This week we are rolling out another update to the EAP of Sophos DNS Protection.

Along with further back-end changes to the services to ensure they continue to meet our uptime and responsiveness goals as usage grows, there are some changes you may notice in the Sophos Central UI.

It's not too late to join the EAP and try out this new Sophos protection for yourself - start by registering here.

Dashboard improvements

The dashboard provides a selection of top-level statistics about how the product is working, but often you want to see more details behind those numbers. To make that easier we have now activated the dashboard widgets with drill-down links to reporting.

Clicking on individual metrics in the DNS Protection usage summary section, or on the 'View all' links in any of the Dashboard panels, will take you through to the Logs & Reports page. The linked views will be set up with appropriate filters and date ranges to allow you to quickly see the details behind the top-level dashboard stats.

For example, clicking on the 'Active locations' counter:


Will take you to a report highlighting the DNS traffic counts per location:

We have also improved the DNS query volume chart. We added an option to display the query volume over the past 30 days. In addition to the previous month comparison line, the shaded area on this chart lets you see how your current usage compares to the average daily usage over the month.

In-line creation of domain lists

One great piece of feedback we received was around the use of domain lists in policy. To add a new domain list to a policy in our original implementation, you had to first visit the Domain Lists page to create the list, then go to the Policies page to create or update the policy. Some customers found this frustrating and long-winded, especially if they only realised the need to create a new list after already starting to edit the policy.

In this update, we've added the ability to create a new domain list directly from the policy editing screen. After clicking 'Add list', select 'Add new'.

You'll see the Domain list pop-up appear so you can create your new list. Once saved, it will automatically be added to your policy.

Location IP address alerts

Using a FQDN/hostname from a Dynamic DNS provider to define a location is useful when a location doesn't have a fixed permanent IP address. However, there is a remote chance that a change in your dynamic IP address may clash with an IP address used by another customer, or that some other issue may arise with your Dynamic DNS service.

Similarly, if you enter an IP address directly, there is a small chance that IP address is already in use by another customer as a result of their use of a dynamic DNS FQDN. We check when you enter an IP address that it is not being used directly by any other customer, but we cannot be 100% certain of that with FQDNs.

In this release we have introduced some Sophos Central alert messages that you may see in the unlikely event that there is an issue with a FQDN used in your location definition. There are two possible messages:

  • FQDN IP address resolution problems: This high severity alert will be raised when DNS Protection is unable to resolve the FQDN you have entered to a single usable IP address. Possible causes for this include:
    • There is an outage of your Dynamic DNS provider's servers preventing us from resolving your FQDN.
    • Your FQDN is resolving to more than one IP address at the same time, which may happen if more than one A record exists for your FQDN.
    • The IP address pointed to by your FQDN is not a valid Internet IPv4 address.
  • IP address is conflicting with another customer: This high severity alert will be raised under the following circumstances:
    • If the IP address for your FQDN changes, and the new IP address is already registered as a location in another customer account.
    • If you entered an IP address in a Location directly, but that IP address is already in use by another customer as a result of them using an FQDN