hi guys does anybody here know how to drop this specifique alert im already know the option log and drop but i want to log and drop only this specific alert not all alerts can you please help me

Hi may ask how we can change the default message for each notification We would like to add user connected on the message so we could be notify also on who are connecting to our VPN Tunnel? Thanks,

Hi all, got a lot of messages "*ALERT* Sophos XG Firewall - HTTP virus detected" per mail. Unable to find this information within XG-GUI or Reports ... some hints Thanks, Dirk

Keep receiving Sophos Critical Notification Alerts emails for Intrusion Prevention Alerts We use OpenDNS DNS Host Servers as our primary dns and secondary dns. All these alerts are all outbound traffic from desktop computers to OpenDNS DNS Host Servers…

I keep on receiving 80+ emails per day for Alert ID: 7002 "SERVER-SAMBA Samba Writeable Share Insecure Library Loading". I reviewed these alerts and all these are our users accessing everyday files and folders for their daily works. Our File Share Server…

I have received a number of e-mails purporting to be from my XG. Daily reports, test mail messages, gateways up and down. None of the gateway messages are correctly configured. They started around 1700 and finished around 1930 23/6/2021 I cannot…

I recently came across an internal port scanner that was scanning ports on our Sophos XG firewall. Somehow this scanner got on a server. I was able to find this when I got an alert that there was a failed SSH authentication. There was not an actual authentication…

Hi, yesterday i was getting many alerts from our firewall xg, but I dont know where can I go to see the history of these attakcs, and also it doesnt show me what device is the problem, the "device" it is showing is the firewall itself. Does anybody…

Hi, kann mir jemand verraten, wo ich diese Meldungen deaktivieren kann? Grüße Andreas

Subject: *ALERT* Sophos XG Firewall - Advanced threat protection DROP Alert for XG430 (SFOS 18.0.1 MR-1-Build396) xxxSNxxxxx Device Information: Hostname: xxxxfirewall's-hostnamexxx Management Interface IP: Not configured/Not available Date/Time: 2020…

Hello, I was wondering if XG Firewall had a functionality found on the now old TMG 2010, which was called "Connectivity Verifiers". It is basically a way to monitor a server or service through either ICMP or HTTP 'GET' at certain intervals. As long…

It seems we are getting a false positive intrusion alert in our XG, is there a way to suppress the alert so it won't show up in Reports?

Hello, I get a lot of messages in Sophos Centrol from our Firewall regarding IPSec Tunnels that are shutdown/restablished a couple of times per day. How can these messages be supressed? I looked on the firewall and also in Central. Regards, BeEf

Summary We are using the Sophos XG 450 Firewall last 2 years ,now we have received Alert Message on E-mail that your Sophos XG 450 firewall WAN port is Down. after that we received another message WAN port Up this problem we have facing this problem…

I'm curious about what the best course of action is. One of the XG Firewalls we manage detected an attempt to communicate with a botnet. The policy is set to Log and Drop and the alert itself says "no further action is needed", but why not? I don't think…

I am receiving email alerts daily from my Sophos XG115 hardware device that the Gateway 'DHCP_Port2_GW' is Down. Almost exactly 1 minute later I get another message saying it is back up. The VPN tunnels don't fail during this time and the IP Phones don…

Hi, Is it possible to get the endpoint details like the IP Address of the machine with the e-mail alerts that tried to download the infected file? Thanks.

Hi I am running a number of XGs on v18 latest revision, and they are all reporting VPN down every hour around the time the IKEv2 re-key occurs. The VPNs are all working as expected. This alert is then pushed in to Central and also sent out to all…

Hi everyone I want to know if there is a form that I can to sent alerts of sophos endpoint and xg firewall to telegram?

I have months with this alerts and i dont know how to clean them, my Sophos Firewall is updated at this date.

Hi friends, Im trying to set an alert to show to the user "go to this site is not the best but, you can go, clic on continue" or something like, but instead of that it only shows a NET::ERR_CERT_AUTHORITY_INVALID on chrome. Does anybody know if i can…

Hallo zusammen, nach erfolgloser Suche im Forum habe ich mich entschlossen einmal eine Frage zu formulieren. Es ist eine Sophos im Einsatz (9.506.2) auf der sich etwa 75 Regeln befinden die verschiedene Dinge erlauben. Alle Regeln werden geloggt…

Hi, since I am using XG, I'am getting always IPS alerts, and I am concerned about, because I don't know the reason of these alerts. Are IPS alerts a alert about accessing websites with vulnerabilities or outdated software, or means an IPS alert…

Hi there, We have 15 XG appliances we manage with SCFM, but for some reason, one of them constantly disconnects and reconnects to the SCFM. The client's internet does not drop, but every couple of minutes, we receive a notification from SCFM saying…

Hi there, We have roughly 20 XG units in our Central Firewall Manager. All are showing online, all are sync'd, and all show correct licensing information, however, every so often the SCFM send us an alert saying that all 20~ of our XG units will expire…