Sophos UTM 9.5 released!

Sophos released the new major update 9.5 for the UTM. The most wanted feature “Let’s Encrypt integration” will probably implemented in 9.6. Major features: Sophos Sandstorm Enhancements Datacenter location selection option for Sophos Sandstorm without relying on DNS based location detection Sandstorm activity reporting expanded to include email attachments for improved visibility Scan exceptions for Sophos … Read more

Ekahau Site Survey 8.7.1 released!

Change Log Version 8.7.1 New features: Access Point selection box can now be quick-searched and the most recently used access points are remembered Added new regulatory domains for Asian region: China, Singapore and New Zealand. Greetings from Ekahau team from halfway around the globe! Improvements: Ekahau Site Survey startup time has been optimized by about … Read more

Building up a Cisco mobility express environment

First, order a new PoE+ Injector with 30 Watt output (IEEE 802.3at) -.- after some hours, not seeing the SSID, I figured out that the new 2800 and 3800 access points won’t start their radio-interfaces if the AP doesn’t get enough power. You can convert any controller-based access point to a “configurable” (formerly (autonomous) by changing … Read more

Cisco Telnet hack available :)

Ok… cracking is bad… but enabling telnet is worse! “Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing “Vault 7” — a roughly 8,761 documents and files leaked by … Read more

Ekahau Site Survey version 8.7.0 released!

Ekahau released a new version of their brilliant site survey tool. You can find the download here. Changelog Version 8.7.0 Copy & paste Wi-Fi planning (predictive design) elements: APs, walls, floor alignment points, etc. Adjust heatmap opacity to make the floor plan more visible Quick AP coverage toggling Selecting an access point on the map … Read more

Using 40GE QSFP to 4x 10GE SFP+ splitter cable

Today I was very frustrated when I connect a 40GE QSFP to 4x 10GE SFP+ splitter cable to a HPE FlexFabric 5700 48G 4XG 2QSFP+ switch (JG894A). I received the following message: [HPE]%Jan 8 19:02:19:652 2011 HPE OPTMOD/4/MODULE_IN: FortyGigE1/0/54: The transceiver is STACK_QSFP_PLUS_4SFP_PLUS. [HPE]%Jan 8 19:02:50:826 2011 HPE OPTMOD/3/TYPE_ERR: FortyGigE1/0/54: Transceiver type not supported! First reaction: … Read more

New hardware exposed: The SOPHOS64!

Sophos released their new hardware SOPHOS64 with 64-Bit technology! No… just kidding 😀 I transformed an old Nintendo 64 to a case for my UTM hardware: I needed to grind a screwdriver to release the screws: Hardware from 1996 :-> I bend the CPU cooler from my Intel BLKD2500CCE board to fit in the case: Washing the … Read more

Allowing WhatsApp and FaceTime via Firewall-Rules

In an environment with granular firewall rules for accessing the internet, WhatsApp and FaceTime ports need to be opened to work properly. Use “:” within Sophos UTM service definitions for portranges. Here are the ports: WhatsApp TCP 4244 TCP 5222 TCP 5223 TCP 5228 TCP 5242 UDP 3478 UDP 45395 TCP/UDP 50318 TCP/UDP 59234 FaceTime TCP 5223 UDP 3478-3497 … Read more