Tejas Kashyap

Sophos ZTNA Updates

Sophos ZTNA v2.1.2 is a maintenance release with enhancements to ZTNA settings and bug fixes.

This release will be available for ZTNA gateways deployed on VMware ESXi and Hyper-V servers. Customers with Sophos firewalls acting as gateways do not need to take any action, as the changes will be applied automatically.

ZTNA Settings enhancements

  1. Agent tunnel inactivity timeout: You can now set an inactivity timeout for the tunnel between the ZTNA agent and the ZTNA gateway. If there is no activity for a specific time, the tunnel is automatically closed. When traffic resumes, the tunnel is re-established. The default value is 5 minutes.

  2. Resource connection pooling: Connection pooling for NTLM-based resources is turned on by default on the ZTNA gateway. Turn this option off if you have agentless resources that use NTLM or similar authentication protocols.


Bug Fixes

Issue Key

Summary

NZT-6745

Test Connection fails when the user provides "First Name Last name" during on-premises AD configuration.

NZT-7152

New ZTNA agent registrations were causing existing agents to lose connectivity intermittently.

How to get the updates

The gateway image updates are available from Sophos Central. There is no need to update your ZTNA agents. 

  1. On Sophos Central, navigate to the gateways page and notice an indication that an image update is available. This notification is only seen on gateways hosted on ESXi and Hyper-V platforms. 

  1. You can either initiate the upgrade immediately or schedule the upgrade for later.

  2. After the upgrade and the gateway is back to "Active," verify on the gateway’s diagnostics console that all the tests pass. 

Documentation

The latest online documentation is here, and the updated known issues list can be found here.

Get Started with ZTNA for Free

If you’re not already using Sophos ZTNA, you can get started for Free. There’s a free trial available via Sophos Central, and if you’re already a Sophos Firewall customer, you can get three free one-year licenses and take advantage of the ZTNA gateway integrated into your firewall.

 Check out the Deployment Checklist for other considerations when deploying ZTNA and the latest online documentation.

    Unfiltered HTML