XG Firewall v18 Maintenance Release 4 (MR4) is packed with enhancements to performance, security, reliability and the management experience. XG Firewall MR4 also enables great new Sophos Central Management capabilities.
New Sophos Central Enhancements:
Sophos Central Firewall Manager (CFM) provides comprehensive central management of Sophos Firewalls to Sophos Partners. With a range of features, CFM simplifies security management for actions like rapid deployment of organization-wide security policies and updates for better protection of dispersed networks, offering benefits of. Imagine lennon guitar pro. Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here. Sophos Central Firewall Manager (CFM) provides comprehensive central management of Sophos Firewalls to Sophos Partners. With a range of features, CFM simplifies security management for actions like rapid deployment of organization-wide security policies and updates for better protection of dispersed networks, offering benefits of. Jun 04, 2020 Note: For the article that outlines the remediation steps for Sophos Firewall Manager. Please visit: 135429 Overview This article outlines the remediation steps for any XG Firewall with a severed connection to Central Firewall Manager (CFM).
- New Partner Dashboard enabling Sophos partners to do group policy management across their customer base – make a change once and have it automatically replicate across multiple firewalls
- New Group Policy Import enables one firewall to define the group policy during group setup making it easy to migrate from legacy CFM or SFM platforms
- Scheduled Firmware Updates enables MR4 to be the first firmware you schedule using this new option
- Full HA Support enabling easier management and improved fail-over support
With legacy SFM and CFM platforms coming to end of life soon, Sophos Central provides the ultimate platform for managing all your firewalls moving forward. If you haven’t already, now is the time to switch.
Enhancements in XG Firewall v18 MR4:
High Availability:
- Improved FastPath performance for Active-Passive pairs
- HA support in Amazon Web Services using the AWS Transit Gateway (coming soon to the AWS marketplace)
- Improved high availability setup and upgrades
VPN Enhancements:
- New advanced options for IPSec remote access (replacing scadmin)
- Sophos Connect VPN client downloads now available from the user portal
- Enforcement of TLS 1.2 for SSL VPN on site-to-site and remote-access connections
Security Enhancements:
- Stronger password hash – which will prompt you to change your password when upgrading to take full advantage of this important feature (see prompt below)
- Web Filtering – Websites that are identified as containing child sexual abuse content by the Internet Watch Foundation (IWF) will be automatically blocked when any web filtering is enabled. See http://www.iwf.co.uk for more information on the IWF.
- Cloud Optix integration – Cloud Optix is now XG Firewall aware enabling the two solutions to work better together (full details).
- Synchronized Application Control – a new option will automatically clean up discovered apps that are over a month old
- Authentication – users can now be created for RADIUS using UPN format
Be sure to take advantage of the new secure password hash system by resetting your admin password when prompted.
Full Release Notes
Full release notes are available on the XG Firewall Community Blog.
Upgrade as soon as possible
While we always encourage you to keep your firewalls up to date with the latest firmware, over the next few months we are recommending you rapidly apply maintenance releases to ensure you have all the important security, performance, and feature enhancements applied as soon as possible.
Music recorders for mac. Also ensure you have automatic pattern updates enabled so that you can be assured you have the latest protection updates.
XG Firewall v18 MR4 is an easy and fully supported upgrade from XG Firewall v17.5 MR6+ (including the latest MR15 release). Please refer to the upgrade matrix for more details.
How to get it
As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled out automatically to all systems over the coming weeks, but you can access the firmware anytime to do a manual update through the Licensing Portal. Please refer to the documentation for more information on how to apply firmware updates.
Learning more about upgrading to XG Firewall v18
And if you still haven’t upgraded to v18, or are still exploring many of the new features, be sure to take advantage of all the resources available, including the recent “Making the Most of XG Firewall v18” article series that covers all the great new capabilities in XG Firewall v18:
Also check out our new and improved Sophos Community XG Firewall home page! Subscribe to the XG Blog for the latest news and releases, get expert answers to your technical questions, and find useful Community-created content in our “Recommended Reads” section!
Sophos Cfm Software
We are pleased to announce the availability of new firmware for your XG installations. XG 17.5 gets a new maintenance release – XG17.5 MR15. As well as several bug fixes, this also brings enhanced security to the administrative and sensitive data store areas of the appliance. The biggest change is the introduction of a secure storage master key or SSMK. This key provides extra protection for the account details stored on the XG Firewall and encrypts sensitive information, such as passwords, secrets, and keys, preventing unauthorized access. The accounts have access to services, such as directory services, email servers, FTP servers, and proxies. They also include user accounts stored on the XG Firewall. As part of this change, we are introducing secure encryption for storing admin password hash. The admin (default administration account) will be asked to change their password, and whilst this is optional, it is highly recommended. Also, password complexity rules have been enabled for all passwords.
XG V18 benefits from all these enhancements but also receives extra attention with X18 MR4. This release brings enhancements to performance, security, reliability and the management experience. XG Firewall MR4 also enables great new Sophos Central Management capabilities, which is where we’ll begin:
Sophos Cfm Incompatible
New Sophos Central Enhancements:
- New Partner Dashboard facilitating group policy management across the customer base – make a change once and have it automatically replicated across multiple firewalls
- New Group Policy Import enables one firewall to define the group policy during group set up making it easy to migrate from legacy CFM or SFM platforms
- Scheduled Firmware Updates enables MR4 to be the first firmware you schedule using this new option
- Full HA Support enabling easier management and improved fail-over support
General Enhancements in XG Firewall v18 MR4:
High Availability
Sophos Cfm End Of Life
- Improved FastPath performance for Active-Passive pairs
- Full HA support in Amazon Web Services using the AWS Transit Gateway
- Improved high availability setup wizard and streamlined upgrade process
VPN Enhancements
- New advanced options for IPSec remote access (replaces scadmin)
- Sophos Connect VPN client downloads now available from the user portal (ideal for home workers to self-serve a VPN client)
- Enforcement of TLS 1.2 for SSL VPN on site-to-site and remote-access connections
Other Enhancements
- Web Filtering – Websites that are identified as containing child sexual abuse content by the Internet Watch Foundation (IWF) will be automatically blocked when any web filtering is enabled. See https://www.iwf.org.uk/ for more information on the IWF.
- Cloud Optix integration – Cloud Optix is now XG Firewall aware enabling the two solutions to work better together (full details).
- Synchronized Application Control – a new option will automatically clean up discovered apps that are over a month old.
These upgrades are available at no charge for all licensed XG customers and we encourage you to upgrade to the latest firmware as soon as practicable, especially in light of the included security enhancements.
Sophos Utm Cfm
Please refer to the Toad download for mac. upgrade matrix for more information.