Sophos Wireless provides a simple, effective way to manage and secure your wireless networks. When using our Security Heartbeat™ enabled APX Series access points, you can monitor the health status of any Sophos Central managed endpoint or mobile device and so automatically restrict web access on trusted Wi-Fi networks to prevent lateral movement. This, combined with our enhanced rogue AP detection, gives you superior visibility to help discover threats at the earliest possible moment.
Sophos Wireless is easy to setup and deploys as part of your Sophos Central portfolio of cloud-managed security solutions.
The v2.0.0-8 release of Sophos Wireless adds some exciting new features and enhancements to the existing features.
APX Series Access Points (Next-generation indoor access points):
Synchronized Security with Endpoint and Mobile*
Image: Synchronized Security is enabled by SSID
Enhanced Rogue AP Detection
Image: The dashboard now has an overview of neighbouring networks under the Threats tab
Other Enhancements
Image: Security Heartbeat tab on the dashboard showing a device at risk (red heartbeat)
Image: Security Heartbeat tab on the dashboard showing a device with a 'missing heartbeat' (indicates the device previously had a heartbeat)
Image: The client overview allows you to filter the view by Security Heartbeat enabled devices
Open/Known issues in the v2.0 release (will be fixed in a subsequent major releases or MR):
Issue key
Summary
CWIFI-9228
Generate new password will send email twice to the configured address with the same info
CWIFI-7643
Captive portal will not work with the combination of Guest network and VLAN
CWIFI-9216
Client Vendor filter not working as expected when more than 8 characters are used to filter
CWIFI-9080
Clients are unable to access the internet when static vlan is changed in Guest NAT SSID
CWIFI-8958
AP Name and Serial Number Overlap on Access Points Page when AP's name is longer.
CWIFI-8821
Apply Button does not work for Voucher End Duration Configuration
CWIFI-9101
SSID(Network) information is not properly displayed for about 5 minutes under clients page
CWIFI-9198
If the MacOS has Mobile SMC and Endpoint, the status keep toggling if one of them has RED status
CWIFI-9048
Sync Security with Dynamic VLAN configurable when we use WPA2-Enterprise as the Encryption Mode
CWIFI-8657
Discrepancy between APX320 and APX530/740 in LED behavior during hard reset
CWIFI-7336
DHCP client on the AP needs to be restarted if the AP is not reachable to the gateway
CWIFI-7301
Duplicate SSID name should not be allowed
CWIFI-8914
APX320 reboots after band change of radio-0 from 2.4 to 5Ghz and vice versa
CWIFI-7591
Users must re-enter Captive Portal password after roaming event
List of issues fixed between v1.16 and v2.0.0-8.
CWIFI-9243
APs not loading and existing SSIDs not editable or cannot create new one when channel list is sent as empty
CWIFI-9235
Deregistering AP/APX does not wipe out config
CWIFI-9223
Splash Page orientation does not work correctly for iOS devices
CWIFI-9222
No beacon is seen after removing non-root AP
CWIFI-9206
The health status text on Dashboard and client page is different
CWIFI-9202
'diagd' not working on Signed APX320
CWIFI-9200
If band steering is enabled, the newly added allowed Mac list is overriding the existing list instead of appending it
CWIFI-9197
Cleanup log messages in Synchronized Security
CWIFI-9195
If multiple SSIDs are assigned to the AP from Access Point page, the UI throws both Success and Failure error
CWIFI-9185
idle time not updating for APX530
CWIFI-9175
For AP15C Radio Channel Configs(like width & Auto channel) is not working as expected
CWIFI-9169
Partner reporting duplicate open and secured SSIDs on all APs after upgrade to 1.16
CWIFI-9142
Hostnames from clients are intermixed
CWIFI-9104
The checkbox for Heartbeat filter shows wrong data when feature is disabled
CWIFI-9095
Iptables rules for Endpoint magic IP doesn't get installed after reboot
CWIFI-9094
Unknown fingerprint error when Endpoint connects to Sync Security SSID
CWIFI-9089
BSSID_IMPERSONATE and EVIL_TWIN classification functionality in Rogue AP is not working
CWIFI-9087
Threat dashboard is not as same as the one under the sites
CWIFI-9086
AP workload status is not shown for BLR Dogfooding APs even though many clients connected to it
CWIFI-9071
The checkbox for filtering the Heartbeat enabled client should not show unmanaged client
CWIFI-9070
In Alert Description HTML Anchor tag code is showing in Wireless Alert Page
CWIFI-9055
AP100: "Unhandled kernel unaligned access" observed while config (3 ssid with open/wpa2-psk/wpa2-eap) pushed from cloud & AP is already with two clients and TCP data is going between them before the config push
CWIFI-9053
UI Review Feedback: Before v2.0
CWIFI-9009
SMC App not able to communicate with cloud and resolve the related hostname resulting in failed synchronization
CWIFI-9008
Bulk Provisioning - CSV upload is failing on Windows OS
CWIFI-9003
Change in Health Status of clients not getting updated in cloud sometimes
CWIFI-8993
APX320 continuously rebooting when the band changed from 2.4GHz to 5GHz on Radio0 and vice versa
CWIFI-8992
Slider control for scheduling settings for network availability is not working
CWIFI-8990
APX320: Need a message for user to disable allow mesh for one of the radio
CWIFI-8981
Existing SSIDs are not pushed to AP if assigned from SSID page in QA environment
CWIFI-8980
Images are not loading at "Register Access Point Model"
CWIFI-8978
APX320: client connected to mesh AP could not browse internet if ssid configured 2.4Ghz & 5 Ghz radio and guest-NAT
CWIFI-8965
Ceiling value of Usage insight graph is not correct
CWIFI-8964
The inline help for Yellow status of Sync Security in SSID page should be in Yellow similar to other status
CWIFI-8954
Retry button appears for Registered AP
CWIFI-8953
Stale/Already Registered AP Entries displayed on On-boarding Wizard
CWIFI-8952
Info on Bulk Provision Button is wrong.
CWIFI-8951
Upload CSV option is not disabled when registration is in progress
CWIFI-8950
Bulk Edit Hostname Page does not Auto Close
CWIFI-8949
The casing of the Health status in the client page needs to be corrected
CWIFI-8941
[ALPHA_IMAGE] Firmware version is coming as hash code for APX model
CWIFI-8940
[ALPHA_IMAGE] Radio 0 is not working as expected on 5GHz in APX320
CWIFI-8939
APX: Mesh config is not shown in /etc/config/wireless
CWIFI-8937
The data on the clients page and the Sync Sec Dashboard are not in sync
CWIFI-8926
Health status should have some text instead of Red/Green/Yellow in the client statistics
CWIFI-8924
Not able to assign Sync Security SSID to the Access Point
CWIFI-8923
Floor Plan Upload is getting Stuck
CWIFI-8922
UI shows AP state "Updating" continuously
CWIFI-8921
UI inline help for Sync Sec should have Wireless instead of firewall and it has to be in bold like endpoint text
CWIFI-8913
SSID is not broadcasted on AP when user configures 32 Byte characters SSID
CWIFI-8822
APX740: Failed to upgrade from MP2.0 build (FW version 2.0.2.0-1) to v2.0.0-1 using production cloud
Apply Button Does not work for Voucher End Duration Configuration
CWIFI-8802
Change default wifi logging URL
CWIFI-8798
synchronous_sec process does not restart by itself when killed
CWIFI-8791
Change the filter label from "all" to "Show All Networks"
CWIFI-8790
Change the label from Neighbour SSID to Neighborhood Networks
CWIFI-8789
The "details" link in the Threat Dashboard leads to AP page instead of sites
CWIFI-8788
Rogue classifications color needs to be changed
CWIFI-8787
The option to upload of csv file is not aligned with the mockup
CWIFI-8786
Bulk upload label should not be in the all upper case
CWIFI-8763
CWIFI-8761
sophosxl.[com|net], sophosupd.[com|net] and mojave.net domains blocked while device is in Non-Compliant State
CWIFI-8750
Channel is not listed correctly in cloud after RADAR trigger
CWIFI-8742
uhttpd process is not running and hence not able to redirect
CWIFI-8740
Clients are not getting IP address when a static vlan is removed from SSID config
CWIFI-8739
Sometimes the status doesn't change from Green to Red unless user reconnects the wifi
CWIFI-8738
The AP should whitelist the smc connection when it becomes uncomplaint
CWIFI-8735
On-boarding wizard does not open when a new user clicks on wireless in popup screen
CWIFI-8734
Warning message not seen when user selects the 40Mhz option for 2.4Ghz.
CWIFI-8726
Threat tab works only when user click the "Threat" text unlike AP tab
CWIFI-8725
Keep BSSID in upper case in custom classification dropdown
CWIFI-8720
Threats Dashboard data and sites data are not in sync
CWIFI-8716
Sometimes the APX320 beacons in 5Ghz & 5Ghz mode just after registration even though config is in 2.4Ghz
CWIFI-8714
The APX320 is not reporting the neighbourhood SSIDs when both radios are in 5Ghz
CWIFI-8710
APX530: Mesh network is not getting formed on both radios 2.4/5G
CWIFI-8678
Sanctioned should be displayed as green and unsanctioned as blue
CWIFI-8676
Since there is no "show all" filter, user cannot see all Neighborhood networks
CWIFI-8653
Cosmetic Changes Needed
CWIFI-8651
Hostname and SSID Column Overlap on Summary Page
CWIFI-8650
AP and Hostname not getting displayed on Summary Page
CWIFI-8645
Incorrect Registration Status
CWIFI-8644
Register Button Does not work as Expected At Times
CWIFI-8635
APX530: Eth1 link details speed/duplex are shown incorrect
CWIFI-8634
Clients are not getting IP address when a static vlan SSID is edited with Guest NAT.
CWIFI-8633
Unable to configure the band to 5GHz until we disable the "allow mesh" in APX320
CWIFI-8602
UI shows same channel options for both 5GHz radios in APX320
CWIFI-8601
The TA was not able to find the build 1.16
CWIFI-8573
APX:Captive portal with backend authentication is not working
CWIFI-8568
APX530: Kernel Panic with modules linked "pcf ipt_MASQUERADE ip_set_hash_ip xt_mac xt_set"
CWIFI-8564
APU is not working for APX models
CWIFI-8518
APX530: Continuos kernel panic after the system idle for 2 days
CWIFI-8496
APX320 : Not able to set wifi0 to 5 GHZ
CWIFI-8484
Usage insight feature is not working on APX platforms
CWIFI-8478
APX530: udp uplink data rate is quite less
CWIFI-8421
Sometimes search by hostname doesn't work
CWIFI-8381
Finish WifiConfiguration migration (Remove dead code)
CWIFI-8364
change band support of APX320 for MP1.2
CWIFI-8351
Captive Portal redirection page is not loading CSS
CWIFI-8342
Hitting the back button on the browser doesn't work from Sites Tab.
CWIFI-8307
UI allows to create invalid vouchers
CWIFI-8303
"Other" categorisation in Usage Insights are always shown as "Other (1)"
CWIFI-8300
Client details are not updated in cloud (prod/dev/qa) account
CWIFI-8281
DNS and Radio Statistics Data (Unnecessary DB inserts)
CWIFI-8280
Create job to delete the older records from wireless_scan_networks
CWIFI-8253
Multicast to Unicast conversion is not happening in 2.4Ghz for Static VLAN
CWIFI-8250
"Band" is half shown in the client statistics page
CWIFI-7965
UI: Client isolation/Hidden ssid is not allowing to enable when captive portal & static vlan is configured in SSID