Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 40 subscribers
  • Views 1984 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scheduled shutdown and start (no power during night)

Markus Heidemann

Hello Team,

what would you recommend to handle known power loss on a reoccuring schedule?

"Problem" is that this leads to alerts "Firewall has not contacted Sophos Central for the past 5 minutes". (Sophos Central setup)

We have a Sophos firewall on a location which is powered by a Disel power generator. The generator is shut off on a scheduled interval. This leads to a bit of alert fatigue, as it is noisy false positive.

So, if we could shutdown the firewalls of the locations shortly before the loss of power the hope is that this will prevent alert creation, because it is known that the firewall is going offline. This would require the firewall to come back online ASAP, if power is restored. From other vendors I know Bios settings to automatically start a device, if power is connected. So, if the firewall stays shutdown (after shutdown command) and start after loss of power - this would work perfectly for us.

as described in utm-firewall/f/general-discussion/22830/scheduled-reboot shutdown should be possible to be scheduled in the same way.

Current approach is to ~suppress those alerts through alert configuration. As it would be preferred to not have the alerts in the first place we look forward to your suggestions.

Best, Markus



This thread was automatically locked due to age.
  • 0

    hi,

    i think your problem is related to xgs firewall...?

    it is not intended to shut down the firewwall and you will still receive the messages from central.

    but it is definitely better for the system to shut down the firewall cleanly


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Hello Dirk,

    yes, product in use is XGS116w.

    Best, Markus

  • 0 in reply to Markus Heidemann

    hi Markus,

    possible, you get more or better answers, if you repost within "sophos firewall" forum.
    UTM is the "old" sg firewall from sophos.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • +1

    Hello,

    Thank you for contacting Sophos Community!

    We understand your concern. However, currently, we don’t have a feature for the scheduled shutdown. We have added this as a feature request with the ID SFSW-I-1490. This is under the review stage currently.

     We have an option in central to minimize the sending interval or you may turn it off (Turning off is not recommended). You may Navigate to My Product -> Firewall Management -> Alerts Configuration.

    Later, you can customize the alerts based on your requirements from My Products -> General Settings -> Email Alerts. You can create your custom rule and add this into the exception.

    Mayur Makvana
    Technical Account Manager | Global Customer Experience
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Mayur Makvana

    Hello,

    thanks for confirmation that this is currently not possible.

    Can confirm that this workaround works for the alerts of the firewalls. (Alerts for APs and more still show up)

    IMHO power should stay up at all times, but as of now we need to work with what we have ^^.

    Best, Markus

Unfiltered HTML