Hi Community contributors,
Starting Sophos Firewall v19, with the addition of many comprehensive logging enhancements in the GUI, and in-line with industry best-practices, access to the Advance Shell is restricted to licensed commercial versions of the product.
Partners and certified architect engineers have an option with Not-for-Resale license to set up labs or customer PoC with unrestricted advanced shell. Also, Sophos Support is able access the Advanced Shell via support access channel. Hence, in case of critical issues, support can still can access it.
Sophos Firewall has been incrementally improved since v18 with comprehensive logging enhancements in the GUI (Better search, filtering, configurations, SD-WAN logs, VPN logs, gateway logs etc). However, we acknowledge that Advance Shell restriction might have created challenges in certain database related configurations, especially for home users.
Please help us understand the specific examples of challenges you face due to this restriction - configurations where GUI and console tools are reaching the limits. We will suggest the possible workaround for the specific scenario. We will also plan and gradually improve the product for those scenario.
Sincerely,
Sophos Firewall Product Team
Due to your passionate feedback, we are adding the Advanced Shell access back into SFOS v19 GA.
We greatly appreciate your feedback and are listening. Thank you very much for all these specific examples of challenges.
Please be aware that future versions of the Firewall operating system that include additional security measures may need to revisit this issue, but we will be sure to consider your feedback and use cases to ensure that changes won’t be disruptive and advanced shell access won’t be missed.
Sincerely,Sophos Firewall Product Team
wow fantastic, so to clarify, the advanced shell will be available to home users in v19?
------------------------------------------------
worlds number one free ICMP monitoring platform: https://pinescore.com
Amazing! Thank you.
Yes. Thank you.
well, whoever fought for this internally, thank you. I'm sure you had to fight hard for us
I encourage all of the Partner / Home User to revisit there current home installation base. Sometimes, XG Home is not the best viable option for your current situation.
For example, doing a Proof of Concept should not be done with a XG Home, while it is technically possible.
Doing a test in a partner lab is not a good fit for a XG Home installation, Partners have access to NFR Installation subscriptions.
There came up other scenarios in this matter, which should be addressed, if needed.
Central Firewall Reporting is not available for XG Home, which prevents further testing in this subject.
__________________________________________________________________________________________________________________
Great news ! I'm surprised positivly!Thanks a lot !
Grüße
Olaf Pelzer
"Central Firewall Reporting is not available for XG Home" can you elaborate this? What exactly does not work?
Wow, I expected everything but this!
You cannot license // upgrade to CFR Advanced.
I'm new to Sophos, but in my limited experience they've been quite reasonable and I'm glad I chose them over Fortinet, SonicWall, etc.