We're a Sophos partner trying to rollout XGS firewalls with Sophos APX broadcasters but hit a major issue where our orders for broadcasters are grinding to a halt. the APX 530 and APX 740 are out of stock according to Sophos with NO ETA.
Nice one Sophos, you make XGS 18.5 no longer support older broadcasters, forcing customers to upgrade and then you cant even supply them or even give an ETA.
I've esculated this within Sophos but everyone is giving us "there's no ETA."
So I'm hoping posting this will raise awareness and someone with common sense at Sophos will actually realise how much of a problem this is to partners and feedback so XGS can programmed to support older broadcasters for the time being. At the moment we're sat on multiple deployments and unable to go anywhere.
Why not using Central Wireless? All Access Points are supported there. No need to use the Wireless Controller on SFOS/UTM at all.
So actually there is a solution to this approach, it is Central Wireless…
Thank you very much for spending the time to reply on this, I cannot understand why Sophos haven't been pushing this as a solution?
Im gonna have to have a dig around now for our old AP55c and hook that up to Central Wireless, see what I can do with it.
Presume it wont work if the AP is on a RED though? I did have a very quick google on this and one thing it states is APs cant be on VLANs to register with Sophos Central.
Sure this will work as well.
As long as the AP can reach Central, it will work. If this is a RED with a tunnel or a ISP router does not matter.
Sophos Central management of WAP's is nice, but it's unfortunate there is no way to disconnect an endpoint from an SSID.
We experienced a infected endpoint on a client WiFi network recently, but Sophos provides no way for us to disconnect it. The only option we had was to disable the SSID. This is quite unfortunate and not a reasonable solution for our clients who provide free WiFi to their customers.
Thats quite a basic feature as well!
The main drive for my customer is to have the clients and firewall in full sync for protection so whilst LuCar Toni solution may not tick all the boxes, its a good start. Just wish Sophos were more customer thinking
You could start a Blacklist of MAC Addresses and simply add the unwanted MAC to the List. This would result in the same "disconnect" behavior.
LuCar Toni where do you manage that list of blacklisted MAC addresses?
Directly in the SSIDs itself.