Sophos Cfm



  1. New Group Policy Import makes switching to Sophos Central from CFM or SFM quick and easy. With legacy SFM and CFM platforms coming to end of life soon, Sophos Central provides the ultimate platform for managing all your firewalls moving forward. If you haven’t already, now is the time to switch. Enhancements in XG Firewall v18 MR4: High.
  2. This video is an overview of using CFM/SFM to manage your XG Firewalls. We'll review the Dashboard, Settings, Devcic Configuration and Templates.
  3. Quick Reference. Domain: us-e1.cfm.sophos.com; Use settings from photo below. Applicable Version: 15.01.0 onwards. Feature Description. Sophos Firewall Devices can be monitored and managed with the help of Sophos Firewall Manager (SFM).
  4. Jul 09, 2020 CFM upgrade in April 2019 didn’t support device level management, group management, and template management for SFOS v17 and SFOS v17.1, SFOSv17.5 and SFOSv18.0 Compatibility guide for Central Firewall Manager and Sophos XG Firewall.

Hi XG Community! We’ve finished CFM v17.1.0 GA. What’s New Key Features Shadow IT management across firewalls Improved alerting contents Comprehensive management of all features available in Sophos XG Firewall v17.1 Enhancements Added additional Settings to Authentication Servers - RADIUS Server Shadow IT discovery support Configurable SSL VPN port Allow user to edit rule while double.

XG Firewall v18 Maintenance Release 4 (MR4) is packed with enhancements to performance, security, reliability and the management experience. XG Firewall MR4 also enables great new Sophos Central Management capabilities.

New Sophos Central Enhancements:

  • New Partner Dashboard enabling Sophos partners to do group policy management across their customer base – make a change once and have it automatically replicate across multiple firewalls
  • New Group Policy Import enables one firewall to define the group policy during group setup making it easy to migrate from legacy CFM or SFM platforms
  • Scheduled Firmware Updates enables MR4 to be the first firmware you schedule using this new option
  • Full HA Support enabling easier management and improved fail-over support

With legacy SFM and CFM platforms coming to end of life soon, Sophos Central provides the ultimate platform for managing all your firewalls moving forward. If you haven’t already, now is the time to switch.

Cfm

Enhancements in XG Firewall v18 MR4:

High Availability:

  • Improved FastPath performance for Active-Passive pairs
  • HA support in Amazon Web Services using the AWS Transit Gateway (coming soon to the AWS marketplace)
  • Improved high availability setup and upgrades

VPN Enhancements:

  • New advanced options for IPSec remote access (replacing scadmin)
  • Sophos Connect VPN client downloads now available from the user portal
  • Enforcement of TLS 1.2 for SSL VPN on site-to-site and remote-access connections

Security Enhancements:

  • Stronger password hash – which will prompt you to change your password when upgrading to take full advantage of this important feature (see prompt below)
  • Web Filtering – Websites that are identified as containing child sexual abuse content by the Internet Watch Foundation (IWF) will be automatically blocked when any web filtering is enabled. See http://www.iwf.co.uk for more information on the IWF.
  • Cloud Optix integration – Cloud Optix is now XG Firewall aware enabling the two solutions to work better together (full details).
  • Synchronized Application Control – a new option will automatically clean up discovered apps that are over a month old
  • Authentication – users can now be created for RADIUS using UPN format

Be sure to take advantage of the new secure password hash system by resetting your admin password when prompted.

Sophos cfm

Full Release Notes

Full release notes are available on the XG Firewall Community Blog.

Upgrade as soon as possible

While we always encourage you to keep your firewalls up to date with the latest firmware, over the next few months we are recommending you rapidly apply maintenance releases to ensure you have all the important security, performance, and feature enhancements applied as soon as possible.

Also ensure you have automatic pattern updates enabled so that you can be assured you have the latest protection updates.

XG Firewall v18 MR4 is an easy and fully supported upgrade from XG Firewall v17.5 MR6+ (including the latest MR15 release). Please refer to the upgrade matrix for more details.

How to get it

As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through the Licensing Portal. Please refer to the documentation for more information on how to apply firmware updates.

Learning more about upgrading to XG Firewall v18

And if you still haven’t upgraded to v18, or are still exploring many of the new features, be sure to take advantage of all the resources available, including the recent “Making the Most of XG Firewall v18” article series that covers all the great new capabilities in XG Firewall v18:

Also check out our new and improved Sophos Community XG Firewall home page! Subscribe to the XG Blog for the latest news and releases, get expert answers to your technical questions, and find useful Community-created content in our “Recommended Reads” section!

XG Firewall’s integration with Sophos Central gets a major boost with some exciting enhancements for managing multiple firewalls easily. And for the first time, it provides convenient access to firewall reporting in the cloud.

All XG Firewall partners and customers have access to these new capabilities at no extra charge. Simply log in to your Sophos Central account and add your firewalls to get started. It couldn’t be any easier.

Group Policy Management

Sophos Cfm

If you’re managing multiple firewalls, you will love the new group firewall management features in Sophos Central. These will make your life vastly easier, dramatically reducing the time it takes to roll out changes across multiple firewalls.

Firewalls can be easily added to custom groups and take advantage of the new group policy tools to make changes to objects, policies, rules, or configuration items and have the system automatically roll those changes out to all firewalls in the group.

A comprehensive task queue monitors and audits all changes in real time or historically.

These features add to the growing list of convenient XG Firewall management tools available in Sophos Central:

  • Group firewall management (new – with support for XG Firewall v18)
  • Zero-touch deployment from Sophos Central (via a USB flash drive)
  • Configuration backup storage and management
  • One-click firmware updates
  • Secure single-sign-on (SSO) device access
  • Dashboard and alert status

And of course, with Sophos Central, customers have one console to manage all their Sophos cybersecurity products. They have a single pane of glass covering all their firewall management needs, as well as Intercept X for endpoints, servers, and mobile devices, and so much more.

Central Firewall Reporting

New Firewall Reporting in Sophos Central provides deep insights into network security and activity. You no longer need to dive into each firewall device to find the information you seek. XG Firewall now shares log data directly with Sophos Central and provides flexible reporting tools enabling you to monitor, visualize, and analyze network activity directly in Sophos Central.

Central Firewall Reporting enables you to create reports to fit their unique needs using one of the many pre-defined report templates and then customizing it. Here are some of the key features:

  • Up to seven days of historical reporting for free
  • Rich, granular data organized into easy-to-understand reports
  • Pre-defined out-of-the-box report templates
  • Flexible report table and charts allow you to customize each report
  • Report Dashboard provides an at-a-glance view from the XG Firewall for network operational health, policy control events, and all security-driven events
  • Visual representation of data displayed in graphical form
  • Search and retrieval of all log data from the XG Firewall
  • Support for XG Firewall integration into Sophos MTR Advanced

Getting started

All of this new functionality is rolling out to all Sophos Central accounts over the next few days. Customers or partners with a Sophos Central account and one or more XG Firewalls running v18 will have everything needed to get started. And if you don’t have a Sophos Central account, create one for free today to get started.

Adding firewalls into Sophos Central couldn’t be easier. On your XG Firewall, you simply need to navigate to the “Central Synchronization” screen via the main menu, enter your Sophos Central credentials, and turn on Sophos Central Services.

Beginning on March 5, when the connector is launched, Sophos Managed Threat Response Advanced customers with XG Firewall and Sophos Central Reporting enabled, will have their firewall automatically begin feeding ATP and IPS events to our MTR analysts to enhance threat hunting and investigations for their organization.

Central Management and Reporting FAQ for XG Firewall

Which XG Firewall firmware version do I need to take advantage of these new features?

Sophos

The new Sophos Central Group Management tools and Central Reporting require XG Firewall v18. Non-group firewall management is still supported for XG Firewall v17.5.

What’s next for Sophos Central?

As Sophos Central is a hosted cloud solution, we will be continuously rolling out additional new features and capabilities in the weeks and months ahead that will not require any additional firmware updates to the Firewall. You can expect new features for:

  • Nested group management
  • Scheduled firmware updates
  • Zero-touch deployment without a flash drive
  • New firewall reports, report scheduling, multi-device reporting and much more

Will there be “for pay” licenses in the future?

Software

Central Firewall Management will remain free for all Sophos XG Firewall customers and partners.

In the coming months we plan to introduce Central Firewall Reporting (CFR) Premium as an optional paid service that unlocks more capabilities and built-in report templates along with historical reporting up to one year. CFR Premium is designed for organizations with more connected devices that generate larger amounts of syslog data and want the flexibility to add storage capacity for extended historical reporting. We will announce the new licensing and pricing for this service closer to launch. But in the meantime, customers and partners can try out the free version to see the types of custom reports they’ll create and the insights they get into network activity. For more information, see the CFR web page on our website.

How does log retention and management work in Sophos Central?

Sophos Cfm Download

The syslog data from XG Firewall is stored in your Sophos Central account in the cloud. Data is added and removed on a FIFO (First In, First Out) basis. Therefore, once the storage capacity maximum is reached, newly added log data will replace the oldest data. The free version typically stores approximately seven days of log data (depending heavily on log volume). The Premium version will allow for more storage and longer historical reporting periods. Customers and partners can purchase as much as they need.

Is Central Reporting in real time?

There is a slight delay between the time log data is generated on-box and that data being integrated into Sophos Central Reporting. It can potentially take up to a few minutes for the latest data to be reflected in reports.

What about Sophos Firewall Manager (SFM), Cloud Firewall Manager (CFM), and iView?

SFM, CFM and iView are based on aging legacy platforms that are expensive to maintain. While both SFM and CFM will receive an update to provide essential support for v18, we expect this to be the last version of XG Firewall to be supported on these legacy platforms as we shift full investment into Sophos Central.

Sophos Central is our strategy moving forward for firewall reporting and management. It unlocks many other important capabilities for customers such as our Managed Threat Response service, execution against our Synchronized Security vision, better security integrations for our customers, better management workflows, and more.

Sophos partners and customers also love Sophos Central – and for good reasons. It offers an unmatched cloud management experience and a very robust, scalable platform for growth along with a design focused on saving valuable time, building in essential expertise, and providing the ultimate cybersecurity ecosystem. As many partners and customers have already done, we expect everyone to migrate to Sophos Central over the coming months.

Does Sophos Central Reporting replace on-box reporting?

Full on-box reporting for XG Firewall continues to be fully supported and free. It is a unique differentiator among other firewalls on the market.

Sophos Cfm Meter

What about on-premises management and reporting solutions?

Sophos Cfm Slow

Sophos Central is a tightly integrated cloud hosted (SaaS) solution designed to take full advantage of cloud platform infrastructure and cannot be readily adapted for on-premises operation.

For organizations that require on-premise solutions, XG Firewall supports the use of third-party tools such as Splunk, Logstash/Kibana, and others to store and process log data. XG Firewall provides an XML-based API combined with SNMP monitoring/alerting and email alerting, integration is possible with many other third-party network and firewall management consoles.

XG Firewall Resource Center

Sophos Cfm Pro

Get all the latest XG Firewall v18 information in our resource center on the Sophos Partner Portal, which is available only to Sophos Partners. If you are a registered partner and have trouble logging in, please contact customercare@sophos.com.