This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Fireware Update

Hi TEam,


Can you please suggest here,

1.How to check the existing running  version in XG firewall?(Steps)

2.What is the downtime required if this is the older one ?

3. What is the impact of up gradation in existing policies or client affect?


This thread was automatically locked due to age.
  • Unconfirmed though official channels but unofficially it looks like the issue is related to SSH access from the WAN. If you turn off SSH access from the WAN (which you should anyway!) then it should mitigate the vulnerability. For reference, best practice is to turn off WAN access to the admin portal, SSH and/or any items you don't actively need (SSL VPN or User Portal asside). If you absolutely need access, try to lock it down to a specific ACL. 

    That said, still update your firmware or watch for the hotfix to be applied. The above will help mitigate, but is NOT a fix. 

  • Eesh people leave management open to  WAN? Ours is limited to ACL to our networks & Sophos CFM. 

  • What do you think you are also doing with Sophos central Management ?

    Paul Jr

  • CFM is also limited by ACL. Ours don't seem to talk unless we have an ACL in there. Has been that way since XG started.