The new update is available and fixes the SSL vulnerability: News Security Release Disable SSLv3 support in many services to remove vulnerability to SSLv3 protocol vulnerability (“POODLE”, CVE-2014-3566) Improve Up2Date client support for staged rollout of 9.3 Updating to 9.209 will be required to be able to download the 9.2 to 9.3 Up2Date. Information System … Read moreSophos UTM Update 9.209-8 (bugfix for SSL v3 vulnerability)
The SSL v3.0 CBC (Poodle) vulnerability does affect the Sophos UTM appliance. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the “POODLE” issue. So there must be an attacker who needs … Read moreThe SSL v3.0 CBC (Poodle) vulnerability and recommended steps
Together we reached 100.000 visitors from all over the world! I want to thank everyone of you for writing positive comments and supporting this blog! This made me proud and (of course) I will keep going on 🙂
When you have a good coverage of your wifi environment, you can optimise it by disabling lower data rates. Management Frames will be sent at the lowest given mandatory rate, this slows down your whole wifi network within the cells. The default entry for this is 1 Mbps (2.4 GHz). Here are some facts from … Read moreCisco WLC Aironet Best Practise on data rates
/edit: Sizing Guide 9.3 here! The new sizing guideline for the Sophos UTM 9.2+ SG series is out now! !!! Updated to the new SG series from SG 105-650 !!!
Sophos announced the new SG models 105, 115 and 550, 660. They also published information about the new access points. AP15 and AP100. The AP 100 fulfils the 802.11ac standard. The SG 1xx w series has built in 802.11ac WiFi! With the new software version 9.3, Sophos implement consolidated reports call “iView” which is, as I think, … Read moreNew Sophos SG appliances available!