Sophos UTM how to install a virtual home firewall under ubuntu via KVM

Hello guys! today I will tell you how I configured my home server for a virtual Sophos UTM. All configurations in ubuntu can also be used for a virtual Sophos XG. In this article I assume that Ubuntu and virt manager are installed. The following link deals with the basic configuration of virt manager under … Read more

Sophos XG how to secure VMware Horizon via WAF

Hello guys!   I had the task to secure VMware Horizon via the Sophos XG WAF. In this example we have a VMware Horizon server with the IP 192.168.100.20. The Sophos XG DMZ interface has the IP 192.168.100.1. The following steps were necessary: Create a new Webserver definition For a better searce. I write Host … Read more

Sophos XG/UTM Home Edition

Sophos XG SG UTM Firewall Home Edition

Hello again! Some days ago I talked to a Sophos employee and he founds out that I am the Network Guy and he said that I need to update my recommended hardware for the home edition deployment of the Sophos XG and Sophos UTM Home Edition. Also some of my followers wanted it also, so … Read more

Easy migration to Sophos XG firewall

Sophos XG Entities.xml from a tar file

Migrating firewall systems between two different vendors can take a loooooooong time. In this case, I needed to migrate to a Sophos XG system. Most of the work is to reconfigure definitions like hosts-, network- and service-objects. There is a way, where you can import XML config files into the Sophos XG. We found this … Read more

Sophos XG v17.5 released

What’s New in XG Firewall v17.5 Here’s a quick overview of the key new features in v17.5. For a more detailed description please refer to: Sophos-XG-firewall-v17.5-whats-new.pdf   Lateral Movement Protection Lateral Movement Protection extends our Security Heartbeat automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same … Read more

Sophos XG – SFOS 17.1.0 GA Released

What’s New Check out all the enhancements in XG Firewall v17.1 including the new Cloud Application Visibility feature in our XG Firewall v17.1 demo video. Cloud App Visibility – brings the visibility pillar of CASB to XG Firewall, providing quick and easy Shadow IT discovery and visibility into data that may be at risk in cloud applications with … Read more

High availability with Sophos XG

High availability with Sophos UTM was very easy: You need to plug in an ethernet cable at the “HA” labeled port between both devices, that’s all. At the XG, you need to configure it manually. I’m using two Sophos XG 125 Rev.3 devices. We will built HA between “Port8”. Actually the new Sophos devices are … Read more

Install Sophos XG from USB Stick

Some years ago, I wrote an article about installing Sophos UTM with an USB stick. Now it’s time for XG 😉 First, I had a problem creating the stick with Rufus. The decive couldn’t boot from the usb device: Starting Firmware Installation Failed getting ISO disk press y to reboot than I tried the DD … Read more

How to update Sophos XG firmware

Hello networkguys! Today I want to show you how to successful update the XG firewall. You can check your status directly after your login on the dashboard: at first step, create a local backup file and download it to your computer: you can download the new firmware at the Sophos Portal. If you have a … Read more

Webproxy exceptions for Grand Theft Auto

GTA has problems while updating through a Sophos UTM/XG webproxy. Thanks to Phillips work, here is the list of the exceptions: ^https?://[A-Za-z0-9.-]*\.patches\.rockstargames\.com/ ^https?://[A-Za-z0-9.-]*\.prod\.ros.\.rockstargames\.com/ ^https?://[A-Za-z0-9.-]*\.device-metrics-us\.amazon\.com/ ^https?://[A-Za-z0-9.-]*\.cdn\.edgecast\.steamstatic\.com/ ^https?://[A-Za-z0-9.-]*\.master\.mta-v\.net ^https?://[A-Za-z0-9.-]*\.dsp\.mp\.microsoft\.com/ ^https?://[A-Za-z0-9.-]*\.mta-v\.net/ ^https?://[A-Za-z0-9.-]*\.rockstargames\.com/ ^https?://[A-Za-z0-9.-]*\.steamcommunity-a\.akamaihd\.net/ ^https?://[A-Za-z0-9.-]*\.steampowered\.com/ ^https?://[A-Za-z0-9.-]*\.google-analytics\.com/ ^https?://[A-Za-z0-9.-]*\.g\.doubleclick\.net/ ^https?://[A-Za-z0-9.-]*192\.81\.241\.100/ ^https?://[A-Za-z0-9.-]*\.akamaihd\.net/ ^https?://[A-Za-z0-9.-]*52\.95\.112\.20/ happy shooting! 🙂