-terms-of-use 

    2.3 Restrictions. Except as specifically permitted in this Agreement, Customer will  not (and will not allow an Affiliate, User, or third party to), directly or indirectly: (a) sublicense, resell, rent, lease, distribute, market, commercialize, or otherwise transfer rights to, or usage of, all or any portion of the Product, or provide the Product on a timesharing, service bureau, or other similar basis; 

    So you are hosting this service of the UTM to sub customers? Because nowadays, you could do this by using SFOS in a MSP Term and per customer one firewall.

    Sub hosting a UTM also has some GDPR concerns, as you mix data between customers. GPDR/DSGVO was not a thing, when many UTM partners implemented there solutions, but nowadays it needs to be re evaluated. 

    __________________________________________________________________________________________________________________

    • +1

      Hi  ,

      Thank you for reaching out to the community,

      This would be a Feature Request (SFSW-I-2297); I'd recommend you reach out to your Account Manager, Sales Engineer, or Sales Representative so that they can enter this request into our system.  You can also log a support case so that our support representative can help link that FR to the account. 

      Additionally, you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.

      Thanks & Regards,
      _______________________________________________________________

      Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

      Log a Support Case | Sophos Service Guide
      Best Practices – Support Case  | Security Advisories 
      Compare Sophos next-gen Firewall | Fortune Favors the prepared
      Sophos Community | Product Documentation | Sophos Techvids | SMS
      If a post solves your question please use the 'Verify Answer' button.

      Unfiltered HTML