Sophos Firewall: v19.0 EAP1: Feedback and experiences

Um what?

Sophos Firmware Version SFOS 19.0.0 EAP1-Build244

Device Management

    1.  Reset to Factory Defaults
    2.  Show Firmware(s)
    3.  Advanced Shell
    4.  Flush Device Reports
    0.  Exit

    Select Menu Number [0-4]: 3

    Advanced shell is not available.

Will we be limited to Device Console for debugging?

Advanced Shell is only available for commercial licenses now.

Home Licenses can't use It anymore.

Hi Lucar!

Good to see "SD-WAN SLA profiles"... it was time!

Good for "Per-Connection Authentication"  but, what will happen to SATC?

I'll do some testing to see the new features! Thanks

P.S.
Will there be integration with Sophos switches within the SFOS 19 later, or will everything be managed by Sophos Central?

SATC is End of Life. Server Protection in Intercept X took over. And this tool will continue to be used. The New feature "Multi Host Authentication" uses the legacy proxy of SFOS and not DPI. So actually this is not the "next generation technology" like Intercept X can utilize. 

Switch will be integrated into Central, not the Firewall. There is no real use case to do it on the firewall to be honest. Simply because the platform of Central is build to manage multiple products, while a firewall is not. 

Can I do  restore of an MR2 backup to add things like web exceptions?

Ian

Restoring v18.5 MR2 backups isn't possible on v19 EAP.

And Import & Export function doesn't work as expected.

Most of the things that should get imported didn't, and even then, I've had some weird issues after It. Such as It didn't import any SSL/TLS Inspection Rules - and didn't show any rules available after it, but if I tried to create a new TLS Inspection Rule with the same name as the old one, the Firewall would give a warning of: "An SSL/TLS Inspection Rule with that name already exists."

The problem here is, how I'm going to delete a Rule that doesn't show in the Web UI?

Upgrade went smoothly: rebooted into 18.5 MR-1, then did the upload and reboot to EAP1.

Web interface seems snappier. I like the reorganization, makes a lot of sense.

I WISH I had multiple gateways, but I'm able to use SDWAN monitoring to get some idea of jitter. (Not sure what's behind the calculation and whether, in the long run, it will give me something to indicate when any VOIP problems might be due to ISP or general internet jitter issues.)

It seems to currently be confused about how many firewall rules are "unused". The control center indicates 14 of 14 rules "unused", but I can look and see traffic on at least half of them. Going into Firewall Rules and using a filter confirms this: all the rules show up as unused.

I like the way things are going from 18 to 18.5 and now to 19.

.... OK but If customer hasn't Sophos Endpoint protection? I have to go through Legacy Proxy.

in SD-WAN SLA profiles can not see SLA based on bandwidth ...

The good news is that EAP came out so soon after MR2 that I personally hadn't had time to change much. (I screen-captured my last few Web Exceptions just in case, but they weren't new.)

The used rule count can take up to 24 hours to update.

Ian