Easy migration to Sophos XG firewall

Sophos XG Entities.xml from a tar file

Migrating firewall systems between two different vendors can take a loooooooong time. In this case, I needed to migrate to a Sophos XG system. Most of the work is to reconfigure definitions like hosts-, network- and service-objects. There is a way, where you can import XML config files into the Sophos XG. We found this … Read more

ekahau Site Survey 10.x released!

In my opinion, ekahau Site Survey is the best survey utility for WLAN planing and onsite surveys. Of course, not everything is perfect but they are near to 100%. I’m working with ekahau since many years and have seen many changes. I can recommend this to everyone. Ekahau also offers a light product called “HeatMapper” … Read more

VLAN based QoS on a HPE comware Switch

Good afternoon my fellows! There are many ways to configure quality of service (QoS) on a switch. First we need to classify what we want to be on a higher priority. You can classify an access-list, vendor-mac-addresses or just everything/any. In my case I wanted to prioritize a whole VLAN (ID 17 in my case). … Read more

Sophos UTM 9.601 update released

Note WAF: TLS session tickets facilitate clients to speed up repeated TLS handshakes by re-using certain cipher parameters. This re-use of cipher parameters can cause encrypted connections to be less secure by impacting their perfect forward secrecy. To improve the overall security of the product, TLS session tickets are no longer enabled by the WAF. … Read more

WLAN with 802.1x Radius/NPS Authentication

Good day everyone! If you want/have to implement wireless networks in companies you need to secure them more than your home WLAN. In this case, you need to use a radius server for this (so called WPA-Enterprise or WPA2-Enterprise Authentication with Protected EAP. I will use a Microsoft NPS (network policy server) on a Microsoft … Read more

Sophos XG v17.5 released

What’s New in XG Firewall v17.5 Here’s a quick overview of the key new features in v17.5. For a more detailed description please refer to: Sophos-XG-firewall-v17.5-whats-new.pdf   Lateral Movement Protection Lateral Movement Protection extends our Security Heartbeat automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same … Read more

Sophos UTM 9.6 update released

What’s new in UTM 9.6?   ATP: New Advanced Threat Protection Library Better performance and protection Certificates: Let’s Encrypt Integration Generate and renew Let’s Encrypt certificates from within UTM Generated certificates can be used in all UTM components RED: Unified RED Firmware Better 3G/4G Support Sandstorm: Manual File Submission Allows an admin to upload a … Read more