This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM SG210 Behind a Third Party Firewall (Services/Servers to be opened) and Update of Firmware/Patterns

Hello,

             I have a Sophos UTM (SG210 WAF) behind a Firewall. I need to allow my Sophos UTM (WAF) to get the firmware/pattern updates in Firewall to access only required  servers/services.

Is there any documentation available in this regard?

 

I allowed everything and observed that the following servers/services are required for firmware/pattern updates. Can anybody confirm it?

 

  • Allow TCP Port 80 (HTTP) and 443 (HTTPS) for the following servers:

us1.utmu2d.sophos.com [54.214.16.252]

us2.utmu2d.sophos.com [107.21.214.248]

sg1.utmu2d.sophos.com [175.41.132.12]

eu1.utmu2d.sophos.com [79.125.21.244]

 

  • Allow TCP Port 80 (HTTP) for the following servers:    (Are these servers also from Sophos and why we need to allow this communication?)

[54.192.94.116]  server-54-192-94-116.fra2.r.cloudfront.net  Amazon.com, Inc. (AS16509)

[54.192.94.144]  server-54-192-94-144.fra2.r.cloudfront.net  Amazon.com, Inc. (AS16509)

[54.192.94.201]  server-54-192-94-201.fra2.r.cloudfront.net  Amazon.com, Inc. (AS16509)

 

  • Allow TCP/UDP Port 53 (DNS) for any local/global DNS servers for DNS resolution

 

  • Allow TCP Port 25 (SMTP) for any  Email servers if you want to receive notifications from Sophos Reverse Proxy regarding Firmware/Pattern updates through Email

 

Thanks in advance.

 

Asif

 



This thread was automatically locked due to age.