We’ve created a comprehensive library of “How To” videos, including a series of Getting Started and Networking videos, to help you get the most out of your XG Firewall.
Today, I’d like to share a short Getting Started video that walks you through how to keep your XG Firewall firmware up to date, as well as how to roll back to a previous firmware version if necessary.
Sophos SG 105(w) Pdf User Manuals. View online or download Sophos SG 105(w) Quick Start Manual. Find answers to your questions by searching across our knowledgebase, community, technical documentation and video tutorials. Welcome to Buy-Sophos from Utilize – Antivirus and Endpoint Security Made Simple. Welcome to Sophos from Utilize, the IT Security Experts. We are a trusted, multi-award winning Sophos Gold Partner with Sophos-trained engineers who are expert in implementing Sophos Antivirus Security products.
In this video, we’ll show you how to:
- Find out when a new firmware update is available
- Navigate to the firmware update screen
- Download and install the firmware update
- Verify the new firmware is applied after reboot
- Download and install the firmware update manually from MySophos
- Restore a previous firmware version
You can watch the entire Getting Started video series on the Sophos Products YouTube channel. And you can check out all the posts in this XG Firewall “How To” series on the Sophos Blog.
XG Firewall – Learn more
Read these other blog posts to learn about the many innovations in Sophos XG Firewall:
Bemerkungen
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade
Features
WAF Enhancements
WAF URL Redirection gives you the ability to redirect traffic for a WAF protected URL to a different backend system or URL.
Configure minimum allowed TLS version to improve security.
WAF protection and authentication policy templates were added for common Microsoft services for protection and authentication.
True File Type Scanning to be able to block uploads based on MIME type.
WAF Proxy Protocol Support to use the client IP info inside the ProxyProtocol header to make policy decisions and improve logging.
Sophos Sandstorm
Sg105e Firmware
Datacenter location selection for Sophos Sandstorm without relying on DNS based location detection.
Sg 105 White Pill
Scan exceptions for Sophos Sandstorm to exclude specific filetypes from being sent to Sophos Sandstorm analysis.
REST API
Burn dvd mac app. RESTful API to configure Sophos UTM 9.
Base System
Certificate Expiration Notification 30 days before expiration date via WebAdmin and e-Mail to be able to react early on certificate renewal.
Support Access with SSH is extending the existing Support Access feature.
Easily manage the contents of your storage account with Azure Storage Explorer. Upload, download, and manage blobs, files, queues, tables, and Cosmos DB entities. Gain easy access to manage your virtual machine disks. Work with either Azure Resource Manager or classic storage. Optimize your Azure storage management. Upload, download, and manage Azure blobs, files, queues, and tables, as well as Azure Cosmos DB and Azure Data Lake Storage entities. Easily access virtual machine disks, and work with either Azure Resource Manager or classic storage accounts. Manage and configure cross-origin resource sharing rules. Easily manage the contents of your storage account with Azure Storage Explorer. Upload, download, and manage blobs, files, queues, tables, and Cosmos DB entities. Gain easy access to manage your virtual machine disks. Work with either Azure Resource Manager or classic storage accounts, plus manage and configure cross-origin resource sharing (CORS) rules. microsoft/AzureStorageExplorer.
64-bit PostgreSQL Database to generate reports with big datasets faster. Existing database can be migrated (manually) without loosing any data.
SNMP Monitoring of full filesystem to integrate UTM filesystem monitoring in regular SNMP based monitoring solutions.
Download all UTM logs in a single archive.
Bugfixes
- NUTM-6646: [AWS] REST API panic when unlocking unlocked mutex
- NUTM-6657: [AWS] Configure AWS profiles via WebAdmin
- NUTM-6696: [AWS] Configure CloudWatch support via WebAdmin
- NUTM-6708: [AWS] Cloud update not working with conversion deployments
- NUTM-6814: [AWS] Rest API is accessible with default password if basic setup has not completed
- NUTM-6887: [AWS] REST API panic when inserting into node which is not of type array
- NUTM-7032: [AWS] SignalException not handled for SecurityGroupsManagement#update
- NUTM-7055: [AWS] queen_configuration_management / aws_resource_management SIGUSR1 handling
- NUTM-7056: [AWS] LocalJumpError
- NUTM-7057: [AWS] aws_set_sd_check AWS::EC2::Errors::RequestLimitExceeded
- NUTM-7061: [AWS] Connection refused - connect(2) for 'localhost' port 4472
- NUTM-3194: [Access & Identity] incorrect SSH logins trigger backend authentication requests
- NUTM-3222: [Access & Identity] RED10/50: DNS port open on WAN interfaces
- NUTM-3260: [Access & Identity] User Portal - IPsec Windows Support
- NUTM-4149: [Access & Identity] [RED] Use Sophos NTP pool servers
- NUTM-4323: [Access & Identity] NULL pointer deref in red_nl_cmd_tunnel_dump
- NUTM-4705: [Access & Identity] Don't use DNS server from the RED branch as an ISP forwarder
- NUTM-4852: [Access & Identity] [RED] flock() on closed filehandle $fhi at /</var/confd/confd.plx>Object/itfhw/red_server.pm line 563.
- NUTM-4994: [Access & Identity] STAS creates users even if automatic user creation is disabled
- NUTM-5134: [Access & Identity] [OTP] User Portal should recommend Sophos Authenticator
- NUTM-5925: [Access & Identity] [RED] prevent configuration for VLAN for Split modes
- NUTM-6387: [Access & Identity] HTML5 VNC connection not disconnecting
- NUTM-6641: [Access & Identity] [OTP] user can select algorithm for automatic tokens
- NUTM-6668: [Access & Identity] [IPsec] L2TP/Cisco policy changes do not update ipsec.conf
- NUTM-6749: [Access & Identity] RED15w does not send split DNS traffic over RED tunnel
- NUTM-5965: [Basesystem] Sensors command on SG125w doesn't show hardware fan RPM
- NUTM-6468: [Basesystem] BIND Security update (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444)
- NUTM-6718: [Basesystem] Update NTP to 4.2.8p9
- NUTM-6846: [Basesystem] Linux kernel: ip6_gre: invalid reads in ip6gre_err() (CVE-2017-5897)
- NUTM-6847 : [Basesystem] BIND Security update (CVE-2017-3135)
- NUTM-6902: [Basesystem] Linux kernel: ipv4 keep skb->dst around in presence of IP options (CVE-2017-5970)
- NUTM-7048: [Basesystem] Implement software workaround for Intel CPUs
- NUTM-7067: [Basesystem] Update OpenSSH to openssh-6.6p1
- NUTM-7370: [Basesystem] Bootsplash still shows 9.4 instead of 9.5
- NUTM-7653 : [Basesystem] Internal SSL certification verification broken
- NUTM-5658: [Confd] Stripped restore unaccessable if default internal interface is removed
- NUTM-3062: [Email] Mails From mail spool gets quarantined because of '500 Max connection limit reached' in cssd
- NUTM-4753: [Email] Support recipient verification with multiple AD servers
- NUTM-5350: [Email] Per user blacklist does not apply until smtp service restarts
- NUTM-5823: [Email] Scanner timeout or deadlock for all mails with a .scn attachment
- NUTM-5892: [Email] SMTP Exception doesn't allow '&' sign within the email address
- NUTM-6135: [Email] DLP custom expression doesn't get triggered if the email body contains certain strings
- NUTM-6355: [Email] Email not blocked with expression list
- NUTM-4474: [Kernel] Kernel panic - not syncing: Fatal exception in interrupt
- NUTM-6358: [Kernel] Kernel: unable to handle kernel NULL pointer dereference at 0000000000000018
- NUTM-4969: [Network] Uplink does not recover from error state
- NUTM-5314: [Network] 10gb SFP+ flexi module interface fails when under load
- NUTM-5428: [Network] Bridge interface can not acquire Dynamic IPv6 address correctly. This interface repeats up/down.
- NUTM-5831: [Network] Changing static IP on interface does not take effect immediately
- NUTM-5861: [Network] IPv4 static address gets deleted from confd (and WebAdmin) once IPv6 on the same interface fails to obtain dynamic address
- NUTM-6077: [Network] Static route on bridge interface disappears after rebooting the UTM
- NUTM-6807: [Network] SSL VPN not being redistributed into OSPF
- NUTM-6901: [Network] Eth0 is removed while configuring bridge interface
- NUTM-2420: [WAF] Remove session management from basic authentication
- NUTM-5603: [WAF] Issue with expired lifetime of WAF connections without any hint
- NUTM-5628: [WAF] WAF - Provide import and export options for HTTPS domain list
- NUTM-5640: [WAF] GUI issue when adding wildcard certificate into Virtual Webservers
- NUTM-6156: [WAF] UTM still fails scan for CVE-2016-2183 (SWEET32) after update to 9.408
- NUTM-6294: [WAF] WAF - Naming collisions for default profiles
- NUTM-6522: [WebAdmin] SMC Test failed after Settings are applied
- NUTM-6788: [WebAdmin] Add support for SG105W, SG135W and SG230 in WebAdmin
- NUTM-7337: [WebAdmin] Fix appliance picture for SG105w N9
- NUTM-6467: [Web] FTP connection fails when using transparent FTP Proxy
- NUTM-6732: [Web] Certificate issue with transparent Web Proxy - 'unable to get local issuer certificate'
- NUTM-6876: [Web] Remove insecure RC4 from default cipher list for Web Protection HTTPS scanning on upgrade to 9.5 or restore of pre-9.5 backup
- NUTM-7586: [Web] Chrome v58 and higher fail verification with HTTPS scanning enabled
- NUTM-5638: [WiFi] RED15w - integrated AP isn't shown as pending in transparent / split mode
- NUTM-5786: [WiFi] RED15w - if more then one SSID is configured only one is working correctly
- NUTM-6215: [WiFi] Issue when roaming between wireless with some clients
- NUTM-6335: [WiFi] VLAN fallback not working for integrated AP from RED15w
- NUTM-6448: [WiFi] AP55 stuck as inactive
- NUTM-6511: [WiFi] AP does not get IP address on 100 Mbit ethernet link