This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I disable remote access to my UTM 9?

We recently failed our PCI compliance scan.  The culprit seems to be our UTM 9's ability to be accessed remotely.  How do I disable the remote access from the internet on this equipment.  I'm not a tech guy. Please explain as if I'm 5 years old!

This thread was automatically locked due to age.
  • Hi, Ron, and welcome to the UTM Community!

    You can disable the various methods in 'Remote Access'.  It's straightforward, so you shouldn't have any trouble.

    That's an unusual PCI outcome.  What does your reseller have to say about this situation?

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Ron,

    PCI compliance check has to be done with approved scanning vendors by PCI security standards council to comply with the latest PCI framework requirement. Hence non-approved external PCI scanners may not comply with PCI framework due to their lack of testing against known CVE in the deployed Sophos UTM. 

    If you ar looking for what CVEs have been fixed then you can find them in the release note in the blog section of the UTM forum.

    To see a list of approved scanning vendors refer the link below:

    To disable the remote access, simply turn off the configured remote access policies which should do the job.

    Thank You

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Ron Bachman said:

    Please explain as if I'm 5 years old!

    Hi Ron,

    In case remote access means remote administration, here are some pictures how to disable SSH and Rest API and restrict Webadmin acces to the Admin Station:

    It they mean Client-to-site (Remote Access) VPN then you should disable all VPN Profiles in all subsections under "Remote access" until the dashboard shows in "Current System Configuration" a red icon in front of "Remote Access".


    Good luck!



    Sophos Certified Architect (UTM + XG)